Building secure applications is difficult because modern applications are built in layers. In order for an application to be secure, all of the application's layers must be secure. This assurance is one of the benefits that Java technology brings to the table; Java makes a believable claim for providing a secure application foundation.
Stories by Todd Sundsted
Only months after Java first appeared on the scene, one headline-hungry pundit described Java as a "virus construction kit". History proves that this pundit's prediction was dead wrong. To date, I am aware of viruses for the Java platform: Strange Brew and Hive. Neither was viable in the wild.
A CA (Certificate Authority) is at the heart of all PKI (Public Key Infrastructure) projects. A CA is, quite literally, the final authority on the validity of any key it signs and is hopefully the final authority on the binding between a key and the subject of the key.
JavaOne 2002 (San Francisco) has come and gone. In addition to the usual fare, there were a number of interesting talks on security. I'm always hopeful I'll pick up hints of what is to come. Below, I've collected some of the more interesting possibilities for future work.
Sun defined a cryptography architecture based around a standardized API and pluggable providers. Most Java cryptography packages implement Sun's API in Java. The Mozilla Network Security Services for Java (JSS) follows a different path.
FOR COMPANIES with Java developers working on different platforms, switching projects from one OS to another can be tricky. But with Inprise Corp.'s release of JBuilder 3 Foundation for Linux, a free Java IDE (integrated development environment) from Inprise, your developers can now use the platform they prefer and still collaborate on projects. By introducing this software you'll have the flexibility to invite Linux users into your Java development projects.