Addison wesley enterprise java security building secure and robust J2EE applications feb 2004 ISBN 0321118898
Bạn đang xem bản rút gọn của tài liệu. Xem và tải ngay bản đầy đủ của tài liệu tại đây (8.17 MB, 1,027 trang )
•
TableofContents
EnterpriseJavaSecurity:Building
SecureJ2EEApplications
ByMarcoPistoia,NatarajNagaratnam,
LarryKoved,AnthonyNadalin
Publisher :AddisonWesley
PubDate :February20,2004
ISBN :0-321-11889-8
Pages :608
Slots :1.0
"Foralongtime,therehasbeenaneedfora
J2EE(TM)securitybook.Iamveryhappyto
seethereisnowabookthatcananswer
manyofthetechnicalquestionsthat
developers,managers,andresearchershave
aboutsuchacriticaltopic.Iamsurethatthis
bookwillcontributegreatlytothesuccessof
theJ2EEplatformande-business."
-FromtheForewordbyStevenA.Mills,
SeniorVicePresidentandGroupExecutive,
SoftwareGroup,IBMCorporation
EnterpriseJava(TM)Security:BuildingSecure
J2EE(TM)Applicationsprovidesapplication
developersandprogrammerswiththeknowhowtheyneedtoutilizethelatestJava
securitytechnologiesinbuildingsecure
enterpriseinfrastructures.Writtenbythe
leadingJavasecurityexpertsatIBM,this
comprehensiveguidecoversthecurrent
statusoftheJava(TM)2Platform,Enterprise
Edition(J2EE),andJava(TM)2Platform,
StandardEdition(J2SE(TM)),security
architecturesandofferspracticalsolutions
andusagepatternstoaddressthechallenges
ofJavasecurity.
Toaiddeveloperswhoneedtobuildsecure
J2EEapplications,EnterpriseJava(TM)
SecuritycoversatlengththeJ2EEsecurity
technologies,includingthesecurityaspectsof
servlets,JavaServerPages(TM)(JSP(TM)),
andEnterpriseJavaBeans(TM)
(EJB(TM))technologiesthatareatthecoreof
theJ2EEarchitecture.Inaddition,thebook
coversWebServicessecurity.
Examplesandsamplecodeareprovided
throughoutthebooktogivereadersasolid
understandingoftheunderlyingtechnology.
TherelationshipbetweenJavaand
cryptographictechnologiesiscoveredingreat
detail,including:
JavaCryptographyArchitecture(JCA)
JavaCryptographyExtension(JCE)
Public-KeyCryptographyStandards(PKCS)
Secure/MultipurposeInternetMail
Extensions(S/MIME)
JavaSecureSocketExtension(JSSE)
•
TableofContents
EnterpriseJavaSecurity:Building
SecureJ2EEApplications
ByMarcoPistoia,NatarajNagaratnam,
LarryKoved,AnthonyNadalin
Publisher :AddisonWesley
PubDate :February20,2004
ISBN :0-321-11889-8
Pages :608
Slots :1.0
Copyright
Foreword
Preface
AbouttheAuthors
PartI:EnterpriseSecurityandJava
Chapter1.AnOverviewofJavaTechnologyandSecurity
Section1.1.WhyJavaTechnologyforEnterpriseApplications?
