JAVA SECURITY BASIC NETWORKING MULTITHREATING Deniz HASTORUN Barış İbrahim SÖNMEZER

Security Architecture (JDK1.0) The original security model provided by the Java platform, known as the "sandbox" model

Security Architecture (JDK1.1) JDK 1.1 introduced the concept of : "signed applet"

Security Architecture (JDK1.2) All code, regardless of whether it is local or remote, can now be subject to a security policy. The security policy defines the set of permissions.

Controlling Applets Observe Applet Restrictions Set Up a Policy File to Grant the RequiredPermission See the Policy File Effects

Observe Applet Restrictions Currently JDK system code invokes security manager methods to perform resource access control checks. Applets are not allowed to access resources unless it is explicitly granted permission to do so by the security policy in effect. In Java platforms that are compatible with JDK 1.2, the permission must be granted by an entry in a policy file.

import java.awt.*; import java.io.*; import java.lang.*; import java.applet.*; public class WriteFile extends Applet { String myFile = "writetest"; File f = new File(myFile); DataOutputStream dos; public void init() { String osname = System.getProperty("os.name"); } public void paint(Graphics g) { try { dos = new DataOutputStream(new BufferedOutputStream(new FileOutputStream(myFile),128)); dos.writeChars("Try to write to a file\n"); dos.flush(); g.drawString("Successfully wrote to the file named " + myFile + " look at it!", 10, 10); } catch (SecurityException e) { g.drawString("writeFile: caught security exception: " + e, 10, 10); catch (IOException ioe) { g.drawString("writeFile: caught i/o exception", 10, 10); } } } the source code for an applet named WriteFile that tries to create and to write to a file named writetest in the current directory

Compile : “ javac WriteFile.java “ -> Result : “ WriteFile.class “ WriteFile.html : <html><p><applet code=WriteFile.class width=750 height=150></applet> <p></html> The system caught the applet trying to access a resource it doesn't have permission to access.

Set up a Policy File to Grant the Required Permission A policy file is an ASCII text file and can be composed via a text editor or the graphical Policy Tool utility. The Policy Tool saves you typing and eliminates the need for you to know the required syntax of policy files, thus reducing errors. You will use the Policy Tool to create a policy file, in which you will add a policy entry that grants code from the directory where WriteFile.class is stored permission to write the writetest file. Steps : Start Policy Tool Grant Required Permissions Save the Policy File

Start Policy Tool To start Policy Tool, simply type the following at the command line: “ policytool “ Whenever Policy Tool is started, it tries to fill in this window with policy information from what is sometimes referred to as the "user policy file". Default policy file : “ ${user.home}/.java.policy “ If Policy Tool cannot find the user policy file, it reports the situation and displays a blank Policy Tool window (that is, a window with headings and buttons but no data in it)

Grant the Required Permission Choose the Add Policy Entry button in the main Policy Tool window The CodeBase and the SignedBy text boxes are used to specify which code you want to grant the permission(s) you will be adding. A CodeBase value indicates the code source location. A SignedBy value indicates the alias for a certificate stored in a keystore. Choose the Add Permission button to bring up the Permissions dialog box.

Security Properties File Whenever you run an applet, or an application with a security manager, the policy files that are loaded and used by default are the ones specified in the "security properties file", which is located at one of the following: Windows: java.home\lib\security\java.security UNIX: java.home/lib/security/java.security

Security Properties File The default policy files, sometimes referred to as the system and user policy files, respectively, are defined in the security properties file as : policy.url.1= file:${java.home}/lib/security/java.policy policy.url.2 = file:${user.home}/.java.policy You can edit this file if you want to add another policy file.

How to Restrict Applications A security manager is not automatically installed when an application is running. To apply the same security policy to an application found on the local file system as to downloaded applets, you can invoke the interpreter with the new “-Djava.security.manager” command line argument. Usage : java -Djava.security.manager <Prog_name>

Summary of Security Tools Policytool Keytool Jar Jarsigner are available to facilitate various security-related operations

Keystore a protected database that holds keys and certificates for an enterprise Access to a keystore is guarded by a password (defined at the time the keystore is created, by the person who creates the keystore, and changeable only when providing the current password). Default keystore : ${user.home}/.keystore

Keytool Use keytool to manage your keystore, for example to create public/private key pairs issue certificate requests (which you send to the appropriate Certification Authority) import certificate replies (obtained from the Certification Authority you contacted) designate public keys belonging to other parties as trusted

Jar Use the jar tool to create JAR files The Java ARchive (JAR) file format enables you to bundle multiple files into a single archive file When you want to "digitally sign" code, you use the jar tool to place it in a JAR file and the jarsigner tool to sign the JAR file

Jarsigner Use the jarsigner tool to sign JAR files, or to verify signatures on signed JAR files. The jarsigner tool accesses a keystore that is created and managed by keytool, when it needs to find the private key and its associated certificate chain to use when signing a JAR file.