Q

Developing security applications with Java

How can I develop a security application using Java, and what features can I give to my application thru it? Are there any other tools I can use to develop security applications?


Like many questions on how to do something, it's hard to know how to answer, because I really don't know what you're trying to do. So let me help as best as I can.

Java is a marvelous language for writing security applications in. While Java gets more press for being a client-application language (like Java applets in Web browsers), it's much better as a *server* development language.

Java offers some features that make for writing good security systems. In particular, threading is built into the language. Java also has a garbage collector and checks all memory references for arrays, strings and the like.

These features come at a performance cost, but they may be worth it. Software engineering mavens estimate that one-third of all bugs come from improper memory allocation and de-allocation and that another third come from buffer overflows. Eliminating those bugs is worth a lot.

As a side note, I'll mention that you can still run off the end of an array in Java, just like you can in C, but your program will take an exception instead of merrily destroying itself. Similarly, you can still consume all available memory in your computer when you use Java, but you don't have the sort of memory leak that occurs because you forgot to de-allocate something.

Also, with the new JIT compilers and runtime systems, Java servers can be quite fast. One network processing system I worked on has shown sustained processing of network packets at nearly 800 per second for over an hour. That is the one-hour average, to make things clearer. This was also on a Pentium 3 550MHz machine!

Here are some resources that may help you in your quest:

* Securing Java: Getting Down to Business with Mobile Code, Second Edition by Gary McGraw, Edward W. Felten; John Wiley & Sons; ISBN: 047131952X

* Java Security Handbook by Jamie Jaworski, Paul Perrone; Sams; ISBN: 0672316021

* JAVA 2 Network Security by Marco Pistoia, Duane F. Reller, Deepak Gupta, Milind Nagnur, Ashok Ramani; Prentice Hall; ISBN: 0130155926

* Java Security by Scott Oaks; O'Reilly & Associates; ISBN: 1565924037

* Java Cryptography by Jonathan Knudsen; O'Reilly & Associates; ISBN: 1565924029

* Inside Java 2 Platform Security: Architecture, API Design and Implementation by Li Gong; Addison-Wesley Pub Co; ISBN: 0201310007


This was first published in May 2001

Dig deeper on Software Development Methodology

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close