CONTENTS | PREV | NEXT

Table of Contents


1 Introduction
1.1 The Original Sandbox Model
1.2 Evolving the Sandbox Model

2 New Protection Mechanisms -- Overview of Basic Concepts

3 Permissions and Security Policy
3.1 The Permission Classes
3.1.1 java.security.Permission
3.1.2 java.security.PermissionCollection
3.1.3 java.security.Permissions
3.1.4 java.security.UnresolvedPermission
3.1.5 java.io.FilePermission
3.1.6 java.net.SocketPermission
3.1.7 java.security.BasicPermission
3.1.8 java.util.PropertyPermission
3.1.9 java.lang.RuntimePermission
3.1.10 java.awt.AWTPermission
3.1.11 java.net.NetPermission
3.1.12 java.lang.reflect.ReflectPermission
3.1.13 java.io.SerializablePermission
3.1.14 java.security.SecurityPermission
3.1.15 java.security.AllPermission
3.1.16 javax.security.auth.AuthPermission
3.1.17 Discussion of Permission Implications
3.1.18 How To Create New Types of Permissions
3.2 java.security.CodeSource
3.3 java.security.Policy
3.3.1 Policy File Format
3.3.2 Property Expansion in Policy Files
3.3.3 General Expansion in Policy Files
3.3.4 Assigning Permissions
3.3.5 Default System and User Policy Files
3.3.6 Customizing Policy Evaluation
3.4 java.security.GeneralSecurityException

4 Access Control Mechanisms and Algorithms
4.1 java.security.ProtectionDomain
4.2 java.security.AccessController
4.2.1 Algorithm for Checking Permissions
4.2.2 Handling Privileges
4.3 Inheritence of Access Control Context
4.4 java.security.AccessControlContext

5 Secure Class Loading
5.1 Class Loader Class Hierarchies
5.2 The Primordial Class Loader
5.3 Class Loader Delegation
5.4 Class Resolution Algorithm

6 Security Management
6.1 Managing Applets and Applications
6.2 SecurityManager versus AccessController
6.3 Auxiliary Tools
6.3.1 The Key and Certificate Management Tool
6.3.2 PolicyTool
6.3.3 The JAR Signing and Verification Tool

7 GuardedObject and SignedObject
7.1 java.security.GuardedObject and java.security.Guard
7.2 java.security.SignedObject

8 Discussion and Future Directions
8.1 Resource Consumption Management
8.2 Arbitrary Grouping of Permissions
8.3 Object-Level Protection
8.4 Subdividing Protection Domains
8.5 Running Applets with Signed Content

9 Summary

10 Acknowledgments

11 References

12 Revision History


CONTENTS | PREV | NEXT
Copyright © 1997-2002 Sun Microsystems, Inc. All Rights Reserved.

Copyright © 1993, 2014, Oracle and/or its affiliates. All rights reserved.