The Java language has three major characteristics: platform innocence, network mobility and security, and Java architecture provides strong support and guarantee on these three major characteristics, this paper focuses on the principle and method of use of Java architecture on support information security . The Java Architecture Java architecture is shown below. First, Java's source code Java file is compiled into a Java's binary code Class file by the compiler, and then the class file is loaded by the type load in the Java virtual machine, at the same time The loader also loads Java's original API Class file, and the class loader is primarily loaded, connected, and initialized these Class files, and the execution engine is handed over to the execution engine in the virtual machine, interpretation of the Java instruction in the class file into specific The local operating system method is executed, and the security manager will access the external resource in the execution process according to the setup security policy control instruction.
Java's execution method is not compilation execution but is interpreted. The same source code above the different platforms is compiled into the same binary-by-reference code code that meets the Java specification, and then handed over to the virtual machine to support the respective platforms to explain, "compile, After explaining, "three-step way to make Java" once a write, run everywhere ", if the Java app is used by 100% standard Java API and does not directly call the local method, then it can be applied without modification On a variety of platforms, such platforms are unrelated to make it more convenient and reality in the use of heterogeneous network environments or embedded aspects. Java's network mobility brings a new software mode. On the basis of distributed processing mode, you can transfer software and data to the client through the network, so that the client has a must-have software to view. And manipulating data transmitted over the network, the Java architecture supports cutting a single execution file into a small binary-based code file Class file, and these files can be dynamically connected, dynamically expanded in accordance with the needs of the application. The Java architecture supports security support primarily through Java language itself, virtual machine loader and security manager, and Java provide several aspects of the security API provided: preventing malicious programs from attacking, programs cannot destroy user computers Environment; prevent intrusion, the program cannot obtain confidential information of the host or the intranet; authentication, verification program provider and user identity; encryption, encrypt the data of the transferred exchange, or encrypt the persistent data; verification, Operation setting rules and verify. The need for Java information security With the more and more extensive Internet applications, and the Internet has its own unique resource sharing, it is important to pay attention to the user in a timely and accurate information of information and processing information, this is also Java. The reasons for rapid development and widely accepted. But the network also provides a potential way to attack the access computer, especially when the user downloads the network software locally, which requires Java to prevent the problem of virus / Trojans, and protect information and local environment. For example, when we browse a web page, Applets on the web may be downloaded and run, and this applet is all possible from unreliable places, or we use unreliable service objects on the network found through JINI. Services, if there is no security mechanism provided by the Java architecture, this is likely to introduce a hostile program that causes information loss, information disclosure, believes for fake data and modifying local computer security settings, and brings unknown serious as a result of. The Java language itself is designed to design Java on the basis of C , so it is more simple and clear compared to C , the structure, unit, operator overload, virtual basics, etc. are not in Java. Adoption, and canceling multiple inheritance and uses the way to implement multiple interfaces. This reduces the chance of developers to make mistakes to help them write more secure code. In Java, the "pointer" in the C language is easily error-free, using the structure of a list, a pile, hash table, etc., avoiding any unsafe structure. Java has no indexed array access, as this often leads to an unprofitable, unpredictable program operation, all of which must first check if the offline is checked. Java requires all variables that cannot be used before initialization. For basic data type variables, they automatically assign a initial value to avoid unin-initialized variables to obtain memory information. All of this makes the program unable to access any memory address. For entity information in memory, it can only be accessed by the permissions, and the type pointer is enforced into a memory pointer like C , and then look up by memory. Methods Find private variables.
Java allocation memory is transparent to developers. Developers use new methods to create new objects. At this time, virtual machines will find suitable memory spaces from the stack memory, and developers do not need to intervene. For memory recycling, Java avoids developers to clarify the recycling of objects, such as the C's Free or C delete commands, avoiding the developer's unintentional damage to memory. Java uses virtual machine "garbage collection" mechanisms to be implemented automatic management, release the memory resources that are no longer used, the memory recovery is like a garbage collection car, but the collection car seen in the street, only The garbage is collected in the trash can, it is also to go to your home to help you find the rubbish, then take these things away, and finally organize the space in the home, and make the biggest The space makes you new things. The purpose of Java's memory recovery is to find an object that is no longer referenced, releases memory space, and needs to organize the memory space, try to avoid "insufficient memory". For the serialization object exchanged in the network, it is easy to access the object's private information when rebuilding the object. At this time, Java provides two ways to protect information, one is to use the TRANSIENT keyword method, so When the object serialization, the variable is not read, the other is to implement the Externalizable interface instead of the serizlizable interface, such an object can only be saved and rebuilt through the WriteExternal and Readexternal methods, and other methods cannot be performed. These are the foundations of the Java language itself provides information security. Although the name loader is called class loader, but the type loader in the Java virtual machine is not only responsible for loading and is responsible for connecting and initializing the Java type. Loading is to read a binary form code in a virtual machine, and the connection is to assign class variable memory to this already read type, and convert the symbols in the constant pool to direct reference, the final initialization process is Give the appropriate initial value of the type variable. The class loader provides different namespaces for the loaded class, and the zone code generated by the unified source code is loaded into the same namespace. The same namespace cannot load the same class, the same namespace can be Direct interaction, and different namespace classes are unable to interact unless explicitly provide interactive mechanisms, the trusted class boundary is protected by namespace and class member access.
The class loader is divided into four types of launch class loaders, standard extensions, path-loaders, and network loaders. The start-up class loader loads the original Java API class from the local system to launch the Java virtual machine, and the other three loaders are classified when running the user-defined class, and the standard expansion class loader is loaded with different virtual machines. Commercial extension standard Java class, and the class in the classpath is loaded by the path class loader, and the network-based loader loads the class file downloaded over the network, each loader creates a loader instance when loading the class. . The class loader uses a dual-relative commission chain mode (this mode is similar to the responsibility chain mode mentioned in "Design Mode" book) In addition to the startup class loader, each class loader has its own "parents". A class can define its own duplex by three ways: the first reference, such as the Class B (ie, related associated associated with the Class A), then the B-class loader will be used as a Class A "Du", earlier than the Class A; the second use of the loadclass method from defining "double pro", at this time, "Du", "Duo", is here, the third type is not using the first two The default mode used in the case, the startup class loader is used as "Du".
During the loading process, when the loading request is issued, the loader first asks its "Di-Pare" - Path Class Dress to find and load this class, and this loader is also loaded to its "parent" request, A layer of first layer requests until the loader gets the request, to find and load this class, if this class is not loaded and the result is not found, the result is loaded, loaded by the sub-loader until the request is returned Original loader, if there is no successful loading, try to find and download from the network by the network loader, if it is not successful, will throw NoclassDeffoundError exception. This process ensures that the start-up class loader can load the class before the standard extension class loader, and the standard extension class loader can load the class before the path class loader, and finally loaded by the network loader. For example, the application is tried to load a java.lang.string class with malicious code, because it is part of the Java API, which can be trusted by special access, but because the start-up type loader is The earliest is loaded, so java.lang.string will only be loaded from the Java original API, and the Java.lang.String class with malicious code will not be loaded, so that it is trusted Class boundary. The type of loader also includes a functional module of a type check, which is responsible for ensuring robustness of the program, which is checked four times in the type of lifecycle. The first check is when loading, mainly check the structure of the binary character code, first format to meet the Java language definition specification, then ensure that the class by which will be loaded is a set of legitimate Java instructions. The second check is when the connection is connected, it is mainly the semantic check of type data, ensuring that the bytecode complies with the specification when compiling, such as the Final class does not derive the subclass, nor will the Final method; each There is only one superclass with a class; there is no basic data type to convert the basic data type into other data types. The third check is also connected to the structure of the instruction, ensuring that the operand type and value of the instruction are correct, and the operand stack does not overflow or overflow. The last check is when dynamic connection, the symbols in the main check type are quoted when parsing is correct. The above problems will have malicious behavior so they must check before running, and some inspection work will check when the virtual machine is running bytecode, such as array offline, object type conversion, etc., once the problem is found Throw an exception, making the program not executed. The class loader avoids some hostile people to write their own Java classes, and these types of methods contain instructions outside the method, causing the virtual machine crash and confidential information to be obtained, to ensure the program The robustness, nor does it have a case where the malicious code of the original Java API class is running, and the class loader prevents malicious code to interfere with the good code, guarding the trusted API library boundary, ensuring code can Performance.
