• Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint
Share this Page URL
Help

Chapter 7. JavaTV > Java Security

7.5. Java Security

Running programs on an iTV receiver typically gives that program access to certain receiver resources. The Java security framework was designed to control that access. The original security model introduced by JDK 1.0 is the sandbox model, explicitly listing of all operations controlled by the security framework. Within that framework, the security manager is responsible for determining which operations are allowed.

The JDK 1.0 security model relied on the assumption that Java applications could be fully trusted. Subsequent versions of the JDK extended the security framework with trust model and PKI infrastructure. Specifically, JDK 1.1 introduced the Java Cryptography Architecture (JCA) which introduces a trust model relying on digital signatures. JDK 1.2 introduced a fine-grained access control mechanism. Java 2 platform, also known as J2EE, introduced the notion of protection domains, the notion of guarded objects, call tree permission checks, and the ability to reenable privileged operations. Control is achieved through the use of AccessControllers, ProtectionDomains, CodeSources, Permissions, GuardedObjects, implemented by the Java packages listed in Table 7.5.


PREVIEW

                                                                          

Not a subscriber?

Start A Free Trial


  
  • Creative Edge
  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint