Start of Tutorial > Start of Trail > Start of Lesson |
Search
Feedback Form |
This release introduces three new major security enhancements:
- Policy-based, easily-configurable, fine-grained access control.
When code is loaded, it is assigned "permissions" based on the security policy currently in effect. Each permission specifies a permitted access to a particular resource (such as "read" and "write" access to a specified file or directory, "connect" access to a given host and port, etc.). The policy, specifying which permissions are available for code from various signers/locations, can be initialized from an external configurable policy file. Unless a permission is explicitly granted to code, it cannot access the resource that is guarded by that permission. These new concepts of permission and policy enable the JDK to offer fine-grain, highly configurable, flexible, and extensible access control. Such access control can now not only be specified for applets, but also for all Java code, including applications, Beans, and servlets.
- Certificates
JDK 1.1 includes certificate interfaces for parsing and managing certificates and X.509 v3 implementation of the certificate interfaces.
- Three new tools
keytool
is used to create public/private keys; to display, import, and export certificates; and to generate X.509 v1 self-signed certificates.
jarsigner
signs JAR (Java Archive Format) files, and verifies the signature(s) of signed JAR files.
policytool
creates and modifies the external policy configuration files that define your installation's Java security policy.
Start of Tutorial > Start of Trail > Start of Lesson |
Search
Feedback Form |
Copyright 1995-2002 Sun Microsystems, Inc. All rights reserved.