Basic security architecture in java

The Java platform defines a set of APIs spanning major security areas, including cryptography, public key infrastructure, authentication, secure communication, and access control. These APIs allow developers to easily integrate security into their application code. They were designed around the following principles:

1. Implementation independence

   Applications do not need to implement security themselves. Rather, they can request security services from the Java platform. Security services are implemented in providers (see below), which are plugged into the Java platform via a standard interface. An application may rely on multiple independent providers for security functionality.

2. Implementation interoperability

   Providers are interoperable across applications. Specifically, an application is not bound to a specific provider, and a provider is not bound to a specific application.

3. Algorithm extensibility

   The Java platform includes a number of built-in providers that implement a basic set of security services that are widely used today. However, some applications may rely on emerging standards not yet implemented, or on proprietary services. The Java platform supports the installation of custom providers that implement such services.

Related posts:

1. Background of java security
2. The Java cryptography architecture is a framework
3. Authentication in java
4. Secure communication in java
5. Key and certificate storage in java
6. Assessing the security of Java applications

Related posts brought to you by Yet Another Related Posts Plugin.