Monday, August 13, 2007

Java Security

- Codebase + signer = Code Source
In java policy file, the code source associate various permissions to create protected domain.


grant signBy "sdo", codeBase "http://www.oreilly.com/" {
permission java.io.FilePermission "/tmp", "read";
permission java.lang.RuntimePermission "queuePrintJob";
};

The default policy for all JVM in $JREHOME/lib/security/java.policy; And by default the sandbox for java applications is initially disabled.

- KeyStore (code signing)
The certificates are held in a location (usually a file) called the keystore. For developer, keystore is consulted to find the certificate used to sign your code; For end user or system admin, the keystore is consulted when you run signed code to see who actually signed the code.

- Certificates
Two types of keys: asymmetirc (private/public key pair) and symmetric (secret key). Certificates are used to authenticate public keys; when public keys are transmitted electronically, they are often embedded within certificates. It is issued by well- know entity (Certificate authority, or CA). The certificate contains a digital signature of the CA. So we have a bootstrapping problem here - how do we obtain the public key of the certificate authority to authenticate the certificate itself?

No comments: