•
TableofContents
InsideJava™2PlatformSecurity:
Architecture,APIDesign,and
Implementation,SecondEdition
ByLiGong,GaryEllison,
MaryDageforde
Publisher :AddisonWesley
PubDate :June06,2003
ISBN :0-201-78791-1
Pages :384
Slots :1
InsideJava(TM)2PlatformSecurity,the
definitiveandcomprehensiveguidetothe
Javasecurityplatform,hasbeenthoroughly
updatedtoreflectkeyadditionsandrevisions
toJavasecuritytechnologiescurrentlyinuse
byleadingtechnologycompanies.This
secondedition,pennedbytheJavaexperts
atSunMicrosystems,providesadetailedlook
intothecentralworkingsoftheJavasecurity
architectureanddescribestoolsand
techniquesforsuccessfulimplementationon
eventhemostdemandingnetworkcomputing
environment.
WhileJavahasalwaysprovidedastronger
securitymodelthanotherplatforms,this
bookreviewsallthemethodsandpractices
requiredtoimprovesecuritywithout
sacrificingfunctionality.Withtipsonhowto
customize,extend,andrefinetheJava
securityarchitecture,userswillhave
everythingtheyneedtoprotecttheir
informationassetsfrombothexternaland
internalthreats.
Thisbook'sin-depthcoverageencompasses
securityarchitecture,deployment,
customization,newdevelopments,andmuch
more.
Securityfundamentals
Secureclassloading
Specifyingfine-grainedsecuritypolicy
Enforcingsecuritypolicywith
AccessController,SecurityManager,and
more
Digitalcertificates,certificationpaths,
signedcode,JAAS,andother
authenticationmeasures
Java-basedcryptographywithcode
examples
JSSE,JavaGSS-API,andRMIfornetwork
security
Previewsofotherplatformsforsecurity,
includingJavaCard,J2MEandJini
Designedforboththesystemadministrator
andsoftwarepractitioner,thisbookdelivers
vitalknowledgeforbuildingandmaintaining
asecuresystemusingtheJava2platform.
Withdetailedcodeandusageexamples
throughout,InsideJava(TM)2Platform
Security,SecondEdition,isanindispensable
resourceforallplatformsecurityneeds.
TheJava(TM)Seriesissupported,endorsed,
andauthoredbythecreatorsoftheJava
technologyatSunMicrosystems,Inc.Itisthe
officialplacetogoforcomplete,expert,and
definitiveinformationonJavatechnology.The
booksinthisSeriesprovidetheinside
informationyouneedtobuildeffective,
robust,andportableapplicationsandapplets.
TheSeriesisanindispensableresourcefor
anyonetargetingtheJava(TM)2platform.
•
TableofContents
InsideJava™2PlatformSecurity:
Architecture,APIDesign,and
Implementation,SecondEdition
ByLiGong,GaryEllison,
MaryDageforde
Publisher :AddisonWesley
PubDate :June06,2003
ISBN :0-201-78791-1
Pages :384
Slots :1
Copyright
TheJava™Series
Preface
HowThisBookIsOrganized
Acknowledgments
AbouttheAuthors
PrefacetotheFirstEdition
AcknowledgmentsfortheFirstEdition
Chapter1.ComputerandNetworkSecurityFundamentals
Section1.1.CryptographyversusComputerSecurity
Section1.2.ThreatsandProtection
Section1.3.PerimeterDefense
Section1.5.UsingCryptography
Section1.7.MobileCode
Section1.4.AccessControlandSecurityModels
Section1.6.Authentication
Section1.8.WhereJavaTechnologyBasedSecurityFitsIn
Chapter2.BasicSecurityfortheJavaProgrammingLanguage
Section2.1.TheJavaProgrammingLanguageandPlatform
Section2.2.OriginalBasicSecurityArchitecture
Section2.4.SignedApplets
Section2.3.BytecodeVerificationandTypeSafety
Section2.5.FurtherEnhancements
Chapter3.Java2SecurityArchitecture
Section3.1.SecurityArchitectureRequirementsofJava2
Section3.2.OverviewoftheJava2SecurityArchitecture
Section3.3.ArchitectureSummary
Section3.4.LessonsLearned
Chapter4.SecureClassLoading
Section4.1.ClassFiles,Types,andDefiningClassLoaders
Section4.2.Well-KnownClassLoaderInstances
Section4.3.ClassLoaderHierarchies
Section4.5.SecureClassLoaderDetails
Section4.7.ClassPaths
Section4.4.LoadingClasses
Section4.6.URLClassLoaderDetails
Chapter5.ElementsofSecurityPolicy
Section5.1.Permissions
Section5.2.DescribingCode
Section5.3.ProtectionDomain
Section5.5.AssigningPermissions
Section5.4.SecurityPolicy
Section5.6.DynamicSecurityPolicy
Chapter6.EnforcingSecurityPolicy
Section6.1.SecurityManager
Section6.2.AccessControlContext
Section6.3.DomainCombiner
Section6.4.AccessController
Chapter7.CustomizingtheSecurityArchitecture
Section7.1.CreatingNewPermissionTypes
Section7.2.CustomizingSecurityPolicy
Section7.3.CustomizingtheAccessControlContext
Chapter8.EstablishingTrust
Section8.1.DigitalCertificates
Section8.2.EstablishingTrustwithCertificationPaths
Section8.3.EstablishingTrustinSignedCode
Section8.4.User-CentricAuthenticationandAuthorizationUsingJAAS
Section8.5.DistributedEnd-EntityAuthentication
Chapter9.ObjectSecurity
Section9.1.SecurityExceptions
Section9.2.FieldsandMethods
Section9.3.StaticFields
Section9.5.PrivilegedCode
Section9.7.InnerClasses
Section9.9.SigningObjects
Section9.11.GuardingObjects
Section9.4.PrivateObjectStateandObjectImmutability
Section9.6.Serialization
Section9.8.NativeMethods
Section9.10.SealingObjects
Chapter10.ProgrammingCryptography
Section10.1.CryptographicConcepts
Section10.2.DesignPrinciples
Section10.3.CryptographicServicesandServiceProviders
Section10.5.AdditionalCryptographyClasses
Section10.7.StandardNames
Section10.4.CoreCryptographyClasses
Section10.6.CodeExamples
Section10.8.AlgorithmSpecifications
Chapter11.NetworkSecurity
Section11.1.JavaGSS-API
Section11.2.JSSE
Section11.3.RemoteMethodInvocation
Chapter12.DeployingtheSecurityArchitecture
Section12.1.InstallingtheLatestJava2PlatformSoftware
Section12.2.TheInstallationDirectory<java.home>
Section12.3.SettingSystemandSecurityProperties
Section12.5.InstallingProviderPackages
Section12.7.JAASLoginConfigurationFiles
Section12.9.X.500DistinguishedNames
Section12.4.SecuringtheDeployment
Section12.6.PolicyConfiguration
Section12.8.SecurityTools
Section12.10.ManagingSecurityPoliciesforNonexperts
Chapter13.OtherPlatformsandFutureDirections
Section13.1.IntroductiontoJavaCard
Section13.2.IntroductiontoJava2MicroEdition
Section13.4.BriefIntroductiontoJiniNetworkTechnology
Section13.6.ClientContainers
Section13.3.SecurityEnhancementsontheHorizonforJ2SE
Section13.5.BriefIntroductiontoJ2EE
Section13.7.FinalRemarks
Bibliography
Copyright
Manyofthedesignationsusedbymanufacturersandsellersto
distinguishtheirproductsareclaimedastrademarks.Where
thosedesignationsappearinthisbook,andAddison-Wesley
wasawareofatrademarkclaim,thedesignationshavebeen
printedwithinitialcapitallettersorinallcapitals.
