“The only platform that allows you to practice safe computing” is how Alan Baratz described the Java 2 platform during the Sun Microsystems Java 2 launch event on December 9, and to verify this statement you need only look to the real world.More than 90 percent of Web-based e-commerce applications use the Java platform as an integral part of their implementation; from basic online purchasing systems to international credit card systems, Java has proven itself as the solution for secure online systems.Consider, for example, Visa. From January 1999, Visa’s Global Endpoint Manager will be implemented entirely with the Java 2 platform — a complete end-to-end solution for the entire system, both client- and server-side. The realtime capabilities of Visa’s system, using the improved security model, were demonstrated live in front of the audience at the Java Business Expo conference. So why did Visa choose the Java 2 platform? “It allows you to completely lock things down,” said Tom Geer, senior software engineer at Visa. “The Java 2 security system allows you to think at a different plane, thinking more about renegade code rather than just hackers.” Traditionally, when you implement a secure system, you are concerned with making sure unauthorized users cannot gain access and ensuring the privacy of information in transmission. “With the Java platform, you can go beyond this and guarantee that the system itself is complete and secure,” said Paul Kelly, also a senior software engineer at Visa, “something that would be incomprehensible in another language.”Securing both ends with Java technology?The two distinct aspects of security — system security and information security — are fully addressed by the Java 2 platform.The Java programming language, the Security Manager, and the Permissions API (application programming interface) provide system security, which allows the safe execution of untrusted and partially trusted code (for example, applets, channels, servlets, remote code, as well as applications). In this case, the word safe refers to the fact that Java protects your system, the information on your system, and the resources available to your system from unauthorized access by the code being executed. Additionally, the Java Cryptography Architecture, a core part of the Java 2 platform, together with the Java Cryptography Extension (a standard extension), provide information security. That is, cryptographic techniques are available for protecting the privacy and integrity of information transmitted across public networks, and for verifying the identity of individuals communicating with a system.Full support for both system and information security is unique to the Java platform. No other platform can claim such a comprehensive security infrastructure.System security in practiceVisa is a perfect example of system security in practice. The company’s requirements go beyond ensuring the security of its enterprise data: the system must also be protected against rogue code and even application errors. To this end, Visa uses custom class loaders that initially verify the integrity of application code, both local and remote. It then uses security policies, the Permissions API, and digital certificates to grant power to this code, based strictly on the provable authenticity and integrity of the code and the provable authenticity of the user accessing the system. As Dr. Gary McGraw, author of Securing Java: Getting Down to Business with Mobile Code, explained: Before the Java 2 platform “the Java security model was black and white; code was either trusted or untrusted.” With the advent of the Java 2 platform, trust can best be defined in “shades of grey.” Trust is assigned to code based on its cryptographic authenticity with “policies that can suit your exact needs.” Uniquely, this means that applications can be subject to the exacting security policies of different enterprises.Information security in practicedocSPACE is a great example of a company that is putting the Java 2 platform’s information security capabilities into practice. It provides various products and services for secure Web-based document management, now including pure Java implementations. If corporate intellectual assets are to be stored in an outsourced Web storage area, it is critical that this information be protected from unauthorized access. Similarly, within an enterprise, centralized management and information security are a priority.Several technologies, all now part of the Java 2 platform, come together to provide the security docSPACE requires. Mike Serbinis, CTO of docSPACE, explained: “[The Java 2 platform] makes life a lot easier because all the separate technologies are integrated. Java 2 technology and the Java Cryptography Extension give you power, flexibility, and security.” Support for encryption, message digests, digital signatures, and key agreement — the foundations of cryptographic security — are provided by the Java Cryptography Architecture and Extension.Support for X.509 v3 digital certificates from the Java certificate API is used to cryptographically identify individuals and their public keys. Using a public key infrastructure, information can be securely communicated with an entity, and information from that entity can be verified as to its integrity and authenticity. In addition to its application to information security, this is also used to verify the authenticity of code from different individuals and organizations.Support for accessing directory services (for example, LDAP) from the Java Naming and Directory Interface (JNDI) allows central administration of users’ certificates and associated information. This approach enables a security application to query the authenticity and rights of a user in realtime, allowing an entire enterprise’s security to be centrally administrated. Such directory services will usually tie in with a certification authority (CA) that implements the certificate-issuing aspects of a public key infrastructure (PKI).Support for secure sockets layer and transport-layer security (SSL and TLS) from the Java Secure Socket extension API allows secure access to existing network services. This provides secure access to many existing Web services (HTTPS), directory services (SLDAP), and network objects (IIOP over SSL), and is also a foundation for securing enterprise systems built from Enterprise JavaBeans (EJB).Finally, support for smart cards and similar technologies from the Java Card API allow corporations to provide a physical layer of security.One of the most important aspects of the Java 2 platform is that the security APIs abstract away from actual implementations. This means applications aren’t tied to a specific security provider; instead, an organization can dictate what directory service, certification authority, cryptography implementation, certificate implementation, and smart cards it will use. Third-party enterprise solutions can then simply plug in to these requirements.Java cardsThe Java Card API is an extremely exciting area of Java security. In typical software systems, sensitive private keys are stored encrypted on a filesystem. When a user logs in, the keys are decrypted into memory and used for authentication, signing, and decryption. This opens up a potential security hole, because the private keys can potentially be stolen from the computer memory. With a cryptographically enabled smart card, however, the private key is stored on the smart card itself. When a user needs to perform a cryptographic operation, the smart card is called on to perform the operation. This means the private key never leaves the smart card and, thus, is never exposed. The key is even stored in a secure manner on the smart card, so that not even a memory scan of the card will leak the private key.The Java Card API is the API for Java-enabled smart cards. It is used to access smart cards that run their own Java Virtual Machine, allowing it to execute downloaded code. Security is a prime focus of the Java Card API, so it includes public key cryptography as a basic part of its capabilities. Some cards even include on-board 64-bit cryptographic coprocessors. The Java Card API has already been adopted by all major smart card vendors, including Schlumberger, Delarue, GemPlus, and Bull. End users who have committed to the use of Java Cards include Visa, MasterCard and, of course, Sun Microsystems; even some GSM mobile phone manufacturers are using the Java Card API as an interface to their mobile phone SIMM cards. Java Card applications, such as banking systems that can store individual user preferences on a card provides far more security than current ATM card systems. The Java Card API firmly rounds out Java’s enterprise security support.Conclusion“Using certificate-based authentication and permission control enables developers to create complex distributed applications with single user login, provides flexible, yet restrictive user access, and protects applications against hacker attacks like Trojan Horses,” said Dr. Lougie Anderson, vice president of engineering at GemStone Systems Inc. With the release of the Java 2 platform, Sun Microsystems has equipped the Java community with the most powerful platform available for building secure systems, addressing all aspects of enterprise security. Widespread vendor support for this security architecture from industry leaders (represented at the Java Business Expo by RSA Data Security Inc., Phaos Systems, and Baltimore Technologies Ltd.) and the growing installed base of real-world systems secured by the Java platform prove this fact beyond any doubt. JavaTechnology Industry