Security is one of the key features that has made Java as successful as it has been. The Java security architecture includes access control mechanisms that allow untrusted programs, such as applets, to be executed safely, without fear that they will cause malicious damage, steal company secrets, or otherwise wreak havoc. The access control mechanisms used by Java have changed substantially between Java 1.0 and 1.2; we'll discuss the Java 1.2 mechanisms in this chapter.
Access control is only one half of the Java security architecture, however. The other half is authentication. The java.security package and its subpackages allow you to create and verify cryptographic checksums and digital signatures, to prove whether a Java class file (or any other file) is authentic, that is, whether it truly comes from the source that it purports to be from. The authentication API has also changed as Java has evolved, and I cover the Java 1.2 API here.
The access control and authentication aspects of the Java security architecture are closely coupled. Access control is about granting privileges only to trusted code. But what code should you trust? If you know which people and organizations to trust (which is ultimately a social, not technological, problem), you can use authentication technologies such as digital signatures to allow you to trust the Java class files from those people and organizations.
Cryptography is closely related to, but not part of, the Java security architecture. Java uses cryptographic techniques such as digital signatures for authentication, but the Java security architecture does not perform any actual encryption or decryption. That is the job of the javax.crypto package and its subpackages. In Java 1.4, these packages are part of the core Java platform. Prior to Java 1.4, they are available as the Java Cryptography Extension™ (JCE).
This chapter contains examples that show how you can use the access control, authentication, and cryptographic APIs.