Theauthorsandpublisherhavetakencareinthepreparationof
thisbook,butmakenoexpressedorimpliedwarrantyofany
kindandassumenoresponsibilityforerrorsoromissions.No
liabilityisassumedforincidentalorconsequentialdamagesin
connectionwithorarisingoutoftheuseoftheinformationor
programscontainedherein.
Thepublisheroffersdiscountsonthisbookwhenorderedin
quantityforbulkpurchasesandspecialsales.Formore
information,pleasecontact:
U.S.CorporateandGovernmentSales
(800)382-3419
ForsalesoutsideoftheU.S.,pleasecontact:
InternationalSales
(317)581-3793
VisitAddison-WesleyontheWeb:www.awprofessional.com
LibraryofCongressCataloging-in-PublicationDataisavailable.
Copyright©2003bySunMicrosystems,Inc.
150NetworkCircle,SantaClara,California95054,U.S.A.
Allrightsreserved.
Duke™designedbyJoePalrang
Sun,SunMicrosystems,SunMicrosystemsComputer
Corporation,theSunlogo,theSunMicrosystemsComputer
Corporationlogo,Java,JavaSoft,JavaSoftware,JavaScript,
JavaAuthenticationandAuthorizationService,JAAS,Java
CryptographyExtension,JCE,JavaGSS-API,JavaSecure
SocketExtension,JSSE,JavaIDL,JavaPlug-in,JavaRemote
MethodInvocation,JavaRMI,JavaWebStart,EmbeddedJava,
PersonalJava,JVM,JavaOS,J2EE,J2ME,J2SE,JDK,andJ2SDK
aretrademarksorregisteredtrademarksofSunMicrosystems,
Inc.UNIX®isaregisteredtrademarkintheUnitedStatesand
othercountries,exclusivelylicensedthroughX/OpenCompany,
Ltd.Allotherproductnamesmentionedhereinarethe
trademarksoftheirrespectiveowners.
SunMicrosystems,Inc.hasintellectualpropertyrightsrelating
totechnologydescribedinthispublication.Inparticular,and
withoutlimitation,theseintellectualpropertyrightsmayinclude
oneormoreoftheU.S.patentslistedat
andoneormoreadditional
patentsorpendingpatentapplicationsintheU.S.andother
countries.
THISPUBLICATIONISPROVIDED"ASIS"WITHOUTWARRANTY
OFANYKIND,EITHEREXPRESSORIMPLIED,INCLUDING,BUT
NOTLIMITEDTO,THEIMPLIEDWARRANTIESOF
MERCHANTABILITY,FITNESSFORAPARTICULARPURPOSE,OR
NON-INFRINGEMENT.
THISPUBLICATIONCOULDINCLUDETECHNICAL
INACCURACIESORTYPOGRAPHICALERRORS.CHANGESARE
PERIODICALLYADDEDTOTHEINFORMATIONHEREIN;THESE
CHANGESWILLBEINCORPORATEDINNEWEDITIONSOFTHE
PUBLICATION.SUNMICROSYSTEMS,INC.MAYMAKE
IMPROVEMENTSAND/ORCHANGESINTHEPRODUCT(S)
AND/ORTHEPROGRAM(S)DESCRIBEDINTHISPUBLICATION
ATANYTIME.
Allrightsreserved.Nopartofthispublicationmaybe
reproduced,storedinaretrievalsystem,ortransmitted,inany
form,orbyanymeans,electronic,mechanical,photocopying,
recording,orotherwise,withoutthepriorconsentofthe
publisher.PrintedintheUnitedStatesofAmerica.Published
simultaneouslyinCanada.
Forinformationonobtainingpermissionforuseofmaterialfrom
thiswork,pleasesubmitawrittenrequestto:
PearsonEducation,Inc.
