Previous | Next | Trail Map | Security in JDK 1.2  | Summaries

What Does the JDK Security API Provide?

The JDK Security API is a Java core API, built around the java.security package (and its subpackages).

API Methods

Clients can call API methods to incorporate security functionality into their applications, including for

The Generating and Verifying Signatures [API](in the Java Security 1.2 trail) lesson shows how to write programs using the cryptography aspects of the JDK Security API to generate (or import) keys, generate a digital signature for data using the private key, and verify the authenticity of a signature.

The Implementing Your Own Permission(in the Java Security 1.2 trail) lesson illustrates defining your own permission, adding security checks to your code to ensure a caller has the specified permission, and marking code as "privileged".

The Quick Tour of Controlling Applications(in the Java Security 1.2 trail) lesson includes a GetProps program that gets the values of the "user.home" and "java.home" properties.

Customization of the Security Features

The API enables clients to define and integrate their own

The Implementing Your Own Permission(in the Java Security 1.2 trail) lesson illustrates defining your own permission and adding security checks to your code to ensure a caller has the specified permission.

The latter two (SecurityManager and Policy) implementation replacements will be done rarely (e.g., by virtual machine implementors) and are beyond the scope of this tutorial.

Adding a cryptography service implementation is something that is expected to be done by a larger number of developers, but it also is beyond the scope of this tutorial. See How to Implement a Provider for the Java Cryptography Architecture on the public java.sun.com web site for a detailed description of the clearly-defined steps required to implement a provider package supplying one or more cryptography services.

What about Encryption and Decryption?

APIs for data encryption and decryption, together with some default algorithm implementations, are released separately in a "Java Cryptography Extension" (JCE) as an add-on package to the JDK, in accordance with U.S. export control regulations. They are not covered by this trail.


Previous | Next | Trail Map | Security in JDK 1.2  | Summaries