Java Security by Scott Oaks. This book focuses on using the security mechanisms of Java 2 (aka Java 1.2). Scott Oakes' Java Security is extraordinary both for its technical depth and its readability. It provides the Java programmer with a complete overview of the Java security architecture and security classes, plus a wealth of detailed information and code examples for specific implementations. The book opens with a clear discussion of what Java security is, how the various Java sandbox models work, and how Java applications and applets execute within the security model. The following chapters look in depth at the elements of the Java security architecture: language rules, class loaders, the security manager, the access controller, and permission objects. All these chapters provide detailed information on implementation, as well as an excellent explanation of the role of each feature within the entire security picture. The second half of the book covers cryptographic features in the Java security package (much enhanced in Java 1.2) and how Java programs work with code that performs authentication and encryption. Here, you'll find detailed chapters on message digests, keys and certificates, key management, digital signatures, and the Java Cryptography Extensions. Anyone who needs to understand Java security, but especially those who will implement security features in Java applications, will want to own this book.
Java 2 Network Security - This book explains the evolution of the Java security model, and then focuses on the Java 2 security architecture and its revolutionary domains of protection. It offers a very large number of examples to give you a better understanding of the technology involved.The Team That Wrote This Redbook This redbook was produced by a team of specialists from around the world working at the International Technical Support Organization Raleigh Center.The leader of this project was Marco Pistoia. Marco Pistoia is a Network Security Specialist, working as a project leader at the International Technical Support Organization, Raleigh Center. He writes extensively and teaches IBM classes worldwide on all areas of the e-business Application Framework, WebSphere, Java and Internet security. Marco holds a degree with honors in Pure Mathematics from the University of Rome and a masters degree in Computer Science. Before joining the ITSO, he was a System Engineer in IBM Italy. He received an Outstanding Technical Achievement Award in 1996. Duane F. Reller is a Senior Software Engineer in the System/390 Programming Laboratory in Endicott, New York, USA. He has 25 years of experience in System/390 Hardware and Software development. He has served in technical and management positions. He holds a Bachelor's degree in Electrical Technology and a Master of Science degree in Computer Science from the State University of New York at Binghamton. His areas of expertise include Hardware and Software System's Architecture and Management. Deepak Gupta is a Senior Software Engineer in IBM, India. He has two and a half years of experience in Internet technologies. He holds a degree in Electronics and Communications from the University of Roorkee, India. His areas of expertise include Internet security and Electronic Commerce. Deepak was involved in IBM India's largest e-Commerce project and in India's first secured e-Commerce site allowing Rupee-based transactions, for which he was conferred the Employee of the Month Award. He has also given several talks on Internet security and e-Commerce. Milind Nagnur is a Senior Associate in the Operations and Systems Risk Management (OSRM) group of Price Waterhouse Coopers in Mumbai, India. He has a couple of years of exposure in Internet technologies, with emphasis on security and control issues in real business applications. He holds a degree in Mechanical Engineering from the Indian Institute of Technology in Bombay, India, and an MBA from the Indian Institute of Management in Calcutta, India.Ashok K. Ramani is a Senior Software Engineer in IBM India. He has two and a half years of experience in Internet technologies. He holds a degree in MSc.(Tech.) Information Systems from the Birla Institute of Technology and Science, Pilani, India. His areas of expertise include Internet security and Electronic Commerce. Ashok was involved in IBM India's largest e-Commerce project and in India's first secure e-Commerce site allowing Rupee-based transactions for which he was conferred the Employee of the Month Award. He has won special recognition awards at IBM India for his contribution to e-Commerce projects. He has also presented several talks on Internet security and e-Commerce.