RightsandContractsDepartment
75ArlingtonStreet,Suite300
Boston,MA02116
Fax:(617)848-7047
Textprintedonrecycledpaper
12345678910CRS0706050403
Firstprinting,May2003
Dedication
ToRogerNeedham,19352003
Mysupervisor,mentor,colleague,andfriend
LiGong
ToSAM
GaryEllison
Tomyhusband,TomWills
MaryDageforde
TheJava™Series
LisaFriendly,SeriesEditor
TimLindholm,TechnicalEditor
KenArnold,TechnicalEditorofTheJini™TechnologySeries
JimInscore,TechnicalEditorofTheJava™Series,Enterprise
Edition
EricArmstrong,StephanieBodoff,DebbieCarson,Maydene
Fisher,DaleGreen,KimHaase
TheJava™WebServicesTutorial
KenArnold,JamesGosling,DavidHolmes
TheJava™ProgrammingLanguage,ThirdEdition
JoshuaBloch
EffectiveJava™ProgrammingLanguageGuide
MaryCampione,KathyWalrath,AlisonHuml
TheJava™Tutorial,ThirdEdition:AShortCourseontheBasics
MaryCampione,KathyWalrath,AlisonHuml,TutorialTeam
TheJava™TutorialContinued:TheRestoftheJDK™
PatrickChan
TheJava™DevelopersAlmanac1.4,Volume1
PatrickChan
TheJava™DevelopersAlmanac1.4,Volume2
PatrickChan,RosannaLee
TheJava™ClassLibraries,SecondEdition,Volume2:
java.applet,java.awt,java.beans
PatrickChan,RosannaLee,DougKramer
TheJava™ClassLibraries,SecondEdition,Volume1:java.io,
java.lang,java.math,java.net,java.text,java.util
PatrickChan,RosannaLee,DougKramer
TheJava™ClassLibraries,SecondEdition,Volume1:
SupplementfortheJava™2Platform,StandardEdition,v1.2
KirkChen,LiGong
ProgrammingOpenServiceGatewayswithJava™Embedded
Server
ZhiqunChen
JavaCard™TechnologyforSmartCards:Architectureand
Programmer'sGuide
MaydeneFisher,JonEllis,JonathanBruce
JDBC™APITutorialandReference,ThirdEdition
LiGong,GaryEllison,MaryDageforde
InsideJava™2PlatformSecurity,SecondEdition:Architecture,
APIDesign,andImplementation
JamesGosling,BillJoy,GuySteele,GiladBracha
TheJava™LanguageSpecification,SecondEdition
DougLea
ConcurrentProgramminginJava™,SecondEdition:Design
PrinciplesandPatterns
RosannaLee,ScottSeligman
JNDIAPITutorialandReference:BuildingDirectory-Enabled
Java™Applications
ShengLiang
TheJava™NativeInterface:Programmer'sGuideand
Specification
TimLindholm,FrankYellin
TheJava™VirtualMachineSpecification,SecondEdition
RogerRiggs,AnteroTaivalsaari,MarkVandenBrink
ProgrammingWirelessDeviceswiththeJava™2Platform,Micro
Edition
HenrySowizral,KevinRushforth,MichaelDeering
TheJava3D™APISpecification,SecondEdition
SunMicrosystems,Inc.
Java™LookandFeelDesignGuidelines:AdvancedTopics
KathyWalrath,MaryCampione
TheJFCSwingTutorial:AGuidetoConstructingGUIs
SethWhite,MaydeneFisher,RickCattell,GrahamHamilton,
MarkHapner
JDBC™APITutorialandReference,SecondEdition:Universal
DataAccessfortheJava™2Platform
SteveWilson,JeffKesselman
Java™PlatformPerformance:StrategiesandTactics
TheJini™TechnologySeries
EricFreeman,SusanneHupfer,KenArnold
JavaSpaces™Principles,Patterns,andPractice
TheJava™Series,EnterpriseEdition
StephanieBodoff,DaleGreen,KimHaase,EricJendrock,
MonicaPawlan,BethStearns
TheJ2EE™Tutorial
RickCattell,JimInscore,EnterprisePartners
J2EE™TechnologyinPractice:BuildingBusinessApplications
withtheJava™2Platform,EnterpriseEdition
MarkHapner,RichBurridge,RahulSharma,JosephFialli,Kim
Haase
Java™MessageServiceAPITutorialandReference:Messaging
fortheJ2EE™Platform
InderjeetSingh,BethStearns,MarkJohnson,EnterpriseTeam
DesigningEnterpriseApplicationswiththeJava™2Platform,
EnterpriseEdition
VladaMatena,SanjeevKrishnan,BethStearns
ApplyingEnterpriseJavaBeans™2.1,SecondEdition:
Component-BasedDevelopmentfortheJ2EE™Platform
BillShannon,MarkHapner,VladaMatena,JamesDavidson,
EduardoPelegri-Llopart,LarryCable,EnterpriseTeam
Java™2Platform,EnterpriseEdition:PlatformandComponent
Specifications
RahulSharma,BethStearns,TonyNg
J2EE™ConnectorArchitectureandEnterpriseApplication
Integration
Preface
Inventingisacombinationofbrainsandmaterials.The
morebrainsyouuse,thelessmaterialyouneed.
CharlesKettering
Thephrases"computersecurity,""networksecurity,"and
"informationsecurity"conjureupvariousnotionsandprecepts
toagivenaudience.Somepeopletendtoenvisiontechnical
measures,suchascryptography,asthesolemeansbywhich
securityisattained.Otherpeoplerecognizethelimitationsof
varioustechnicalmeasuresandtreatthemastoolsthat,when
usedincombinationwithothertechnicalmeasures,can
accomplishthetaskathand.Thedistinctionissubtlebut
important.Thephrase"platformsecurity"reflectsaholisticview
ofsecurity,suggestingthatthefoundationissecureandcanbe
reliedonasisorusedasasecuresubsystemtoleveragewhen
buildinglargersystems.Buildingasecureplatformisavery
difficultandexactingtaskthathistoricallyhasbeen
accomplishedonlywhensecurityisadesignrequirementthatis
takenintoconsiderationattheonset.Theideathatsecuritycan
be"boltedon"hasprovedfrailandwroughtwithfailuremodes,
whichhasledtoamulititudeofsecuritybreaches.
Javatechnologyispossiblytheonlygeneral-purposesecure
computingplatformtobecomecommerciallysuccessful.This
wouldneverhavehappenedhadthedesignersnottaken
securityseriouslyfromthestart.ThesecuritypropertiesofJava
technologyaremany,andtheJavaplatformbuildsonitselfto
createareliableandsecureplatform.TheJava2securitymodel
wouldbeimpossibletomaketrustworthyifitwerenotforthe
safetynetprovidedbytheJavalanguageitself.TheJava
languagespecifiesthesemanticstoensuretypesafetyand
referentialintegrityandyetwouldfailmiserablyifitwerenot
fortheenforcementandassurancestheJavavirtualmachine
provides.Thus,fromthesevarioussecuresubsystems,wehave
createdagreaterwhole.
Thetargetaudienceofthisbookisvaried.Webelievethisbook
willbeausefulresourcetothoseseekingageneral
understandingofthesecurityfoundationtheJava2security
architectureprovidesandrelieson.Thebookshouldalsoprove
particularilyusefultosoftwarepractitionersbuildingenterpriseclassapplicationsthatmustmeetvariedsecurityrequirements,
rangingfromauthenticationtoauthorizationtoinformation
protection.Thisbookprovidesinsightintosomeofthedesign
trade-offswemadeaswedevelopedtheplatformandthe
lessonswehavelearnedaswecontinuetoevolveandenhance
theplatform.Weprovideguidancetothoseneedingto
customizethesecuritymodelfortheirspecificpurposes.We
describetheinflectionpointswedesignedintotheplatformto
accommodatethoserarebutcriticalcustomizations.Mostofthe
aforementionedtopicsaretargetedtosystemdevelopers,yet
werecognizethatsecurityisnotlimitedtotheimplementation
ofanapplication.Equallyimportantisthedeploymentofthe
application.Fordeployers,wesupplydescriptionsrangingfrom
expressingsecuritypolicytohardeningtheinstallationofthe
runtimeenvironment.
ThisbookdoesnotexplaintoanylevelofdetailtheJava
programminglanguage.WerecommendthebookbyArnoldand
Gosling[3]asagoodstartingpoint.Also,wedonotcoverthe
varioussecurityAPIsintheirentirety,andthuswereferthe
readertotheJava2SDKdocumentation.
HowThisBookIsOrganized
Thetextofthisbookisorganizedtocatertoitsvarious
audiences.Thefirsttwochapterssupplybackground
informationprovidingthebasisformorespecifictopicscovered
insubsequentchapters.Thereaderneednotbeproficientinthe
Javalanguagetounderstandtheseintroductorychapters.
Chapters3through6describetheJava2securityarchitecture,
startingwithgeneralconceptsandendingwithcomprehensive
coverageofsecuritypolicyenforcement.Chapters7through11
aretargetedtowardtheenterpriseapplicationdeveloper,
coveringtopicsrangingfromtrustestablishmentto
cryptographyandnetworksecurity.Forthesechapters,Java
languageproficiencyisassumed.Chapter12isdirectlytargeted
towarddeployers,whoshouldalsoreadChapter8foradditional
detailsabouttrustestablishment.Itisourbeliefthatdeployers
neednotbeproficientintheJavalanguageandthattheycan
ignorethesectionsofChapter8describingAPIs.
Thecontentofeachchapterofthisbookisasfollows:
Chapter1:Ageneralbackgroundoncomputer,network,
andinformationsecurity
Chapter2:AreviewoftheJavasecuritymodels,starting
withtheoriginalsandboxandprogressingtothefinegrainedaccesscontrolmodel
Chapter3:Anin-depthlookattheJava2security
architecture,whichispolicydrivenandcapableof
enforcingfine-grainedaccesscontrols
Chapter4:Detailedcoverageofclassloading,includinga
descriptionoftheclassloaderinheritancehierarchyand
theruntimedelegationhierarchy
Chapter5:Anexplanationofthesecurityclassesthat
supplythefoundationfortheenforcementofsecurity
policyatruntime
Chapter6:Thoroughcoverageofthepolicyenforcement
classesandthedesignoftheJava2securityarchitecture
accesscontrolalgorithm
Chapter7:Anexplanationofthecustomizationpoints
providedforsystemsprogrammerswhoneedtoenhance
thecoresecurityarchitecture
Chapter8:Anoutlineofthetrustestablishment
capabilitiesandmechanismssuppliedbythesecurity
architecture
Chapter9:Apresentationofcommonpitfallsand
defensiveprogrammingstrategies
Chapter10:Comprehensivecoverageofthe
cryptography-relatedAPIs
Chapter11:AnoperationaloverviewoftheAPIsusedto
securenetworkprotocols,includingthosefor
authentication,confidentiality,andintegrityprotection
Chapter12:Apresentationofthedeploymentoptions
thatmaybeusedtosecurelydeploytheJavaruntimeand
Javatechnology-basedapplications
Chapter13:AlookatthevariousJavatechnology
platformsandaglancetowardthefutureofJavasecurity
Acknowledgments
ThisprojectbeganasacasualconversationbetweenLiGong
andmeatthe2001JavaOneconferenceinSanFrancisco.Prior
tothatconversation,Lihadtransitionedfromtheroleofchief
securityarchitectfortheJava2securitydevelopmentprojectto
leadingProjectJXTA,whereasIhadtransitionedintothelead
securityarchitectrolefortheJava2developmentteamnear
theendofthepriormillennium.ImentionedtoLithatthe
securityarchitecturehadevolvedtothepointthatthefirst
editionwasnolongercurrentandthusnotanauthoritative
text.
Nearlytwoyearslater,theresultsofthatconversationhave
cometofruition,andIcanconfidentlystatethatwehavecome
alongwaytoreachourgoalofproducingabookthat
thoroughlyandaccuratelydescribestheJava2security
architecture.Thisclearlywouldnothavebeenpossiblewithout
Li'ssupport,andIamgratefulforhavinghadtheopportunityto
workwithLiinthepastandespeciallyonthisproject.
Thisbookwouldprobablybestuckinthestartingblocksifit
werenotfortheguidanceandgentlenudgingofLisaFriendly,
ManagerofSoftwareTechnicalPublicationsatSun
Microsystems.Lisarecognizedearlyonthatmycommitmentto
theprojectwasabsolutebutthatmycopiousfreetime,which
wasallottedtothiseffort,fellbetweenthehoursof10P.M.and
2A.M.LisaquicklysolvedthisproblembyengagingMary
Dagefordeastechnicaleditor.Iamforevergrateful.Notonlyis
Maryanexcellenttechnicalwriterandeditorwhoendedup
writingenoughtogetcoauthorbilling,butshecancodetoo!
Marytrulymadethisprojecthappenwithherdrive,dedication,
andthoroughness.IcannotsayenoughaboutMary,soIwill
keepitbrief.Thankyou,Mary.
TimLindholmwasalsoanearlyinspiration,andIappreciatehis
supportinhelpingmekeepthingsinperspective.Ialsowantto
acknowledgethesupportofmymanagementLarryAbrahams,
MaxineErlund,SharonLiu,andStephenPelletierwho
understoodhowimportantthisprojectwastome.
MypeersintheJavasecuritydevelopmentteamparticipatedin
thispublicationinmanyways,andIwishtoacknowledgethem
fortheircontentcontributions,insights,patience,camaraderie,
constructivecriticism,andmostofalltheirfriendship.Thank
you,AlanBateman,Jean-ChristopheCollet,JayaHangal,
CharlieLai,RosannaLee,JanLuehe,SeemaMalkani,Ram
Marti,MichaelMcMahon,SeanMullan,JeffNisewanger,YuChingPeng,ChokPoh,VincentRyan,ScottSeligman,Andreas
Sterbenz,MayankUpadhyay,YingxianWang,andBrad
Wetmore.
Beingapartoftheteamthatcreatedsomethingthathashad
suchasignificantimpactoncomputingisanhonornotshared
bymany.ThesuccessofJavaisobviouslyaresultofthehigh
caliberofpeoplewhomadeitareality.Ihavehadtheluxuryof
workingalongsidemanytalentedpeople,andIexpresslywant
tothankLarsBak,JoshBloch,GiladBracha,ZhiqunChen,
SteffenGarup,JamesGosling,GrahamHamilton,MarkHapner,
StanleyHo,PeterJones,PeterKessler,TimLindholm,Ron
Monzillo,HansMuller,HemmaPrafullchandra,MarkReinhold,
ReneSchmidt,BillShannon,BobScheifler,JimWaldo,andAnn
Wollrathforthegreatexperience,mentoring,andtechnical
challenges.
Fewpeoplerealizetheexistenceandcloseworkingrelationship
theJavasecuritydevelopmentteamatSunMicrosystems
maintainswithourpeersinotherorganizations.Ispecifically
wishtoacknowledgetheteamatIBM,includingLarryKoved,
MarcoPistoia,TonyNadalin,andBruceRich,whohavebeen
instrumentalinenhancingthefeaturesetoftheJava2security
architecture.
Asnewtechnologiesemerge,wehaveworkedcloselywith
securityresearcherswithinSunLabstointegrateandproductize
theiroutput.IwishtoacknowledgeAnneAnderson,Whitfield
Diffie,SteveHanna,SusanLandau,andRadiaPerlmanfor
passingalongbest-in-breedsecuritytechnology.