Section1.2.EnterpriseJavaTechnology
Section1.4.AnOverviewofEnterpriseSecurityIntegration
Chapter2.EnterpriseNetworkSecurityandJavaTechnology
Section1.3.JavaTechnologyasPartofSecurity
Section1.5.TimetoMarket
Section2.1.NetworkedArchitectures
Section2.2.NetworkSecurity
Section2.4.JavaandFirewalls
Section2.3.Server-SideJavaTechnology
Section2.5.Summary
PartII:EnterpriseJavaComponentsSecurity
Chapter3.EnterpriseJavaSecurityFundamentals
Section3.1.EnterpriseSystems
Section3.2.J2EEApplications
Section3.4.Connectors
Section3.6.SimpleE-BusinessRequestFlow
Section3.8.J2EESecurityRoles
Section3.10.ProgrammaticSecurity
Section3.12.SecureE-BusinessRequestFlow
Section3.3.SecureInteroperabilitybetweenORBs
Section3.5.JMS
Section3.7.J2EEPlatformRoles
Section3.9.DeclarativeSecurityPolicies
Section3.11.SecureCommunicationwithinaWASEnvironment
Chapter4.ServletandJSPSecurity
Section4.1.Introduction
Section4.2.AdvantagesofServlets
Section4.4.TheDeploymentDescriptorofaWebModule
Section4.6.Authorization
Section4.8.ProgrammaticSecurity
Section4.10.UsagePatterns
Section4.3.ServletLifeCycle
Section4.5.Authentication
Section4.7.PrincipalDelegation
Section4.9.RuntimeRestrictionsforWebComponents
Section4.11.PartitioningWebApplications
Chapter5.EJBSecurity
Section5.1.Introduction
Section5.2.EJBRolesandSecurity
Section5.4.Authorization
Section5.6.SecurityConsiderations
Section5.3.Authentication
Section5.5.Delegation
Chapter6.EnterpriseJavaSecurityDeploymentScenarios
Section6.1.PlanningaSecure-ComponentSystem
Section6.2.DeploymentTopologies
Section6.3.SecureCommunicationChannel
Section6.4.SecurityConsiderations
PartIII:TheFoundationsofJava2Security
Chapter7.J2SESecurityFundamentals
Section7.1.AccesstoClasses,Interfaces,Fields,andMethods
Section7.2.ClassLoaders
Section7.4.TheSecurityManager
Section7.6.Summary
Section7.3.TheClassFileVerifier
Section7.5.InterdependenceoftheThreeJavaSecurityLegs
Chapter8.TheJava2PermissionModel
Section8.1.OverviewoftheJava2Access-ControlModel
Section8.2.JavaPermissions
Section8.4.TheConceptofCodeSource
Section8.6.TheBasicJava2Access-ControlModel
Section8.8.ProtectionDomainInheritance
Section8.10.Summary
Section8.3.JavaSecurityPolicy
Section8.5.ProtectionDomains
Section8.7.PrivilegedJava2Code
Section8.9.PerformanceIssuesintheJava2Access-ControlModel
Chapter9.AuthenticationandAuthorizationwithJAAS
Section9.1.OverviewofJAASandJAASTerminology
Section9.2.Authentication
Section9.4.JAASandJ2EE
Section9.3.AuthorizationOverview
Section9.5.AdditionalSupportforPluggableAuthentication
PartIV:EnterpriseJavaandCryptography
Chapter10.TheTheoryofCryptography
Section10.1.ThePurposeofCryptography
Section10.2.Secret-KeyCryptography
Section10.3.Public-KeyCryptography
Chapter11.TheJava2PlatformandCryptography
Section11.1.TheJCAandJCEFrameworks
Section11.2.TheJCAAPI
Section11.4.JCEinPractice
Section11.3.TheJCEAPI
Section11.5.SecurityConsiderations
Chapter12.PKCSandS/MIMEinJ2EE
Section12.1.PKCSOverview
Section12.2.S/MIMEOverview
Section12.3.SigningandVerifyingTransactionswithPKCSandS/
MIME
Section12.4.EncryptingTransactionswithPKCSandS/MIME
Section12.5.SecurityConsiderations
Section12.6.FutureDirections
Chapter13.TheSSLandTLSProtocolsinaJ2EEEnvironment
Section13.1.TheSSLandTLSProtocols
Section13.2.HTTPS
Section13.4.UsingSSLfromwithinJ2EEPrograms
Section13.6.Summary
Section13.3.UsingtheSSLSupportBuiltintoJ2EEProducts
Section13.5.Examples
PartV:AdvancedTopics
Chapter14.EnterpriseSecurityforWebServices
Section14.1.XML
Section14.2.SOAP
Section14.4.SecurityforWebServices:Motivations
Section14.6.WebServicesSecurityModelPrinciples
Section14.8.UseScenario
Section14.10.SecurityConsiderations
Section14.3.WSDL
Section14.5.SecurityTechnologies
Section14.7.ApplicationPatterns
Section14.9.WebServicesProviderSecurity
Section14.11.Futures
Chapter15.SecurityConsiderationsforContainerProviders
Section15.1.UnderstandingtheEnvironment
Section15.2.Authentication
Section15.4.SecureCommunication
Section15.6.AccesstoSystemResources
Section15.3.Authorization
Section15.5.SecureAssociation
Section15.7.MappingIdentitiesatConnectorBoundaries
Chapter16.Epilogue
PartVI:Appendixes
AppendixA.SecurityofDistributedObjectArchitectures
SectionA.1.RMI
SectionA.2.StubsandSkeletons
SectionA.3.RMIRegistry
SectionA.4.TheSecurityofRMI
AppendixB.X.509DigitalCertificates
AppendixC.TechnicalAcronymsUsedinThisBook
SectionB.1.X.509CertificateVersions
A
B
D
F
H
J
L
N
P
R
T
V
X
C
E
G
I
K
M
O
Q
S
U
W
AppendixD.SourcesUsedinThisBook
Copyright
Manyofthedesignationsusedbymanufacturersandsellersto
distinguishtheirproductsareclaimedastrademarks.Where
thosedesignationsappearinthisbook,andAddison-Wesley
wasawareofatrademarkclaim,thedesignationshavebeen
printedwithinitialcapitallettersorinallcapitals.
