punctuation 0-9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z (all)
©1996-2012 Roedy Green, Canadian Mind Products
punctuation 0-9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z (all)
©1996-2012 Roedy Green, Canadian Mind ProductsJava has features to prevent Applets downloaded off the web from doing any deliberate damage. It also has features to prevent ordinary applications from inadvertently doing damage. One other aspect of security are digital signatures so that you can ensure an Applet came unmodified from a reputable source.
There are many digital signing and encryption protocols. Here is a summary based on a table on page 218 of Web Security & Commerce.
 |
recommend book⇒Web Security, Privacy and Commerce, second edition | |||
| by: | Simson Garfinkel | 978-0-596-00045-5 | paperback | |
|---|---|---|---|---|
| publisher: | O’Reilly  |
978-1-4493-0524-6 | ebook | |
| published: | 2002-01-15 | B004V9MQZS | kindle | |
| Good for overview, not practical detail. The shark book. | ||||
| Greyed out stores probably do not have the item in stock | ||||
| System | What is it? | Algorithms | Provides |
|---|---|---|---|
| DNSSEC | Secure Domain Name System | RSA (Rivest, Shamir and Adelman), MD5 (Message Digest algorithm 5) | Authentication, integrity |
| IPsec and IPv6 (Internet Protocol Version 6) | Low-level protocol for encrypting IP (Internet Protocol) packets | Diffie-Hellman and others | Confidentiality (optional), authentication, integrity |
| JCE | (Java Cryptography Extension) API (Application Programming Interface) from Sun | RSA (signature and encryption), RC2, RC5, SHA-0, SHA-1 (Secure Hash Algorithm 1), MD5, DES (Data Encryption Standard), ECB (Electronic Codebook mode), CBC (Cipher Block Chaining mode), IDEA, Blowfish, Twofish. | Allows Java to encrypt and sign files |
| Kerberos | Network security service for securing higher-level applications | DES | Email passwords, Telnet logins, Confidentiality, authentication |
| PCT (Private Communication Technology) | Protocol for encrypting TCP (Transmission Control Protocol), IP transmissions. | RSA, MDS, RCZ, RC4, and others | Confidentiality, authentication, integrity, nonrepudiation |
| PGP (Pretty Good Privacy) | Application program for encrypting electronic mail | IDEA, RSA, MD5 | Email signing and encryption, File encryption, Confidentiality, authentication, integrity, nonrepudiation |
| S-HTTP | Protocol for encrypting HTTP (Hypertext Transfer Protocol) requests and responses | RSA, DES, and others | Confidentiality, authentication, integrity, nonrepudiation; however, it’s obsolete |
| S/MIME (Secure Multipurpose Internet Mail Exchange) | Format for encrypting electronic mail | User-specified | E-mail signing and encryption, Confidentiality, authentication, integrity, nonrepudiation |
| SET and CyberCash | Protocols for sending secure payment instructions over the Internet | RSA, MDS, RC2 | Confidentiality of credit card numbers, but nothing else; integrity of entire message; authentication of buyer and seller; nonrepudiation of transactions |
| SSH (Secure Shell) | Encrypted remote terminal | RSA, Diffie-Hellman, DES, Triple-DES, Blowfish, and others | Telnet encryption and login, Confidentiality, authentication |
| SSL (Secure Sockets Layer) v3 | Protocol for encrypting TCP/IP (Transmission Control Protocol/Internet Protocol) transmissions | RSA, RCZ, RC4, MD5, and others | Website commerce, compression, Confidentiality, authentication, integrity, nonrepudiation |
| TLS (Transport Layer Security) 1 | Protocol for encrypting TCP/IP transmissions | a 128-bit improvement on SSL v3. Handles all the SSL v3 protocols including RSA, RCZ, RC4 and MD5. | Opera browser, Website commerce, compression, Confidentiality, authentication, integrity, nonrepudiation |
| Asymmetric Key | Uses private and public keys for encryption and signing | RSA, DSA (Digital Signature Algorithm) and DiffieHellman | Code signing, encryption, authentication. DSA is the DSA, not used for encryption. |
| Symmetric Key | Uses only secret keys for encryption. | DES, Blowfish, TripleDES | encryption, authentication. Same key used for encryption must be used for decryption. |
Your Java security is only as good as the OS (Operating System) security backing it up. These two websites will probe your OS for security holes and report them back to you. www.DSLREPORTS.com (pay) and grc.com (free). When I ran the GRC (Gibson Research Corporation) ’s report my hair stood on end about all the information NT was blabbing to the universe without my permission.
Windows NT/2000 has over 1000 known security holes. There are ways of plugging some of them. Stat is a tool for managing this giant piece of Swiss cheese.
 |
You can get the freshest copy of this page from: | or possibly from your local J: drive (Java virtual drive/mindprod.com website mirror) |
| http://mindprod.com/jgloss/security.html | J:\mindprod\jgloss\security.html | |
 | Please email your feedback for publication,
letters to the editor, errors, omissions, typos, formatting errors, ambiguities, unclear wording,
broken/redirected link reports, suggestions to improve this page or comments to
Roedy Green :
 .
If you want your message, your name or email kept confidential, not considered for public posting, please explicitly specify that.
Unless you state otherwise, I will treat your message as a letter to the editor that I may or may not publish in the feedback section. After that, it will be too late to retract it.
If you disagree with something I said, please quote it and cite the web page where you found it, tell me why you think it is wrong,
and, if possible, provide some supporting evidence. Threatening to kill me or spouting obscenities has yet to persuade me to change my mind. | |
| Canadian Mind Products | ||
| mindprod.com IP:[65.110.21.43] | ||
| view Blog | Your face IP:[38.107.179.212] | |
| Feedback | You are visitor number 17,990. | |
O’Reilly Safari