While complete algorithm-independence is not possible, the JCA provides standardized, algorithm-specific APIs. Implementation independence and algorithm independence are complementary you can use cryptographic services, such as digital signatures and message digests, without worrying about the implementation details or even the algorithms that form the basis for these concepts. Algorithm independence and extensibility.Implementation independence and interoperability. The JCA was designed around these principles: You can use Java Generic Security Services (JGSS) (via Kerberos) APIs, and Simple Authentication and Security Layer (SASL) to securely exchange messages between communicating applications see Java GSS-API and JAAS Tutorials for Use with Kerberos and Java SASL API Programming and Deployment Guide. The JSSE components provides access to Secure Socket Layer (SSL), Transport Layer Security (TLS), and Datagram Transport Layer Security (DTLS) implementations see Java Secure Socket Extension (JSSE) Reference Guide. Other cryptographic communication libraries available in the JDK use the JCA provider architecture, but are described elsewhere. The Java platform supports the installation of custom providers that implement such services. However, some applications may rely on emerging standards not yet implemented, or on proprietary services. Specifically, an application is not bound to a specific provider, and a provider is not bound to a specific application.Īlgorithm extensibility: The Java platform includes a number of built-in providers that implement a basic set of security services that are widely used today. Implementation interoperability: Providers are interoperable across applications. An application may rely on multiple independent providers for security functionality. Security services are implemented in providers (see Cryptographic Service Providers), which are plugged into the Java platform via a standard interface. Rather, they can request security services from the Java platform. Implementation independence: Applications do not need to implement security algorithms. The architecture was designed around the following principles: These APIs allow developers to easily integrate security into their application code. The JCA is a major piece of the platform, and contains a "provider" architecture and a set of APIs for digital signatures, message digests (hashes), certificates and certificate validation, encryption (symmetric/asymmetric block/stream ciphers), key generation and management, and secure random number generation, to name a few. The Java platform strongly emphasizes security, including language safety, cryptography, public key infrastructure, authentication, secure communication, and access control.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
January 2023
Categories |