As the person who led the JavaSoft team that developed the Java security
technology discussed in this book, it is extremely gratifying to see people
spend their precious time writing about our technology and products. Every
engineer’s dream is to have his or her technology deployed and used by
thousands of others, and this book is a great help to Java developers who
write security-aware applications.
Security is a difficult subject to write about. On the one hand, security is in
people’s daily consciousness so that it appears easy to get across (to the
reader) some of the basic concepts. On the other hand, security applied to
computer and networking is often subtle and unexpected. Security also is
pervasive in that it touches all aspects of the computing technology, including
hardware, software, operating system, software libraries, communication
software, networking infrastructure, application software, user interface, and
management software. In order to understand security in any situation, one
has to understand the entire system under consideration as well as each
individual component so that one can identity their strengths and weaknesses
and design the appropriate solutions.
Java security is one of the more recent additions to the family of security
technologies. Ever since Sun Microsystems announced Java technology in
the spring of 1995, there has been strong and growing interest (in industry,
research laboratories, and academia) around the security of the Java platform
as well as new security issues raised by the deployment of Java technology.
Such close attention being paid to security is almost unprecedented in that
new computing technologies normally ignore security considerations when
they emerge initially. Most of them remain unsecured forever. In the few cases
where efforts are made to secure them later, the efforts are typically not very
successful because retrofitting security is usually very difficult, if possible at
all, and often causes backward compatibility problems.
Therefore, it is extremely fortunate that the Java technology had security as a
primary design goal from the very beginning. (Hats off to the original Java
development team. I joined JavaSoft only in 1996.) Although the initial
security model was ve
Download
Wednesday, March 4, 2009
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment