Contents -- Introduction -- PART I: INTRODUCTION TO JAVA SECURITY -- Chapter 1 Security: An Overview -- The Need for Security -- Java Fundamentals -- An Overview of Java and Security -- Java Security -- Java 2 Security -- Java 2 and Crypography -- Summary -- Check Your Understanding -- Answers -- Chapter 2 Java Security Model -- Java Security Features -- History of Java Security -- Protection and Permissions -- Classes in Java 2 -- Java 2 Class Loader -- Policy Files -- Managing Security in Java 2 -- Summary -- Check Your Understanding -- Answers -- Chapter 3 The Java Virtual Machine -- JVM Safety Features -- The JVM Architecture -- Summary -- Check Your Understanding -- Answers -- Chapter 4 Class Files -- The Compilation Process -- The Class File Format in Java 2 -- Java Bytecode: Basics -- Summary -- Check Your Understanding -- Answers -- PART II: ADVANCED JAVA SECURITY CONCEPTS -- Chapter 5 The Class Loader and the Class File Verifier -- Class Loaders: Basics -- The Class-Loading Mechanism -- User-Defined Class Loaders -- The Class File Verifier -- Summary -- Check Your Understanding -- Answers -- Chapter 6 Java 2 Security Manager -- The SecurityManager Class -- How the Security Manager Works -- Writing Your Customized Security Manager -- Summary -- Check Your Understanding -- Answers -- Chapter 7 The Access Controller and Permissions in Java 2 -- The AccessController Class -- Permissions in Java 2 -- Summary -- Check Your Understanding -- Answers -- Chapter 8 Security Configuration Files and Security APIs -- The Security Properties File -- The Security Policy File -- The caceerts File -- Java 2 Security APIs -- Summary -- Check Your Understanding -- Answers -- Chapter 9 An Introduction to Java 2 Security Tools -- The keytool Command -- The jar Tool -- The jarsigner Tool -- Summary -- Check Your Understanding -- Answers.

Chapter 10 An Introduction to Java Plug-ins -- The Features of the Java Plug-in -- Modifying HTML Code for Java Plug-in Support -- The HTML Converter -- Security and the Java Plug-in -- The Java Plug-in Control Panel -- Summary -- Check Your Understanding -- Answers -- Chapter 11 Message Digests and Digital Signatures -- Message Digests -- Digital Signatures -- Summary -- Check Your Understanding -- Answers -- Chapter 12 An Introduction to Crypography -- The Need for Crypography -- Java Crypography Architecture (JCA) -- Java Cryptography Extension (JCE) -- Creating Your Own Provider -- Summary -- Check Your Understanding -- Answers -- Chapter 13 Introduction to Java Authentication and Authorization Service (JAAS) -- An Overview of JAAS -- Core JAAS APIs -- JAAS Settings in the java.security File -- Summary -- Check Your Understanding -- Answers -- Chapter 14 Java and Firewalls -- An Introduction to Firewalls -- Downloading an Applet from a Remote Server -- Java Network Connections -- Summary -- Check Your Understanding -- Answers -- Chapter 15 Java and SSL -- An Overview of SSL -- SSL Support in Browsers -- An Overview of Java Secure Socket Extension (JSSE) -- Using Java and SSL -- Summary -- Check Your Understanding -- Answers -- PART III: APPENDIXES -- Appendix A: Best Practices -- Limiting Access -- Handling Static Variables -- Avoiding Dependencies on Package Scope -- Declaring Final Classes or Methods -- Avoiding Writing Privileged Code -- Avoiding the Cloneable Interface -- Avoiding Storing Secrets in Your Code -- Avoiding Comparing Classes by Name -- Avoiding Mix-and-Match Attacks -- Appendix B: FAQs -- Appendix C: In the Wings -- The Future of Java Security -- Index -- A -- B -- C -- D -- E -- F -- G -- H -- I -- J -- K -- L -- M -- N -- O -- P -- R -- S -- T -- U -- V -- W.