Java Security includes such topics as Java Cryptography (JCE), Java Authentication and Authorization Service (JAAS), as well as these tools: jarsigner, keytool and policytool. The security model supports fine-grain access control, governed by system-wide policy files and per-user policy files. Java security is a topic of increasing interest, especially as Java becomes the standard in enterprise application development.

Secure thread collaboration across protection domains - Build solid applications with the AccessControlContext and the GuardedObject classes

Firewall makers scramble as security gadfly exposes flaw - Exemption from firewall restrictions creates security hole in Internet applications

Embedded HTML mail 'bugs': Viruses waiting to happen\par Spammers could use the bugs to get company e-mail addresses

Java security evolution and concepts

• Security nuts and bolts
• Discover the ins and outs of Java security
• Applet security

Signed and delivered: An introduction to security and authentication

In Java we trust

Keep your data secure from prying eyes: An encryption primer - Do you have sensitive data on your Web site? Do you send confidential e- mail you want to keep private? We tell you about the types of encryption and how they work to your advantage

Effective code auditing can boost app security Plan audits in stages, prioritize vulnerabilities, and pick the right people

Construct secure networked applications with certificates

• Certificates add value to public-key cryptography
• Learn to use X.509 certificates
• Use the Java CRL and X509CRL classes

Starting from scratch -The consequences of being complacent about security

RSA Data Security: Digital certificates, encryption toolkits debut - An overview of new products announced at the conference

BugTraq members used to launch attack against Network Associates

CERT warns: BIND may leave Web sites vulnerable

Ugly mistake for Pretty Good -Security is jeopardized in rush to add new features

Down the rabid hole - Why simply reading email can be hazardous to your computer's health'Decoy nets' gain backers in battle against hackersDeception networks lead hackers astray

Check your hacker vulnerability for free

The Security section of JavaWorld's Topical Index

Xcert brings PKI to Web commerce

PKI is key to secure e-commerce - Public key infrastructure allows for online transactions

Silanis pushes E-Sign toward b-to-b

JAVA ZONE | XP, Security, and JavaCon 2001

XP Distilled - If your projects are continually overbudget and late, Extreme Programming just might be the answer. This comprehensive look into XP, the most popular of the agile approaches to software development, provides you with the details you need to know -- without the hype.

Using Java in High-Stakes Systems - This overview, the first in a series of articles, examines how Java technology can be used to secure a system in which the consequences of mistaken identity can be particularly destructive.

JavaCon 2001 Updates - We've rounded out our coverage of this conference with two new presentations from industry luminaries Peter Haggar (Java performance) and Jim Waldo (the future of Jini networking). In addition to the audio and slide shows available for both speakers, Peter's presentation includes a number of usable code samples integrated into the audio.

RSA Signed Applets and Plug-Ins

AUTHENTICATE AN X.509 CERTIFICATE CHAIN

Secure a Web application, Java-style - Use Java's multiple-layer security implementation to protect your Web applications

J2ME: The next major games platform? - Is J2ME feasible as a high-end games platform for mobile devices?

Human Error May Be No. 1 Threat to Online Security - VeriSign snafu shows that procedures and processes are key safeguards

RSA Conference: Hackers, threats and security concerns dominate

Implementing Security Policies

HOW-TO JAVA: SECURE YOUR JAVA APPS WITH SSL - SSL (Secure Socket Layer) is the de facto standard for securing a communication channel between two applications that converse over the Internet. Sun's Java Secure Socket Extension provides SSL support for Java applications. In this month's How-To Java, Todd Sundsted demystifies JSSE and demonstrates how to SSL-enable your applications.

Java Secure Socket Extension (JSSE)

Java Cryptography Extension (JCE)

Java Authentication and Authorization Service (JAAS)

Single Sign-on Using Kerberos in Java

Introduction to JAAS and Java GSS-API Tutorials

Generic Security Service API (GSS-API) Base

Tests for Kerberos V5, GSS-API, and RPCSEC_GSS