Scribd Logo
Upload

Welcome to Scribd!

  • Essay Felipin

    Uploaded by

    Hector McCartney
    6 views2 pages
    Java is a very complete and compatible language, and if we add security to this, this language will be almost perfect. Java's security has a couple of utilities, like the access modifiers: public, private, default, protected; the "final" keyword, to declare constants. But in order to accomplish those security rules and be sure the syntax it's all right, we need the help of three tools: the compiler, the bytecode verifier and the runtime machine.

    Original Description:

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Java is a very complete and compatible language, and if we add security to this, this language will be almost perfect. Java's security has a couple of utilities, like the access modifiers: public, private, default, protected; the "final" keyword, to declare constants. But in order to accomplish those security rules and be sure the syntax it's all right, we need the help of three tools: the compiler, the bytecode verifier and the runtime machine.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    6 views2 pages

    Essay Felipin

    Uploaded by

    Hector McCartney
    Java is a very complete and compatible language, and if we add security to this, this language will be almost perfect. Java's security has a couple of utilities, like the access modifiers: public, private, default, protected; the "final" keyword, to declare constants. But in order to accomplish those security rules and be sure the syntax it's all right, we need the help of three tools: the compiler, the bytecode verifier and the runtime machine.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 2

    Introduction

    Today we will talk about the Java language, more specifically, the security that java presents. This will help us to have the basis to create codes secure enough, and make them more difficult to attack. Like we have seen in the semester, java is a very complete and compatible language, and if we add security to this, this language will be almost perfect.

    Body
    Javas security has a couple of utilities, like the access modifiers: public, private, default, protected; the final keyword, to declare constants; the serialization function, to access to private variables, transient to restrict access to private variables which use the serialization function, and more. But in order to accomplish those security rules, and be sure the syntax its all right, we need the help of three tools: The compiler The bytecode verifier The runtime machine

    The compiler
    Is the first tool used to make sure the code meets all the security rules, the compiler is responsible for all the rules we talk above, except for two: the compiler cannot enforce array bound checking nor can it enforce all cases of illegal object casts.

    The bytecode verifier


    In this point the compiler has done its work and its now time the bytecode verifier makes sure that the bytecodes we have received (perhaps from an unknown source) are legit, and its okay to use them. In fact, it is an internal part of the runtime machine, and has no interface; not even programmers can access to it and users neither. Some things the bytecode verifier makes sure of are the following: The class file has the correct format; final classes are not subclassed, and final methods are not overridden; no illegal data conversion of objects occurs, and more.

    The runtime machine


    Finally, after the two first steps, its time to the runtime machine to make sure that all arrays are inside their boundaries, so they dont overlap, and object casting its all right.

    Conclusion
    As we can see, the security inside Java is pretty sophisticate, its needed the help of the compiler and the runtime machine to make sure everything it is okay. But besides everything we have seen here, we need to understand that it doesnt ends here, and it is also needed the help of the programmer in order to write secure software, which, at least years ago, it didnt matters too much. Things have change, and so we will.

    You might also like