1 Internet and Intranet Protocols and Applications Lecture 9b: How Java Supports SSL March, 2004 Arthur Goldberg Computer Science Department New York University.

Slides:



Advertisements
Similar presentations
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
Advertisements

Cryptography and Network Security
Security at the Transport Layer Lecture 6. Information and Nework Security2 SSL/TLS n SSL was developed by Phil Karlton & Netscape. çThe standards community.
SSL (Secure Socket Layer)
Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.
Java Security CS-328. JDK 1.0 Security Model Sandbox Java Virtual Machine Local Code Remote Code Local Host System Resources (File System, Sockets, Printers…)
Web Security CS-431. HTTP Authentication Protect web content from those who don’t have a “need to know” Require users to authenticate using a userid/password.
Java Security Model Lab#1 I. Omaima Al-Matrafi. Safety features built into the JVM Type-safe reference casting Structured memory access (no pointer arithmetic)
LAB#2 JAVA SECURITY OVERVIEW Prepared by: I.Raniah Alghamdi.
Mobile Mobile OS and Application Team: Kwok Tak Chi Law Tsz Hin So Ting Wai.
Cryptography and Network Security Chapter 17
9/26/2001Godavari Thesis Proposal SSL Proxy1 The Design and Implementation of a SSL Proxy for Content Switch Thesis Proposal by Ganesh Kumar Godavari Department.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 17 Introduction to the Application.
SECURE NOTEPAD BY ANKUR DESHMUKH & P JAYA SUNDERAM.
CSCE 790: Computer Network Security Chin-Tser Huang University of South Carolina.
Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Certificates, SSL and IPsec Ahmed Muaydh Sara Bin Saif Shi-Jey Chou Advisor:Dr. Leszek Lilien.
The Design and Implementation of a SSL Proxy For Content Switch Thesis Proposal by Ganesh Kumar Godavari Department of Computer Science Univ. of Colorado.
Secure Sockets SSL/TLS ICW: Lecture 6 Tom Chothia.
Seguridad en Sistemas de Información Francisco Rodríguez Henríquez SSL/TLS: An Introduction.
JSSE API University of Palestine Eng. Wisam Zaqoot April 2010.
CS 255 – Cryptography & Computer Security Programming Project 2 – Winter 04 Priyank Patel
Softsmith Infotech Secure Socket Layer (SSL) and Tomcat.
CRYPTOGRAPHY PROGRAMMING ON ANDROID Jinsheng Xu Associate Professor North Carolina A&T State University.
Liang, Introduction to Java Programming, Seventh Edition, (c) 2009 Pearson Education, Inc. All rights reserved Chapter 3 Inter-process Communication.
32.1 Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction.
MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter Four Configuring Outlook and Outlook Web Access.
CSI315 Web Development Technologies Continued. Communication Layer information needs to get from one place to another –Computer- Computer –Software- Software.
WWW and Security CS587x Lecture Department of Computer Science Iowa State University.
Cryptography and Network Security (SSL)
ECommerce for software ICE525 Chung Sukwon, Lee Ilnam.
Digital Envelopes, Secure Socket Layer and Digital Certificates By: Anthony and James.
1 DCS 835 – Computer Networking and the Internet Digital Certificate and SSL (rev ) Team 1 Rasal Mowla (project leader) Alvaro Restrepo, Carlos.
1 SSL - Secure Sockets Layer The Internet Engineering Task Force (IETF) standard called Transport Layer Security (TLS) is based on SSL.
SSL/TLS How to send your credit card number securely over the internet.
Internet and Intranet Protocols and Applications Lecture 5a: HTTP Client-Server Design and Implementation February 15, 2005 Arthur Goldberg Computer Science.
Slide 1 Systems Analysis and Design With UML 2.0 An Object-Oriented Approach, Second Edition Chapter 2: Introduction to Object-Oriented Systems Analysis.
Dôležité triedy a interface: Cipher MAC SecureRandom KeyGenerator KeyPairGenerator Signature KeyStore.
Internet and Intranet Protocols and Applications Lecture 13: Web Beyond HTTP 4/25/2000 Arthur P. Goldberg Computer Science Department New York University.
Cryptography and Network Security Chapter 16 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Network and Internet Security Prepared by Dr. Lamiaa Elshenawy
Java Network Programming Network Programming Spring 2000 Jeffrey E. Care
Encryption protocols Monil Adhikari. What is SSL / TLS? Transport Layer Security protocol, ver 1.0 De facto standard for Internet security “The primary.
Advanced Java Session 4 New York University School of Continuing and Professional Studies.
1 Chapter 7 WEB Security. 2 Outline Web Security Considerations Secure Socket Layer (SSL) and Transport Layer Security (TLS) Secure Electronic Transaction.
TCS Internal Security. 2 TCS Internal Objective Objective :  Android Platform Security Architecture.
Advanced Java Session 4 - Extra New York University School of Continuing and Professional Studies.
EMI is partially funded by the European Commission under Grant Agreement RI Common Authentication Library Daniel Kouril, for the CaNL PT EGI CF.
Lecture 6 (Chapter 16,17,18) Network and Internet Security Prepared by Dr. Lamiaa M. Elshenawy 1.
Lecture 10 Page 1 CS 236 Online SSL and TLS SSL – Secure Socket Layer TLS – Transport Layer Security The common standards for securing network applications.
Henric Johnson1 Chapter 7 WEB Security Henric Johnson Blekinge Institute of Technology, Sweden
1 Internet data security (HTTPS and SSL) Ruiwu Chen.
Cryptography and Network Security Chapter 16
CIPHER SUITE Each name has an algorithm divided into four parts: protocol, key exchange algorithm, encryption algorithm, and checksum. For example, the.
Integrating Web Applications with Novell eDirectory™
NETWORK PROGRAMMING CNET 441
The Socket API 9/17/2018.
MIDP Application Security
Copyright © 2008 Pearson Prentice Hall Inc.
Copyright © 2008 Pearson Prentice Hall Inc.
Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls
Copyright © 2008 Pearson Prentice Hall Inc.
Copyright © 2008 Pearson Prentice Hall Inc.
COP 4610L: Applications in the Enterprise Spring 2005
Copyright © 2008 Pearson Prentice Hall Inc.
Copyright © 2008 Pearson Prentice Hall Inc.
Presentation transcript:

