java核心技術(shù) 卷ⅱ高級特性_第1頁
已閱讀1頁,還剩10頁未讀, 繼續(xù)免費閱讀

下載本文檔

版權(quán)說明:本文檔由用戶提供并上傳,收益歸屬內(nèi)容提供方,若內(nèi)容存在侵權(quán),請進行舉報或認領(lǐng)

文檔簡介

1、英文翻譯資料 英文翻譯資料A.英文原文Core Java, Volume II--Advanced FeaturesWhen Java technology first appeared on the scene, the excitement was not about a well-crafted programming language but about the possibility of safely executing a

2、pplets that are delivered over the Internet (see Volume I, Chapter 10 for more information about applets). Obviously, delivering executable applets is practical only when the recipients are sure that the code can't w

3、reak havoc on their machines. For this reason, security was and is a major concern of both the designers and the users of Java technology. This means that unlike other languages and systems, where security was implemente

4、d as an afterthought or a reaction to break-ins, security mechanisms are an integral part of Java technology.Three mechanisms help ensure safety:? Language design features (bounds checking on arrays, no unchecked type co

5、nversions, no pointer arithmetic, and so on).? An access control mechanism that controls what the code can do (such as file access, network access, and so on).? Code signing, whereby code authors can use standard cryptog

6、raphic algorithms to authenticate Java code. Then, the users of the code can determine exactly who created the code and whether the code has been altered after it was signed.Below, you'll see the cryptographic algori

7、thms supplied in the java.security package, which allow for code signing and user authentication.As we said earlier, applets were what started the craze over the Java platform. In practice, people discovered that althoug

8、h they could write animated applets like the famous “nervous text“ applet, applets could not do a whole lot of useful stuff in the JDK 1.0 security model. For example, because applets under JDK 1.0 were so closely superv

9、ised, they couldn't do much good on a corporate intranet, even though relatively little risk attaches to executing an applet from your company's secure intranet. It quickly became clear to Sun that for applets to

10、 become truly useful, it was important for users to be able to assign different levels of security, depending on where the applet originated. If an applet comes from a trusted supplier and it has not been tampered with,

11、the user of that applet can then decide whether to give the applet more privileges.To give more trust to an applet, we need to know two things:? Where did the applet come from?the proud owner of a billion computers from

12、the time the Earth was formed, each computing a million messages a second, he would not yet have found a message he could substitute.A number of algorithms have been designed to compute these message digests. The two bes

13、t-known are SHA1, the secure hash algorithm developed by the National Institute of Standards and Technology, and MD5, an algorithm invented by Ronald Rivest of MIT. Both algorithms scramble the bits of a message in ingen

14、ious ways. For details about these algorithms, see, for example, Cryptography and Network Security, 4th ed., by William Stallings (Prentice Hall 2005). Note that recently, subtle regularities have been discovered in both

15、 algorithms. At this point, most cryptographers recommend avoiding MD5 and using SHA1 until a stronger alternative becomes available. (See http://www.rsa.com/rsalabs/node.asp?id=2834 for more information.)The Java progra

16、mming language implements both SHA1 and MD5. The MessageDigest class is a factory for creating objects that encapsulate the fingerprinting algorithms. It has a static method, called getInstance, that returns an object of

17、 a class that extends the MessageDigest class. This means the MessageDigest class serves double duty:? As a factory class? As the superclass for all message digest algorithmsFor example, here is how you obtain an object

18、that can compute SHA fingerprints:MessageDigest alg = MessageDigest.getInstance(“SHA-1“);(To get an object that can compute MD5, use the string “MD5“ as the argument to getInstance.)After you have obtained a MessageDiges

19、t object, you feed it all the bytes in the message by repeatedly calling the update method. For example, the following code passes all bytes in a file to the alg object just created to do the fingerprinting:InputStream i

20、n = . . .int ch;while ((ch = in.read()) != -1)alg.update((byte) ch);Alternatively, if you have the bytes in an array, you can update the entire array at once:byte[] bytes = . . .;alg.update(bytes);When you are done, call

溫馨提示

  • 1. 本站所有資源如無特殊說明,都需要本地電腦安裝OFFICE2007和PDF閱讀器。圖紙軟件為CAD,CAXA,PROE,UG,SolidWorks等.壓縮文件請下載最新的WinRAR軟件解壓。
  • 2. 本站的文檔不包含任何第三方提供的附件圖紙等,如果需要附件,請聯(lián)系上傳者。文件的所有權(quán)益歸上傳用戶所有。
  • 3. 本站RAR壓縮包中若帶圖紙,網(wǎng)頁內(nèi)容里面會有圖紙預(yù)覽,若沒有圖紙預(yù)覽就沒有圖紙。
  • 4. 未經(jīng)權(quán)益所有人同意不得將文件中的內(nèi)容挪作商業(yè)或盈利用途。
  • 5. 眾賞文庫僅提供信息存儲空間,僅對用戶上傳內(nèi)容的表現(xiàn)方式做保護處理,對用戶上傳分享的文檔內(nèi)容本身不做任何修改或編輯,并不能對任何下載內(nèi)容負責。
  • 6. 下載文件中如有侵權(quán)或不適當內(nèi)容,請與我們聯(lián)系,我們立即糾正。
  • 7. 本站不保證下載資源的準確性、安全性和完整性, 同時也不承擔用戶因使用這些下載資源對自己和他人造成任何形式的傷害或損失。

評論

0/150

提交評論