Theauthorsandpublisherhavetakencareinthepreparationof
thisbook,butmakenoexpressedorimpliedwarrantyofany
kindandassumenoresponsibilityforerrorsoromissions.No
liabilityisassumedforincidentalorconsequentialdamagesin
connectionwithorarisingoutoftheuseoftheinformationor
programscontainedherein.
Thepublisheroffersdiscountsonthisbookwhenorderedin
quantityforbulkpurchasesandspecialsales.Formore
information,pleasecontact:
U.S.CorporateandGovernmentSales
(800)382-3419
ForsalesousideoftheU.S.,pleasecontact:
InternationalSales
(317)581-3793
VisitAddison-WesleyontheWeb:www.awprofessional.com
LibraryofCongressCataloging-in-PublicationData
EnterpriseJavasecurity:buildingsecureJ2EEapplications/MarcoPistoia
p.cm.
Includesbibliographicalreferencesandindex.
ISBN0-321-11889-8(pbk;alkpaper)
1.Java(Computerprogramlanguage)2.Computersecurity.I.Pistoia,
QA76.73.J3E582004
005.8dc22
2003063781
Copyright©2004byPearsonEducation,Inc.
Allrightsreserved.Nopartofthispublicationmaybe
reproduced,storedinaretrievalsystem,ortransmitted,inany
form,orbyanymeans,electronic,mechanical,photocopying,
recording,orotherwise,withoutthepriorconsentofthe
publisher.PrintedintheUnitedStatesofAmerica.Published
simultaneouslyinCanada.
Forinformationonobtainingpermissionforuseofmaterialfrom
thiswork,pleasesubmitawrittenrequestto:
PearsonEducation,Inc.
RightsandContractsDepartment
75ArlingtonStreet,Suite300
Boston,MA02116
Fax:(617)848-7047
Textprintedonrecycledpaper
12345678910CRS0807060504
Firstprinting,February2004
Dedication
Tomywife,Paolina,forgivingmethestrengthandcourageto
bethemanGodwantsmetobe.
Marco
Inlovingmemoryofmyfather,whocontinuestoinspiremy
questforknowledge.Tomywife,Sowmya,forher
understandingandsupporttopursuemydreams.Tomy
daughter,Divya,forgivingmeanewperspectiveonlife.Tomy
motherandmyfamily,formakingmewhoIam.
Nataraj
ToKaren,Sam,andMax,forthelove,support,andjoythey
bringtomylife.Tomymother,whotaughtme,"Lifeisshort.
Eatdessertfirst."Tomyfather,whoisalwaystherewhenI
needhim.Tomybrother,whotaughtmehowtocount.
Larry
Tomywife,Paula,andmydaughter,Sarah.Thanksforkeeping
mylifeincheckandremindingmethatthereislifebeyond
"geekdom."Youbotharethejoysofmylife.
Anthony
Foreword
E-business,oneofthefastest-growingsegmentsofthe
informationtechnologyindustry,ischangingthefaceof
commerceasweknowit.ConductingbusinessontheWebis
rapidlybecomingafundamentalelementofhoworganizations
conductbusinesswitheachother,aswellaswiththeir
customers.Web-basedsystemsdonotstandalone.Rather,
theyaretheintegrationofmanyexistingenterprisesystems,
processes,andprotocols,oftentimesreengineeredtoleverage
thecapabilitiesinherentintheWeb-basedsystemsandto
affordnewcapabilities.Thevalueisnotinthetechnologypiece
partsbutintherapidcreationofnewbusinesssolutions.