1 Internet and Intranet Protocols and Applications Lecture 9b: How Java Supports SSL March, 2004 Arthur Goldberg Computer Science Department New York University

2 How Java Supports SSL Implementation: Java TM Secure Socket Extension (JSSE) For the Java TM 2 SDK, Standard Edition, v Supports SSL 3.0 and TLS 1.0 JSSE Standard API –In the javax.net, javax.net.ssl and javax.security.cert packages

3 Java SSL Class Dependencies

4 SSLSocket and SSLServerSocket Classes javax.net.ssl.SSLSocket –Subclass of java.net.Socket –Supports all of the standard socket methods –An instance encapsulates the SSLContext under which it was created javax.net.ssl.SSLServerSocket –Subclass of java.net.ServerSocket

5 SSLSocketFactory and SSLServerSocketFactory Classes javax.net.ssl.SSLSocketFactory –A factory for creating secure sockets javax.net.ssl.SSLServerSocketFactory –A factory for creating secure server sockets To obtain an SSLSocketFactory –Get the default factory from SSLSocketFactory.getDefault –Construct a new factory with specifically configured behavior.

6 SSLSession Interface Represents a security context negotiated between the two peers of an SSLSocket connection Can be shared by future SSLSockets connected between the same two peers Contains –The cipher suite –A hint for the network address of the remote peer –The shared secret

7 See example code

8 Key Managers and Trust Managers Key managers (see KeyManagerFactory ) and trust managers (see TrustManagerFactory ) use keystores for their key material. A key manager manages a keystore and supplies public keys to others as needed, e.g., for use in authenticating the user to others. A trust manager makes decisions about who to trust based on information in the truststore it manages. Keystores and Truststores KeyManagerFactory TrustManagerFactory

9 References Java TM Secure Socket Extension (JSSE) Reference Guide, The TLS Protocol version 1.0 Internet Draft: Applied Cryptography, Second Edition by Bruce Schneier. John Wiley and Sons, Inc., Java 2 Network Security, Second Edition, by Marco Pistoia, Duane F Reller, Deepak Gupta, Milind Nagnur, and Ashok K Ramani. Prentice Hall, Copyright 1999 International Business Machines.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.