Start of Tutorial > Start of Trail > Start of Lesson | Search |
The Java Security API is designed to allow developers to incorporate both low-level and high-level security into their Java applications. The first release of Java Security in JDK 1.1 contains a subset of this functionality, including an API for digital signatures and message digests. In addition, JDK 1.1 contains abstract interfaces for key management, certificate management, and access control. API to support specific certificate formats and richer functionality in the area of access control will follow in subsequent JDK releases.JDK 1.1 provides a tool that can sign Java ARchive (JAR) files. The JDK Applet Viewer allows any downloaded applets in JAR files signed (using the tool) by a trusted entity to run with the same full rights as local applications. That is, such applets are not subject to the "sandbox" restrictions of the original Java security model. Later releases will provide more sophisticated security policies, including greater granularity in the allowable trust levels.
Start of Tutorial > Start of Trail > Start of Lesson | Search |