Alltechnologiesintroducerisksintobusinesses.Thechallengeis
inmanagingtheserisks.Someoftherisksoriginatefromthe
complexityofthesolutionsdesignedtoaddressacompany's
businessneeds;otherrisksareinherentinthetechnologies
chosentoaddresstheseneeds.Tomeettheserisks,wehave
seentheriseofvarioussecuritytechnologies,suchasantivirus
scanners,firewalls,intrusion-detectionsystems,virtualprivate
networks(VPNs),public-keycryptography,andtheSecure
SocketsLayer(SSL)protocol.
TheWebisnoexception.Althoughitoffersnewopportunities
forcreatingmarketsandmarketplaces,therisksitintroduces
havedriventhecreationofnewandinnovativesolutions.These
includeauthenticatingandauthorizingusersofthesystem,
protectingtransactionsfrommalevolenthackers,enforcing
accesscontrol,guaranteeingprivacy,andofferingfederated
identitymanagement.
Anenterprisesystemusuallycomprisesheterogeneous
systems.Enablingthesesystemstocommunicateandintegrate
toformusefulend-to-endsolutionsisessential,asmuchofthe
growthisnotinthecreationofentirelynewsystemsbutin
makinglegacysystemsandservicesaccessibleviatheWeb.
Thisisachievedwithgreatereasewhentheenterprisesystem's
keyelements,includingsecurity,arebasedonopenstandards.
Usingopenstandardsgreatlysimplifiesthecomplexityandcost
ofdevelopment.Enablingopenstandardsintheindustrycan
happenonlywhenthereisanopenexchangeofideasand
cooperationbetweenvendors.
Thisbooktakesanin-depthlookatthedevelopmentof
enterpriseapplicationsbasedontheJava2Platform,Enterprise
Edition(J2EE),whichenablesintegrationofexistingsubsystems
intomorepowerfulWeb-basedenterprisesystems.Thisbook
focusesonthesetofsecuritystandardsthatsupportand
enhanceaJ2EEenvironment,includingSSL,Kerberos
authenticationandauthorization,secret-andpublic-key
cryptography,Public-KeyCryptographyStandards(PKCS),
Secure/MultipurposeInternetMailExtensions,andtheWeb
ServicesSecurityspecification.Ratherthantakingapiecewise
viewofsecurity,thisbook'sperspectiveisbroader.Theindustry
ismakingashiftfromprogrammaticsecuritytodeclarative
security.Thegoalistomanagesecuritythroughpoliciesrather
thanviasecuritycodebeingwrittenintoeveryapplication,
whichismuchmoreexpensivetomaintainandupgradeasnew
threatsandrisksareidentified.
ThisbookistheresultofIBM'stechnicalleadershipand
strengthinsecurity,middleware,andon-demandcomputing,as
wellasalong-standingcollaborationbetweenIBM'sSoftware
GroupandResearchDivision.Thiscollaborationhasbrought
togetherpeoplefromaroundtheworld,creatingapartnership
dedicatedtoprovidingvaluetothemarketplaceinadynamic
businessandtechnicalenvironment.
Foralongtime,therehasbeenaneedforaJ2EEsecuritybook.
Iamveryhappytoseethatthereisnowsuchabooktoanswer
manyofthetechnicalquestionsthatdevelopers,managers,and
researchershaveaboutsuchacriticaltopic.Iamsurethatthis
bookwillcontributegreatlytothesuccessoftheJ2EEplatform
ande-business.
StevenA.Mills
SeniorVicePresidentandGroupExecutive
SoftwareGroup,IBMCorporation
Preface
ThepurposeofthisbookistoillustratetheapplicabilityofJava
2Platform,EnterpriseEdition(J2EE),andJava2Platform,
StandardEdition(J2SE),securitytechnologiesinbuildinga
secureenterpriseinfrastructurecontainingJava-based
enterpriseapplications.Withapragmaticapproach,thebook
explainswhyJavasecurityisakeyfactorinane-business
environmentandhowapplicationdeveloperscanusethis
technologyinbuildingsecureenterpriseapplications.
ThebookintroducestheJ2EEandJ2SEsecurityarchitectures,
showinghowthesearchitecturesrelatetoeachotherandhow
theyareaugmentedbyJavaAuthenticationandAuthorization
Service(JAAS)toprovideauthenticationandauthorization.
