Difference between revisions of "MQP:Java Security"

From JimboWiki
Jump to: navigation, search
Line 1: Line 1:
 
{{#categorytree:MQP|hideroot|mode=pages}}
 
{{#categorytree:MQP|hideroot|mode=pages}}
 
==Overview==
 
==Overview==
Java, since 1.2, has some interesting security features related to access permissions.
+
Java, since 1.2, has some interesting security features related to access control.  There are many security features dealing with Java's class loaders, assuring that the code is from a trusted source, and certificate/key management that will not be discussed here.  These features are important to Java's overall security design, but are not important to the scope of this project.
 +
 
 +
This article focuses on the design and usage of Java's ability to provide fine-grained access control to features such as file access, socket communication, program configuration, and security configuration.
  
 
{{Incomplete}}
 
{{Incomplete}}
  
 
==Security Architecture Overview==
 
==Security Architecture Overview==
There are many security features dealing with Java's class loaders and assuring that the code is from a trusted source that will not be discussed here.  These features are not important to the scope of this project.
+
Most of Java's security classes reside in the ''java.security'' package.  For the purposes of this list, if no package is noted, ''java.security'' can be assumed.
 
+
Java's security classes reside in the ''java.security'' package.  The include:
+
 
;Permission (Abstract Class)
 
;Permission (Abstract Class)
 
:Defines a type of permission
 
:Defines a type of permission
Line 21: Line 21:
 
:Contains a number of PermissionCollection objects sored in a map, keyed by their ProtectionDomain
 
:Contains a number of PermissionCollection objects sored in a map, keyed by their ProtectionDomain
 
:Determines if proper permissions are available for a given Permission based on its existence in the proper ProtectionDomain
 
:Determines if proper permissions are available for a given Permission based on its existence in the proper ProtectionDomain
;SecurityManager (Object Class)
+
;java.lang.SecurityManager (Object Class)
:Provides permission resolution to the whole program
+
:Provides permission resolution to the whole program (via System.getSecurityManager()) by acting as the "central point of access control"
 +
:For most permission checks, this class calls out to java.security.AccessController
 +
:SecurityManager can be subclassed and replaced, as described below
 +
;AccessController (Object Class, Singleton)
 +
:Implements access control algorithm
 +
:Also deals with "doPrivileged()"
 +
:When checkPermission() is called, this class unrolls the call stack (using native code), determines all the permissions required, then decides if the call is ok
  
 
--Diagram Here--
 
--Diagram Here--

Revision as of 20:00, 25 August 2008

MQP-Design
MQP-Prototypes
MQP-Research
  Main
  Project Overview

Overview

Java, since 1.2, has some interesting security features related to access control. There are many security features dealing with Java's class loaders, assuring that the code is from a trusted source, and certificate/key management that will not be discussed here. These features are important to Java's overall security design, but are not important to the scope of this project.

This article focuses on the design and usage of Java's ability to provide fine-grained access control to features such as file access, socket communication, program configuration, and security configuration.

This page is incomplete
More work needs to be done on this page, so if somthing is missing, don't be surprised

Security Architecture Overview

Most of Java's security classes reside in the java.security package. For the purposes of this list, if no package is noted, java.security can be assumed.

Permission (Abstract Class)
Defines a type of permission
PermissionCollection (Abstract Class)
Contains a number of related Permission objects
Permissions (Object Class)
Contains a number of PermissionClass objects, sorted in a map by the Class of Permissions they contain
ProtectionDomain (Object Class)
Defines a group of classes that are protected with similar permissions
Policy (Abstract Class)
Defines the security policy (all permission grants) for the running application
Contains a number of PermissionCollection objects sored in a map, keyed by their ProtectionDomain
Determines if proper permissions are available for a given Permission based on its existence in the proper ProtectionDomain
java.lang.SecurityManager (Object Class)
Provides permission resolution to the whole program (via System.getSecurityManager()) by acting as the "central point of access control"
For most permission checks, this class calls out to java.security.AccessController
SecurityManager can be subclassed and replaced, as described below
AccessController (Object Class, Singleton)
Implements access control algorithm
Also deals with "doPrivileged()"
When checkPermission() is called, this class unrolls the call stack (using native code), determines all the permissions required, then decides if the call is ok

--Diagram Here--

Using Java Security

Activating the SecurityManager

Applications launched normally (using the java command) do not have security enabled - System.getSecurityManager() will return null, causing all permissions to simply be granted. To turn on the default SecurityManager: 

java -Djava.security.manager [Main Class]

To specify your own SecurityManager: 

java -Djava.security.manager=[SecurityManager Class] [Main Class]

or, to set it at runtime, use: 

SecurityManager sm = new YourSecurityManagerClass();
System.setSecurityManager(sm);

Setting Policy

To set the policy file for the JVM: 

java -Djava.security.manager -Djava.security.policy=[URL to policy file]

Using "==" in place of "=" will cause the JVM to ignore other policy files. (not sure what this means...)

References

Retrieved from "http://jimbodude.net/w/index.php?title=MQP:Java_Security&oldid=1878"