Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Internet and Intranet Protocols and Applications Lecture 9b: How Java Supports SSL March, 2004 Arthur Goldberg Computer Science Department New York University.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Internet and Intranet Protocols and Applications Lecture 9b: How Java Supports SSL March, 2004 Arthur Goldberg Computer Science Department New York University."— Presentation transcript:

1 1 Internet and Intranet Protocols and Applications Lecture 9b: How Java Supports SSL March, 2004 Arthur Goldberg Computer Science Department New York University artg@cs.nyu.edu

2 2 How Java Supports SSL Implementation: Java TM Secure Socket Extension (JSSE) For the Java TM 2 SDK, Standard Edition, v 1.4.2 Supports SSL 3.0 and TLS 1.0 JSSE Standard API –In the javax.net, javax.net.ssl and javax.security.cert packages

3 3 Java SSL Class Dependencies

4 4 SSLSocket and SSLServerSocket Classes javax.net.ssl.SSLSocket –Subclass of java.net.Socket –Supports all of the standard socket methods –An instance encapsulates the SSLContext under which it was created javax.net.ssl.SSLServerSocket –Subclass of java.net.ServerSocket

5 5 SSLSocketFactory and SSLServerSocketFactory Classes javax.net.ssl.SSLSocketFactory –A factory for creating secure sockets javax.net.ssl.SSLServerSocketFactory –A factory for creating secure server sockets To obtain an SSLSocketFactory –Get the default factory from SSLSocketFactory.getDefault –Construct a new factory with specifically configured behavior.

6 6 SSLSession Interface Represents a security context negotiated between the two peers of an SSLSocket connection Can be shared by future SSLSockets connected between the same two peers Contains –The cipher suite –A hint for the network address of the remote peer –The shared secret

7 7 See example code

8 8 Key Managers and Trust Managers Key managers (see KeyManagerFactory ) and trust managers (see TrustManagerFactory ) use keystores for their key material. A key manager manages a keystore and supplies public keys to others as needed, e.g., for use in authenticating the user to others. A trust manager makes decisions about who to trust based on information in the truststore it manages. Keystores and Truststores KeyManagerFactory TrustManagerFactory

9 9 References Java TM Secure Socket Extension (JSSE) Reference Guide, http://java.sun.com/j2se/1.4.2/docs/guide/security/jsse/JSSERefGuide.html http://java.sun.com/j2se/1.4.2/docs/guide/security/jsse/JSSERefGuide.html The TLS Protocol version 1.0 Internet Draft: http://www.ietf.org/rfc/rfc2246.txt http://www.ietf.org/rfc/rfc2246.txt Applied Cryptography, Second Edition by Bruce Schneier. John Wiley and Sons, Inc., 1996. Java 2 Network Security, Second Edition, by Marco Pistoia, Duane F Reller, Deepak Gupta, Milind Nagnur, and Ashok K Ramani. Prentice Hall, 1999. Copyright 1999 International Business Machines.

Download ppt "1 Internet and Intranet Protocols and Applications Lecture 9b: How Java Supports SSL March, 2004 Arthur Goldberg Computer Science Department New York University."

Similar presentations

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
Cryptography and Network Security

Cryptography and Network Security
Security at the Transport Layer Lecture 6. Information and Nework Security2 SSL/TLS n SSL was developed by Phil Karlton & Netscape. çThe standards community.

Security at the Transport Layer Lecture 6. Information and Nework Security2 SSL/TLS n SSL was developed by Phil Karlton & Netscape. çThe standards community.
SSL (Secure Socket Layer)

SSL (Secure Socket Layer)
Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.

Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.
Java Security CS-328. JDK 1.0 Security Model Sandbox Java Virtual Machine Local Code Remote Code Local Host System Resources (File System, Sockets, Printers…)

Java Security CS-328. JDK 1.0 Security Model Sandbox Java Virtual Machine Local Code Remote Code Local Host System Resources (File System, Sockets, Printers…)
Web Security CS-431. HTTP Authentication Protect web content from those who don’t have a “need to know” Require users to authenticate using a userid/password.

Web Security CS-431. HTTP Authentication Protect web content from those who don’t have a “need to know” Require users to authenticate using a userid/password.
Java Security Model Lab#1 I. Omaima Al-Matrafi. Safety features built into the JVM Type-safe reference casting Structured memory access (no pointer arithmetic)

Java Security Model Lab#1 I. Omaima Al-Matrafi. Safety features built into the JVM Type-safe reference casting Structured memory access (no pointer arithmetic)
LAB#2 JAVA SECURITY OVERVIEW Prepared by: I.Raniah Alghamdi.

LAB#2 JAVA SECURITY OVERVIEW Prepared by: I.Raniah Alghamdi.
Mobile Mobile OS and Application Team: Kwok Tak Chi Law Tsz Hin So Ting Wai.

Mobile Mobile OS and Application Team: Kwok Tak Chi Law Tsz Hin So Ting Wai.
Cryptography and Network Security Chapter 17

Cryptography and Network Security Chapter 17
9/26/2001Godavari Thesis Proposal SSL Proxy1 The Design and Implementation of a SSL Proxy for Content Switch Thesis Proposal by Ganesh Kumar Godavari Department.

9/26/2001Godavari Thesis Proposal SSL Proxy1 The Design and Implementation of a SSL Proxy for Content Switch Thesis Proposal by Ganesh Kumar Godavari Department.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 17 Introduction to the Application.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 17 Introduction to the Application.
SECURE NOTEPAD BY ANKUR DESHMUKH & P JAYA SUNDERAM.

SECURE NOTEPAD BY ANKUR DESHMUKH & P JAYA SUNDERAM.
CSCE 790: Computer Network Security Chin-Tser Huang University of South Carolina.

CSCE 790: Computer Network Security Chin-Tser Huang University of South Carolina.
Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Certificates, SSL and IPsec Ahmed Muaydh Sara Bin Saif Shi-Jey Chou Advisor:Dr. Leszek Lilien.

Certificates, SSL and IPsec Ahmed Muaydh Sara Bin Saif Shi-Jey Chou Advisor:Dr. Leszek Lilien.
The Design and Implementation of a SSL Proxy For Content Switch Thesis Proposal by Ganesh Kumar Godavari Department of Computer Science Univ. of Colorado.

The Design and Implementation of a SSL Proxy For Content Switch Thesis Proposal by Ganesh Kumar Godavari Department of Computer Science Univ. of Colorado.
Secure Sockets SSL/TLS ICW: Lecture 6 Tom Chothia.

Secure Sockets SSL/TLS ICW: Lecture 6 Tom Chothia.
Seguridad en Sistemas de Información Francisco Rodríguez Henríquez SSL/TLS: An Introduction.

Seguridad en Sistemas de Información Francisco Rodríguez Henríquez SSL/TLS: An Introduction.

Similar presentations

Ads by Google