Java security model

xiaoxiao2021-03-06  167

The security policy is a matrix that identifies what the resources are likely to be accessed.

Java's code security is based on the hourglass model, the original use of SecurityManager, which has increased the checkpermission method. If no security policy is given, its default security policy is a hover model for JDK1.1. This model is characterized by fully trusted local code, all network code for local access. Any policy must inherit the java.security.policy class.

For classes that have been loaded, JDK1.2 default does not check its security features, even if users use setPolicy to modify security policies. Java's security properties file is located in Java-Home / Lib / Security / Java.Security.

Security policies use the description code characteristics and the CODESource given the secure license for secure limitations. Java Safety Description Use the CODESOURCE class, the code features contain the code origin and digital certificate, note that "code" may be a JAR, this and .NET authorization is similar in accordance with the assembly. CoDesource's own integrity is to use the constructor initialization code URI and digital certificate guarantees. Codesource uses its own Implies method to determine if other CoDesource can also use their own security policies.

Its permission dictionary is implemented using Java.Security.Permission, such as FILEPERMISSION

转载请注明原文地址:https://www.9cbs.com/read-127955.html

New Post(0)