Basic: fully protect your Java program Security (II)

Basic: fully protect your Java program Security (II)-Linux general technology-Linux programming and kernel information. The following is a detailed description. Part 3: creating safer network programs
Introduction: to create a secure network program, you need to consider many things other than technology. In addition to the Virtual Machine security and application security mentioned above, a security solution also relies on your understanding of the network environment and the use skills of program users (including those who are tested. In the third part, the last part of the discussion, Todd Sundsted, explores these issues and finally provides solutions.

In this security series, I encourage you to examine JAVA security issues from three different aspects. In the first two articles, I mainly focused on Virtual Machine and application security. This month, I will discuss the last part-"Network Security ".
Is Network Security responsible for the security of communication channels between interconnected entities ?? Each entity confirms identity authentication from the other party and Information Authenticity based on the communication pipeline.
Creating secure network programs faces many challenges. Developers are often confused about topics that constitute modern security technologies (such as encryption systems. In addition, are some key standards and technologies still not transparent ?? For example, X.509 certification standard. Today, network security is still a problem because the roles of network media are hard to understand.
Let's take a look at the following inference: in our daily communication, communication between the two parties is conducted through various media, such as light and sound. We use this information to determine the identities of others and identify the quality of communication channels. Even though we communicate over the phone, we can identify information by the tone, speed, voice, and other nuances of the other party at the end of the phone, without having to talk to the other party about the conversation.
Communication Based on media such as the Internet can only provide a small number of clues. Imagine that you and your companions are talking in a conversation tank in two rooms. As you can imagine, poor signal quality annihilates the clues that we use to make judgments. Program communication on the Internet or other networks is similar.
The content of network security includes identity verification on anonymous pipelines to prevent communication information from being eavesdropped and accidentally or maliciously modified.
I 've been extensively involved in tools and techniques for enhancing Secure Communication (see http://www.javaworld.com/javawor... owto.html # resources ). Here I will discuss more about what we should consider when designing and completing a network security solution.

Understand what you want to protect:
To design a security solution, you must first understand the requirements. Using the Internet for financial transactions is obviously more secure than downloading the WEB page of last week's sports points. When selecting a technology and starting design, you should consider the following aspects:
• Security design increases the complexity of product design and implementation, as well as the complexity of installation and configuration, as well as for end users. Although security is worthwhile, complexity is not what users need. How are you going to complicate your security design?
• Security processing, especially encryption and decryption, is often CPU-intensive. Most desktop and server systems have strong horsepower, but those devices that lack resources, such as cellular mobile phones and PDAs, often lack this capability. Can your target platform handle such loads?
• Security design also increases the amount of program code. Although this is not a serious problem on the desktop and server computers, in embedded systems, this will involve some interests, especially those for the JAVA2 Platform, for applications built with Micro Edition (j2s), can you handle the load in this case?
For example, the first version of the mobile information device framework (MIDP) is missing SSL (Secure Sockets Layer) support ?? What are the core components of end-to-end WEB solutions ?? The main reason is that for mobile devices, SSL is too heavy. To solve this problem, Vipul Gupta of SUN Microsystem lab built an implementation compatible with the SSL standard for j2s. This result shows that small devices can achieve acceptable SSL performance. Gupta achieved this goal because it only supports the most popular cipher suite, and the rest have been reduced to meet the requirements of small devices. Of course, this implementation lacks client verification required by the server (a very consumable client component), and it repeatedly uses RSA (Rivest-Shamir-Adleman) computing through multiple connections to the server. You can look at the url: http://www.javaworld.com/javawor... owto.html # resources, you can find more information.

Use appropriate technologies:
It seems unnecessary to choose a suitable technology to implement a network security solution. This option will affect the life and quality of security. JDK provides a large number of security API functions. The following table will help you select the appropriate technology for your solution.
• Verification and digital signature: JAVA. security)
• Encryption/decryption and message verification code: JAVA Password System Extension (javax. crypto)
• X.509 verification: JAVA cryptographic system (java. security. cert)
• Pluggable authentication and authorization: JAVA authentication and authorization Service (javax. security. auth)
The JSK1.4 test version includes:
• Kerberos: GSS (General Security Service) API (org. ietf. jgss)
• Certificate path validation: Certificate Path Validation API (java. security. cert)
These standard APIs handle a large number of security-related WEB programs and enterprise integration tasks.

Understanding Network:
It is obviously unwise to design a network security solution without considering the network. The system running the program and the network based on it will be fully considered in the solution design.
Imagine this scenario: You have created a program running on the security network. If the network is indeed secure ?? This means that the network is physically protected and users are trustworthy and carefully authorized ?? In this case, you can focus as little as possible on the security of your program. However, in most cases, the network is not as secure as imagined, and developers often fail to develop security systems, because systems without security mechanisms are much harder to create than those with security mechanisms. However, this method is proven in some cases. For example, if multiple programs are run in a cluster system and communicate with each other for load balancing, there is enough reason to make the cluster A safe whole, instead of the program itself.
More practically, protecting your program typically means evaluating the security of the machine running the program, the security of the machine installation environment, and the network, including access points.
It is important to verify the access point. For malicious attacks against programs, we can also set a "trap" to provide such an entrance. This access point is a dormant sniffer, the sniffing activity provides a window (sniffer is a piece of code used to listen for network communication information ). Information collected through sniffer can be provided to the entry of the program.
Understand Valid users and misuse:
Remember that the so-called security solutions are always built around people. Therefore, you must understand the capabilities and technologies of program users and malicious users. Those "abusive" are usually more sophisticated than normal users, and they make things more complex.
When designing your program security solution, you must consider the skill levels of those users. For example, if your users insist on keeping their passwords on paper and hitting them on the monitor, you do not have to develop a powerful password-based security system. As most people say, in general, the best security is to spend budget for training.
For abuse, things are different. These people often have more technical talent and are more motivated, which requires stronger technical protection, instant upgrade patch packages, and alert.

Full Control of JAVA security:
Without powerful network security, your programs and data will be unstable. What are the other two parts I have talked about ?? Virtual Machine security and application security ?? Together with network security, JAVA provides a comprehensive security picture. To build a secure JAVA program, you must fully understand the above three aspects.