Java Security Model and its anatomy

Java Sandbox Model
Java has circumvented the virus or Trojan horse problems that plagued other models of software distributions. Java sandbox model is responsible for protecting a number of resources and it does it at number of levels.
Java programs are considered safe because they cannot run, install or propagate viruses and program itself cannot perform any action that is harmful to the user’s computing environment.

Anatomy of java application in SECURITY

Java Sandbox Model

The components drawn in the above figure play important role in java security model.

Byte Code verifier:
It ensures that all java class files that are loaded into JVM follow the rules of the Java language. In terms of resources, it helps enforce memory protections for all java programs. As the figure implies not all the class files are subjected to byte code verification.

Class Loader
One or more class loaders load all the java classes. Programmatically, the class loader can set permissions for each class it loads.

Access Controller
It allows OR prevents access from the core API to the operating system, based upon the policies set by the end user or administrator.

Security Manager
This is the primary interface between Core API and Operating System, however it exists for historic reasons

Security Package
It allows you to add security features to your applications as well as providing the basis by which java classes may be signed. This is a complex API and is further broken into following

• Security Provider Interface– the means by which different security implementations can be plugged into security package.
• Message Digests
• Keys and certificates
• Digital Signatures
• Encryption (JCE & JSSE)
• Authentication (through JAAS)

Key database
Key database is a set of keys used by the security infrastructure to create or verify digital signatures.
With respect to the sandbox, digital signatures play an important role because they provide authentication of who actually provided java class