Then,thebookdelvesintotheJ2EEsecuritytechnologies:The
securityaspectsofservlets,JavaServerPages(JSP),and
EnterpriseJavaBeans(EJB)aretreatedindetailbecausethese
technologiesconstitutethecoreoftheJ2EEarchitecture.To
satisfytheneedsofdeveloperswhoneedtobuildJ2EE
applicationsandwanttodososecurelyandreliably,thebook
coversingreatdetailtherelationshipbetweenJ2EEand
cryptographictechnologies;JavaCryptographyArchitecture,
JavaCryptographyExtension,Public-KeyCryptography
Standards,Secure/MultipurposeInternetMailExtensions,and
JavaSecureSocketExtensionarealsodescribedindetail.The
bookexplainshowtoworkwithJ2EEinpracticeandshowshow
thetechnologiespresentedworktogetherandareintegrated.
ThescenariosdescribedaretargetedtoJ2EEdevelopersand
deployersneedingtobuildanintegrated,secure,componentbasedsystem.Finally,WebServicessecurityandother
emergingtechnologiesarediscussed,alongwithadescription
ofhowtheunderlyingmiddlewareworks.Thebookendsby
summarizingtheimpactofJ2EEsecurityintoday'se-business
environments.
UnlikeothertreatmentsofJavasecurity,thisbookdiscussesthe
J2SEandJ2EEsecurityarchitectures,providingpractical
solutionsandusepatternstoaddressthechallengesthatlie
aheadasthesearchitecturesevolvetoaddressenterpriseebusinessneeds.Thegoalistogivepracticalguidancetogroups
involvedinmakingJava-basedapplicationsorWebsitesinto
industrial-strengthcommercialpropositions.Examplesare
providedtogivethereaderaclearerunderstandingofthe
underlyingtechnology.
Toachievethegoalsofportabilityandreusability,J2EEsecurity
hasbeendesignedtobemainlydeclarative.Mostofthe
authentication,authorization,integrity,confidentiality,and
access-controldecisionsonaJ2EEplatformcanbemade
throughconfigurationfilesanddeploymentdescriptors,which
areexternaltotheapplications.Thisreducestheburdenonthe
programmerandallowsJavaenterpriseprogramstobe
portable,reusable,andflexible.Forthisreason,PartsIandII
focusonthedeclarativeapproachofJavasecuritybyshowing
examplesofconfigurationfilesanddeploymentdescriptors.
Additionally,thesepartsofthebookexplainhowtousethe
programmaticapproachifdeclarativesecurityaloneis
insufficient.(SampleprogramscanbefoundinChapters4and
5.)Themajorityofthesamplecodeofthisbookcanbefound
inPartsIIIandIV.
ThisbookhasitsrootsinseveralarticleswewrotefortheIBM
SystemsJournalandIBMdeveloperWorks,describingthe
originsofJavasecurityandthesecurityforenterprise
applicationsusingtheJ2EEprogrammingmodel.Althoughwe
aregeographicallydispersedaroundtheUnitedStates,wehad
gatheredinSantaClara,California,attheO'ReillyConference
onJavainMarch2000topresentonanumberofsecurity
topics.Itwasclearthatdevelopersandmanagerswerenot
familiarwithJavasecurityfeatures,J2EEsecurity,andhowto
managesecurityinaJ2EEenvironment.InquiriesonJavaand
J2EEsecuritywerebeingroutedtousviae-mailandthrough
ourcolleagues.WehadalreadywrittenabookonJ2SEsecurity,
butabookonsecurityforenterpriseapplications,including
thosewrittenforserver-basedapplicationsandWebServices,
wasneeded.
Thisbookdrawsandexpandsonmaterialfrommultiple
sources,includingtheJ2SEsecuritybookandarticles
mentioned.Specifically,thisbookcoversJ2SEV1.4andJ2EE
V1.4.TherelevantspecificationsforJ2EEcoveredinthisbook
includetheJ2EEV1.4specification,theJavaServletV2.4
specification,theEJBV2.1specification,andtheWebServices
specifications.Thelistofthesourcesusedinthisbookcanbe
foundinAppendixD.
AbouttheAuthors
ThisbookwaswrittenbyateamofIBMsecurityresearchers
andarchitectswhohavehadamajorimpactinthedefinitionof
theJavasecurityarchitectureanditsrelatedtechnologies.The
leaderofthisprojectwasMarcoPistoia.