Ialsowanttothankthemanyreviewersofthistextand
specificallyrecognizeGiladBracha,MattCurtin,JamesHoburg,
PeterJones,CharlieLai,BrianLarkins,RosannaLee,JohnLinn,
RamMarti,DougMonroe,SeanMullan,ShivaramMysore,
VincentRyan,BobScheifler,AndreasSterbenz,BradWetmore,
andPhilYeaterforthefeedbacktheyprovided.Ialsowishto
recognizePeterJonesandShivaramMysorefortheircontent
contributions.
ThanksalsotoAlanSommerer,theSunMicrosystemsManager
ofTechnicalPublicationsfortheJavaplatform,forhishelpin
usheringthisbooktopublication.
Finally,Iwanttoexpressmygratitudetotheproductionteam.I
thankthecopyeditor,EvelynPyle,andtheproductionfolksat
Addison-Wesleyfortheirsupportandeffortingettingthisbook
offmylaptopandintoprint.ThankstoMarcyBarnes,Jacquelyn
Doucette,AmyFleischer,JohnFuller,MikeHendrickson,Michael
Mullen,andAnnSellers.Also,IwanttoacknowledgeMary
DarbyandAmyGirardfromDuarteDesignfortheirinnate
abilitytotakemygraphicallychallengedimagesandturnthem
intoathousandwords.
GaryEllison
SanMateo,California
March2003
IamgratefultoallpastandcurrentmembersoftheJava
SecurityandNetworkinggroupatSun,aswellascontributors
fromallovertheworld,whocontinuetostrengthenJava's
positionasthepremiercomputingplatformintheseareas.Iam
indebttoGaryEllisonandMaryDagefordefortheirtremendous
effortinproducingthissecondeditionwhichsignificantly
expandsthecoverageofthefirst.
LiGong
Beijing,China
IthasbeenapleasureworkingwithGaryEllisononthisbook.I
thankhimforhisvision,dedication,encouragement,feedback,
enormouseffortinthefaceofmultiplecompeting
responsibilities,andsenseofhumor.Ithasalsobeenmygood
fortunetoworkwithLiGongandmembersofthetop-notch
JavaSecurityandNetworkingteamatSunatvarioustimes
throughoutthepastseveralyears.Ithankthemall.Thanksalso
toLisaFriendlyofSunandMikeHendricksonofAddison-Wesley
fortheirsupportandtheirrolesinfacilitatingpublicationofthis
book.Finally,Iwouldliketothankthecopyeditor,thegraphics
designers,andtheveryhelpfulproductionfolksatAddisonWesley.
MaryDageforde
SantaClara,California
AbouttheAuthors
LiGongisManagingDirectorofSunMicrosystems'Engineering
andResearchInstituteinBeijing,China.PreviouslyatSun,he
wasengineeringheadofJavaSecurityandNetworking,Java
EmbeddedServers,andJXTA.HeobtainedB.S.andM.S.
degreesfromTsinghuaUniversity,Beijing,andaPh.D.fromthe
UniversityofCambridge.HeisAssociateEditor-in-ChiefofIEEE
InternetComputing.
GaryEllisonisaSeniorStaffEngineeratSunMicrosystems,
wherehedesignssecurenetworkcomputingplatforms.His
primaryroleisfocusedonaspectsoftrust,security,and
privacy.From1999through2002,heledthearchitecture,
design,andimplementationofthesecurityandnetworking
componentsintheJava2Platform,StandardEdition.Heholds
aB.Sc.inMathematicsandPhysicalSciencefromTheOhio
StateUniversity.
MaryDagefordeisafreelanceconsultantwhowritessoftware
documentationforvariousSiliconValleycomputercompanies,
includingSunMicrosystems.ShehasanM.S.inComputer
SciencefromStanfordUniversityandasoftwaredesignand
developmentbackgroundencompassingcompilerand
interpreterimplementation,languagedesign,anddatabase
management.Since1990,shehasconcentratedon
documentingAPIs,languages,tools,andsystems.Shewrote
theSecuritytrailofTheJava™TutorialContinued(AddisonWesley,1999).