Академический Документы
Профессиональный Документы
Культура Документы
Nombre: Hctor Alejandro Garca Rodrguez Matrcula: 1484604 Maestro: Osvaldo Habib Gonzlez Grupo: 006 Semestre: 1ero Carrera: LSTI ltima fecha de modificacin: 11/11/2012
Introduction
In this essay we will talk about how security starts at the language, in this case: Java, this being said, we will talk about all the characteristics java has in order to preserv the security, most of them related to the memory, so anything can modify the space or use java is making to the memory. Security is made of lots of pieces, and Java is one of them. The first step to understand security behind computer programming is to understand the security the language itself has.
Body
Java Language Security Constructs
There are certain permissions to grant only certain access levels, which improves greatly the security of Java, those permissions are: Private: The entity can only be accessed by code that is contained within the class that defines the entity. Default (or package): The entity can be accessed by code that is contained within the class that defines the entity, or by a class that is contained in the same package as the class that defines the entity. Protected: The entity can only be accessed by code that is contained within the class that defines the entity, by classes within the same package as the defining class, or by a subclass of the defining class. Public: The entity can be accessed by code in any class.
Those permissions, called access modifiers allow data hiding and data encapsulation. This encapsulation ensures that objects may only be operated upon through the interface the object provides to the world, instead of being operated upon by directly manipulating the object's data elements. One example of this would be the applets, which only allows access to certain information only, and ONLY when it is necessary, and not allowing access all the time, in such way they dont have idea of each other. There are many other advantages such as the final modifier that cant be changed, etc.
Compiler Enforcement
The java compiler is the first thing in checking that the code doesnt break the rules we have been talking about. However, the compiler cannot enforce array bound checking nor can it enforce al cases of illegal object cast.
Runtime Enforcement
We also have the runtime enforcement, which detects cases of array bounds checking, among other pieces of tasks.
Conclusion
Javas security itself its pretty great, and it is a good basis to develop and implement software with the best practices in security, however in this case we can see how security its unlikely to being compromised because of the language, but because of not having good acknowledge about securitys best practices. It is amazing how so many things have to be carefully check in order to make a language secure, so many steps, cautions an processes, so the basic piece of a software could be secure, regardless of the other pieces.