Welcome!

Jay Heiser

Subscribe to Jay Heiser: eMailAlertsEmail Alerts
Get Jay Heiser via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories by Jay Heiser

One of the most significant aspects of Java programming is that it creates applications that have extraordinary relevance to computer security. Few UNIX administrators would be prepared to allow millions of users to execute programs as root (the administrative superuser) on their system, yet this level of potentially total power is what every user cedes when they point their browser at a URL containing some form of Java executable. Because of this, knowledge of computer security is becoming a requirement for Java programmers, and Java developers are being held accountable for the security implications of their code. Java experts who can speak authoritatively on security issues will be in greater demand. This short series of articles won't dwell on the relative advantage or disadvantage of Java as a programming language, although it assumes that Java will be increas... (more)

Java & Cryptography Part 2

Decisions The choice of encryption technologies is not always easy, but fortunately there are often several equally good options. The first step in choosing an algorithm is knowing the purpose to which it will be applied. Is it to ensure privacy, integrity, authenticity or to provide non-repudiation? Will it be used on a small amount of data or files so large that the encryption process could result in an unacceptable processing delay? The strength of an encryption method is dependent upon both the algorithm and the key length and can be understood in terms of the computational r... (more)

Java & Cryptography

Java programmers are network programmers and increasingly, network programmers write applications that need encryption technology. The Internet is like a huge chat room. Not only is it a worldwide sniffable net, it's developing its own unique business infrastructure. New virtual services are required to provide the confidence in business transactions that has been available through a paper-based system. In addition to privacy, Internet commerce demands digital forms of signature, currency, notarization, purchase orders and receipts. Many of the most important Internet application... (more)

Java Security Mechanisms

Introduction Java developers are constantly becoming frustrated because of unexpected encounters with Java security features. For example, a recent posting on comp.langs.java.security complained about difficulties in being able to open a network socket with Java. After reading the security introduction in the last issue of JDJ, it should be clear that allowing Web content to open arbitrary network connections on a workstation is highly undesirable. Not only could this circumvent existing security mechanisms, such as firewalls and IP address-based access control, but these network... (more)

Trusting Java Applets

The JDK 1.1 includes a new Java Security API which supports several important new security features, the most significant of which may turn out to be signed applets. Properly implemented, digital signatures will provide the additional trust needed to allow Java applets greater access to client system capabilities, thereby supporting more powerful Web-based applications. What Does Everyone Want To Do? Current browsers, which are based on the JDK 1.0 toolkit, support a very limited subset of system capability when running Java applets. Sun has taken a conservative approach and desig... (more)