Although the name loader is called class loader, but the type loader in the Java virtual machine is not only responsible for loading and is responsible for connecting and initializing the Java type. Loading is to read a binary form code in a virtual machine, and the connection is to assign class variable memory to this already read type, and convert the symbols in the constant pool to direct reference, the final initialization process is Give the appropriate initial value of the type variable. The class loader provides different namespaces for the loaded class, and the zone code generated by the unified source code is loaded into the same namespace. The same namespace cannot load the same class, the same namespace can be Direct interaction, and different namespace classes are unable to interact unless explicitly provide interactive mechanisms, the trusted class boundary is protected by namespace and class member access. The class loader is divided into four types of launch class loaders, standard extensions, path-loaders, and network loaders. The start-up class loader loads the original Java API class from the local system to launch the Java virtual machine, and the other three loaders are classified when running the user-defined class, and the standard expansion class loader is loaded with different virtual machines. Commercial extension standard Java class, and the class in the classpath is loaded by the path class loader, and the network-based loader loads the class file downloaded over the network, each loader creates a loader instance when loading the class. . The class loader uses a dual-relative commission chain mode (this mode is similar to the responsibility chain mode mentioned in "Design Mode" book) In addition to the startup class loader, each class loader has its own "parents". A class can define its own duplex by three ways: the first reference, such as the Class B (ie, related associated associated with the Class A), then the B-class loader will be used as a Class A "Du", earlier than the Class A; the second use of the loadclass method from defining "double pro", at this time, "Du", "Duo", is here, the third type is not using the first two The default mode used in the case, the startup class loader is used as "Du".
During the loading process, when the loading request is issued, the loader first asks its "Di-Pare" - Path Class Dress to find and load this class, and this loader is also loaded to its "parent" request, A layer of first layer requests until the loader gets the request, to find and load this class, if this class is not loaded and the result is not found, the result is loaded, loaded by the sub-loader until the request is returned Original loader, if there is no successful loading, try to find and download from the network by the network loader, if it is not successful, will throw NoclassDeffoundError exception. This process ensures that the start-up class loader can load the class before the standard extension class loader, and the standard extension class loader can load the class before the path class loader, and finally loaded by the network loader. For example, the application is tried to load a java.lang.string class with malicious code, because it is part of the Java API, which can be trusted by special access, but because the start-up type loader is The earliest is loaded, so java.lang.string will only be loaded from the Java original API, and the Java.lang.String class with malicious code will not be loaded, so that it is trusted Class boundary. The type of loader also includes a functional module of a type check, which is responsible for ensuring robustness of the program, which is checked four times in the type of lifecycle. The first check is when loading, mainly check the structure of the binary character code, first format to meet the Java language definition specification, then ensure that the class by which will be loaded is a set of legitimate Java instructions. The second check is when the connection is connected, it is mainly the semantic check of type data, ensuring that the bytecode complies with the specification when compiling, such as the Final class does not derive the subclass, nor will the Final method; each There is only one superclass with a class; there is no basic data type to convert the basic data type into other data types. The third check is also connected to the structure of the instruction, ensuring that the operand type and value of the instruction are correct, and the operand stack does not overflow or overflow. The last check is when dynamic connection, the symbols in the main check type are quoted when parsing is correct. The above problems will have malicious behavior so they must check before running, and some inspection work will check when the virtual machine is running bytecode, such as array offline, object type conversion, etc., once the problem is found Throw an exception, making the program not executed. The class loader avoids some hostile people to write their own Java classes, and these types of methods contain instructions outside the method, causing the virtual machine crash and confidential information to be obtained, to ensure the program The robustness, nor does it have a case where the malicious code of the original Java API class is running, and the class loader prevents malicious code to interfere with the good code, guarding the trusted API library boundary, ensuring code can Performance.
Although the name loader is called class loader, but the type loader in the Java virtual machine is not only responsible for loading and is responsible for connecting and initializing the Java type. Loading is to read a binary form code in a virtual machine, and the connection is to assign class variable memory to this already read type, and convert the symbols in the constant pool to direct reference, the final initialization process is Give the appropriate initial value of the type variable. The class loader provides different namespaces for the loaded class, and the zone code generated by the unified source code is loaded into the same namespace. The same namespace cannot load the same class, the same namespace can be Direct interaction, and different namespace classes are unable to interact unless explicitly provide interactive mechanisms, the trusted class boundary is protected by namespace and class member access. The class loader is divided into four types of launch class loaders, standard extensions, path-loaders, and network loaders. The start-up class loader loads the original Java API class from the local system to launch the Java virtual machine, and the other three loaders are classified when running the user-defined class, and the standard expansion class loader is loaded with different virtual machines. Commercial extension standard Java class, and the class in the classpath is loaded by the path class loader, and the network-based loader loads the class file downloaded over the network, each loader creates a loader instance when loading the class. . The class loader uses a dual-relative commission chain mode (this mode is similar to the responsibility chain mode mentioned in "Design Mode" book) In addition to the startup class loader, each class loader has its own "parents". A class can define its own duplex by three ways: the first reference, such as the Class B (ie, related associated associated with the Class A), then the B-class loader will be used as a Class A "Du", earlier than the Class A; the second use of the loadclass method from defining "double pro", at this time, "Du", "Duo", is here, the third type is not using the first two The default mode used in the case, the startup class loader is used as "Du".