MarcoPistoiaisaResearchStaffMemberintheJavaandWeb
ServicesSecuritydepartment,apartoftheNetworking
Security,PrivacyandCryptographydepartmentattheIBM
ThomasJ.WatsonResearchCenterinYorktownHeights,New
York.Hehaswrittentenbooksandseveralpapersandjournal
articlesonallareasofJavaande-businesssecurity.Hislatest
book,Java2NetworkSecurity,SecondEdition,waspublished
byPrenticeHallin1999.Hehaspresentedatseveral
conferencesworldwide:SunMicrosystems'JavaOne,the
AssociationforComputingMachinery(ACM)conferenceon
Object-OrientedProgramming,Systems,Languages,and
Applications(OOPSLA),theO'ReillyConferenceonJava,IBM
Solutions,andColoradoSoftwareSummit.Hehasbeeninvited
toteachgraduatecoursesonJavasecurityandhaspresented
attheNewYorkStateCenterforAdvancedTechnologyin
Telecommunications(CATT),Brooklyn,NewYork.Marco
receivedhisM.S.inMathematicssummacumlaudefromthe
UniversityofRome,Italy,in1995andisworkingtowardaPh.D.
inMathematicsfromPolytechnicUniversity,Brooklyn,NewYork.
Histechnicalinterestsareinmobile-codesecurity,component
software,andstaticanalysisofobject-orientedlanguages.
NatarajNagaratnamisaSeniorTechnicalStaffMemberand
theleadsecurityarchitectforIBM'sWebSpheresoftwarefamily
inRaleigh,NorthCarolina.Heleadsthesecurityarchitecturefor
IBMWebSphereandtheIBMGridinfrastructure.Heisalsoa
corememberoftheIBMWebServicessecurityarchitecture
team.HehascoauthoredtheWebServicessecurity
specificationsandOpenGridServicesArchitecture(OGSA)
documents.HeactivelyparticipatesintheJavaCommunity
ProcessonthetopicsrelatedtoJ2EEsecuritybyeitherleading
orparticipatingintheJavaSpecificationRequestsrelatedto
J2EEsecurity.NatarajreceivedhisPh.D.inComputer
EngineeringfromSyracuseUniversity,Syracuse,NewYork.His
thesisdealswiththeaspectsofsecuredelegationindistributed
objectenvironments.HehaswidelypresentedonJavaand
securitytopicsatvariousconferencesandsymposiumsandhas
publishedextensivelyinnumerousjournals,conferences,and
magazines.Natarajwastheleadauthorofoneofthefirstbooks
onJavanetworking,JavaNetworkingandAWTAPISuperBible,
publishedbyWaiteGroupPressin1996.
LarryKovedisaResearchStaffMemberandthemanagerof
theJavaandWebServicesSecuritydepartment,apartofthe
NetworkingSecurity,Privacy,andCryptographydepartmentat
theIBMThomasJ.WatsonResearchCenterinYorktown
Heights,NewYork.WithAnthonyNadalin,hehasservedas
IBM'sJavasecurityarchitect,includingbeingaliaisontoSun
MicrosystemsforJavasecuritydesignanddevelopment
collaboration.HewasactivelyinvolvedinthedesignoftheJava
AuthenticationandAuthorizationServices(JAAS)andthen
EnterpiseJavaBeans(EJB)V1.1securityarchitecture.Larryhas
publishedmorethan25articlesandtechnicalreportsonuser
interfacetechnologies,virtualreality,hypertextandmobile
computing,staticanalysisofJavacode,andsecurity.Hehas
presentedatseveralconferences,includingACMOOPSLA,the
InstituteofElectricalandElectronicsEngineers(IEEE)
SymposiumonSecurityandPrivacy,theO'ReillyConferenceon
Java,IBM'sdeveloperWorksLive!,andSunMicrosystems'
JavaOne.Hiscurrentinterestsincludesecurityofmobilecode,
componentsoftware,andstaticanalysisofOOlanguages.
AnthonyNadalinisIBM'sleadsecurityarchitectforJavaand
WebServicesinAustin,Texas.AsSeniorTechnicalStaff
Member,heisresponsibleforsecurityinfrastructuredesignand
developmentacrossIBM,Tivoli,andLotus.Heservesasthe
primarysecurityliaisontoSunMicrosystemsforJavasecurity
designanddevelopmentcollaborationandtoMicrosoftforWeb
Servicessecuritydesignanddevelopmentcollaboration.Inhis
20-yearcareerwithIBM,Anthonyhasheldthefollowing
positions:leadsecurityarchitectforVM/SP,securityarchitect
forAS/400,andsecurityarchitectforOS/2.Hehasauthored
andcoauthoredmorethan30technicaljournalandconference
articles,andthebookJavaandInternetSecurity,whichwas
publishedbyiUniverse.comin2000.Hehasbeenonthe
technicalcommitteeofthreemajorscientificjournalsandone
conferenceandhasextensivelyreviewedworkpublishedby
peersinthefield.Hehasgivenseveralpresentationsand
invitedspeechesatnumeroustechnicalsecurityconferences.
Thankstothefollowingpeoplefortheirinvaluablecontributions
tothisproject:
RosarioGennaro,KennethGoldman,BobJohnson,
JeffKravitz,MichaelMcIntosh,CharlesPalmer,
DarrellReimer,KavithaSrinivas,RayValdez,Paula
Austel,MichaelSteiner
IBMThomasJ.WatsonResearchCenter,YorktownHeights,
NewYork
SteveMills
IBMSoftwareGroup,Somers,NewYork
PeterBirk,JoyceLeung,KentSoper,Audrey
Timkovich,KrishnaYellepeddy
IBMEnterpriseSecurity,Austin,Texas
MattHogstrom,BertLaonipon
IBMWebSpherePerformanceandSecurity,Raleigh,North
Carolina
KeysBotzum
IBMWebSphereServices,Bethesda,Maryland
TomAlcott
IBMWebSphereSalesandTechnologySupport,CostaMesa,
California
TonyCowan
IBMCustomerSolutionsCenter,Seattle,Washington
CharlieLai
SunMicrosystems,Cupertino,California
ChrisKaler
MicrosoftWebServicesSecurity,Redmond,Washington
PaolinaCentonze
PolytechnicUniversity,Brooklyn,NewYork
AnnSellers
Addison-WesleyProfessional,SanFrancisco,California
JulieB.Nahil
Addison-WesleyProfessional,Boston,Massachusetts
MikeHendrickson
FormerlyofAddison-WesleyProfessional,Boston,
Massachusetts
Thanksalsotoourablecopyeditor,EvelynPyle
PartI:EnterpriseSecurityandJava
Chapter1.AnOverviewofJavaTechnologyandSecurity
Chapter2.EnterpriseNetworkSecurityandJava
Technology
Chapter1.AnOverviewofJava
TechnologyandSecurity
Ase-businessmatures,companiesrequireenterprise-scalable
functionalityfortheircorporateInternetandintranet
environments.Tosupporttheexpansionoftheircomputing
boundaries,businesseshaveembracedWebapplicationservers
(WASs).Theseserversprovidesimplifieddevelopmentand
deploymentofWeb-basedapplications.Webapplications
containthepresentationlayerandencapsulatebusinesslogic
connectingtoback-enddatastoresandlegacyapplications.
However,securingthismalleablemodelpresentsachallenge.
Savvycompaniesrecognizethattheirsecurityinfrastructures
needtoaddressthee-businesschallenge.Thesecompaniesare
awareofthetypesofattacksthatmalevolententitiescan
launchagainsttheirservers,andcanplanappropriatedefenses.
Javatechnologyhasestablisheditselfasimportantinthe
enterprise,bothfortheeasewithwhichdeveloperscancreate
componentsoftwareandfortheplatformindependenceofthe
language.Java-basedenterpriseapplicationserverssupport
JavaServlet,JavaServerPages(JSP),andEnterpriseJavaBeans
(EJB)technologies,providingsimplifieddevelopmentand
flexibledeploymentofWeb-basedapplications.
Toprovidesecurityfore-business,theJava2Platform,
EnterpriseEdition(J2EE),buildsontheJava2Platform,
StandardEdition(J2SE),coretechnologies.J2SEintroduceda
fine-grained,policy-basedsecuritymodelthatiscustomizable
andconfigurableintonumeroussecurityprotectiondomains.
Thisapproachisausefuladditiontosecurityforcomponentbasedsoftware.J2SEsecurityalsobuildsonanadditionalsetof
relativelynewcoretechnologies:JavaAuthenticationand
AuthorizationService(JAAS),JavaCryptographyArchitecture
(JCA),JavaCryptographyExtension(JCE),JavaSecureSocket
Extension(JSSE),Public-KeyCryptographyStandards(PKCS),
andsupportforthePublicKeyInfrastructure(PKI).
