13 第十三讲 Java安全模型.pptVIP

DEMO-MESSAGEDIGESTTEST * QA Thanks！ * 第十三讲  JAVA安全模型 本章内容提要 Overview of Java Security Java Language Security and Bytecode Verification Access Control Code Sign Cryptography Public Key Infrastructure Authentication QA * OVERVIEW OF JAVA SECURITY Java技术中有三种安全机制 Java语言的安全特性（数组越界检查、GC、不允许指针运算等） Access Control：基于.class文件的来源，授予其不同的权限。 Code Assign：.jar文件可以进行签名，使用户可以判断该文件的发布者是谁。 * JAVA语言的安全特性 The Java language is designed to be type-safe and easy to use. Automatic memory management, garbage collection Range-checking on arrays. Defines different access modifiers that can be assigned to Java classes, methods, and fields. Specifically, the language defines four distinct access levels: private, protected, public, and, if unspecified, package. public access is allowed to anyone. private access is not allowed outside the particular class in which the private member (a method, for example) is defined. protected modifier allows access to any subclass, or to other classes within the same package. Package-level access only allows access to classes within the same package. * JAVA语言的安全特性（续） The Java language is designed to be type-safe and easy to use. A compiler translates Java programs into a machine-independent bytecode representation. A bytecode verifier is invoked to ensure that only legitimate bytecodes are executed in the Java runtime. It checks that the bytecodes conform to the Java Language Specification and do not violate Java language rules or namespace restrictions. The verifier also checks for memory management violations, stack underflows or overflows, and illegal data typecasts. Once bytecodes have been verified, the Java runtime prepares them for execution. * ACCESS CONTROL * JAVA ACCESS CONTROL ARCHITECTURE * The access control architecture in the Java platform protects access to sensitive resources (for example, local files) or sensitive application code (for example, methods in a class). JAVA ACCESS CONTROL ARCHITECTURE (CONT.) Java Access Control Ar