Table of Contents
1 Introduction
- 1.1 The Original
Sandbox Model
- 1.2 Evolving the
Sandbox Model
2 New Protection
Mechanisms -- Overview of Basic Concepts
3 Permissions and
Security Policy
- 3.1 The Permission
Classes
- 3.1.1 java.security.Permission
- 3.1.2 java.security.PermissionCollection
- 3.1.3 java.security.Permissions
- 3.1.4 java.security.UnresolvedPermission
- 3.1.5 java.io.FilePermission
- 3.1.6 java.net.SocketPermission
- 3.1.7 java.security.BasicPermission
- 3.1.8 java.util.PropertyPermission
- 3.1.9 java.lang.RuntimePermission
- 3.1.10 java.awt.AWTPermission
- 3.1.11 java.net.NetPermission
- 3.1.12 java.lang.reflect.ReflectPermission
- 3.1.13 java.io.SerializablePermission
- 3.1.14 java.security.SecurityPermission
- 3.1.15 java.security.AllPermission
- 3.1.16 javax.security.auth.AuthPermission
- 3.1.17 Discussion of
Permission Implications
- 3.1.18 How To Create
New Types of Permissions
- 3.2 java.security.CodeSource
- 3.3 java.security.Policy
- 3.3.1 Policy File
Format
- 3.3.2 Property
Expansion in Policy Files
- 3.3.3 General
Expansion in Policy Files
- 3.3.4 Assigning
Permissions
- 3.3.5 Default System
and User Policy Files
- 3.3.6 Customizing
Policy Evaluation
- 3.4 java.security.GeneralSecurityException
4 Access Control
Mechanisms and Algorithms
- 4.1 java.security.ProtectionDomain
- 4.2 java.security.AccessController
- 4.2.1 Algorithm for
Checking Permissions
- 4.2.2 Handling
Privileges
- 4.3 Inheritence of
Access Control Context
- 4.4 java.security.AccessControlContext
5 Secure Class
Loading
- 5.1 Class Loader
Class Hierarchies
- 5.2 The Primordial
Class Loader
- 5.3 Class Loader
Delegation
- 5.4 Class Resolution
Algorithm
6 Security
Management
- 6.1 Managing Applets
and Applications
- 6.2 SecurityManager
versus AccessController
- 6.3 Auxiliary
Tools
- 6.3.1 The Key and
Certificate Management Tool
- 6.3.2 PolicyTool
- 6.3.3 The JAR
Signing and Verification Tool
7 GuardedObject and
SignedObject
- 7.1 java.security.GuardedObject and
java.security.Guard
- 7.2 java.security.SignedObject
8 Discussion and
Future Directions
- 8.1 Resource
Consumption Management
- 8.2 Arbitrary
Grouping of Permissions
- 8.3 Object-Level
Protection
- 8.4 Subdividing
Protection Domains
- 8.5 Running Applets
with Signed Content
9 Summary
10 Acknowledgments
11 References
12 Revision
History
CONTENTS | PREV | NEXT
Copyright ©
1997-2002 Sun Microsystems, Inc. All Rights Reserved.