Dr. Waitak Wong Department of Information Management Chung Hua University, Hsinchu, Taiwan - PowerPoint PPT Presentation

dr waitak wong department of information management chung hua university hsinchu taiwan l.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Dr. Waitak Wong Department of Information Management Chung Hua University, Hsinchu, Taiwan PowerPoint Presentation
Download Presentation
Dr. Waitak Wong Department of Information Management Chung Hua University, Hsinchu, Taiwan

play fullscreen
1 / 159
Dr. Waitak Wong Department of Information Management Chung Hua University, Hsinchu, Taiwan
145 Views
Download Presentation
morpheus
Download Presentation

Dr. Waitak Wong Department of Information Management Chung Hua University, Hsinchu, Taiwan

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Java & J2EE Application Security Dr. Waitak Wong Department of Information Management Chung Hua University, Hsinchu, Taiwan

  2. Today's Agenda • About Security • Application Security • Java Security from the Ground Up • Standalone Java Application Techniques • Hacking Java Client-Sever Application • Java Network Applications: RMI

  3. Today's Agenda (cont.) • Exploiting Java Web Tier Components • Web Services Security • Enterprise Java Beans Security

  4. About Security Common Security Threats Three concepts of CIA security model Definition of security

  5. Common Security Threats • Identity interception • Steal your identity and use it as their own • Masquerading • Grab your identity and use it elsewhere with the intention of perpetrating fraud • Replay attack • Capture your request and replay that request • Data interception and manipulation • Read your data (such as credit card info)

  6. Common Security Threats • Repudiation • Deny your/his completed transaction • Denial of Service • Terminate the service

  7. Three concepts of CIA security model • Confidentiality • information must not be disclosed to any unauthorized person • Integrity • authorized actions (unauthorized data changes) • separation and protection for resources • error detection and correction (data corruption) • Availability • presence of objects or service in a usable form • capacity to meet service needs • adequate timeliness of a service

  8. Definition of security • Deter • Generate a feasible and believable deterrence • Detect • Detect how, when and where intrusion has taken place • Protect • Manage people and the Information System in an effective manner so as to protect against unauthorized usage

  9. Definition of security • React • react to an intrusion • ensure that penetration does not happen again. • vulnerability is eliminated • Recover • recover all data and programs from a breach in security

  10. Application code { Application Level Java/J2EE APIs JVM { System Level Operating System Application Security- Not just technology; it’s a process… - • System-level Security Vs. Application-level Security

  11. System-level Security Vs. Application-level Security • Defeating System-level security may not provide attackers with appropriate access to the application-level data, logic, or methods that they seek Application-level Security Enterprise Data System-level security Attacker

  12. System-level Security Vs. Application-level Security (cont.) • Work together to build a secure system/application combination Application-level Security System-level security Enterprise Data Attacker Attacker

  13. Application code Application code Application code Java/J2EE APIs Java/J2EE APIs Java/J2EE APIs JVM (Solaris) JVM (IBM AIX) JVM (MS Window) OS (Solaris) OS (IBM AIX) OS (MS Window) System-level Security Vs. Application-level Security (cont.) • It is more efficient to push some security responsibilities up to the application level instead of handling them at the operating-system level

  14. Java Security from the Ground Up • Java Language Safety Features • Java Security Model • Java Security Architecture

  15. Java Language Safety Features • Objects have access levels: • private: Accessible by defining class • package (default): Accessible by classes in the same package • protected: Same as package, with addition of access by any subclass • public: Accessible by any class

  16. Java Language Safety Features • Access methods are strictly adhered to • No pointers (no access to arbitrary memory and automatic garbage collection) • “final” methods or variables cannot be changed • Variables MUST be initialized before use • Array bounds are enforced • Strict object casting rules

  17. Java Security Enforcement

  18. Java Security Enforcement • Enforcement happens at different times • Compile time enforcement • Class load time enforcement • Runtime enforcement

  19. Java Source Bytecode Bytecode Verifier Java Compiler Class Loader Java Virtual Machine Runtime Compile Time Enforcement

  20. Compile Time Enforcement Validate language syntax Enforce method and variable access rules Enforce variable initialization Enforce some casting operations

  21. Java Source Bytecode Bytecode Verifier Java Compiler Class Loader Java Virtual Machine Runtime Class Load Time Enforcement

  22. Class Load Time Enforcement • Bytecode verification • Verifies class file format • Accesses objects as correct type • Final classes are not subclassed • Final methods are not overridden • Every class has a single superclass Verify that casting legality checks are in place

  23. Class Load Time Enforcement • No operand stack overflows or underflows • All field and method accesses are legal • Method calls use correct number & types of arguments

  24. Java Source Bytecode Bytecode Verifier Java Compiler Class Loader Java Compiler Java Virtual Machine Runtime Runtime Enforcement

  25. Runtime Enforcement • Array bounds checking • Throws ArrayIndexOutOfBoundsException • Object casting • Throws ClassCastException • Security Manager • Throws SecurityException • Depends on the Access Controller

  26. Java Security Model

  27. Java Security Model Sandbox – a strictly defined arena where they cannot affect other system resources. It provides virtually no flexibility.

  28. Java Security Model (cont.)

  29. Components work with Sandbox • Class loader • first link in the security chain • enforces the name space hierarchy • Byte code verification • checks that there are violations like stack overflows, name space violations, illegal data type casts, etc. • Security manager • It enforces the boundary of the sandbox

  30. Java Security Model (cont.) JDK 1.1 security model Applets either received unlimited access or were confined to the sandbox – there was no option for selective access to resources.

  31. Java Security Model (cont.)

  32. Java Security Model (cont.)

  33. Java Security Model (cont.)

  34. Java Security Model (cont.)

  35. Java Security Model (cont.)

  36. Java Security Model (cont.)

  37. Java Security Model (cont.)

  38. Java Security Model (cont.) Introduces the concept of a ProtectionDomain, which permits a highly flexible security policy decoupled from its implementation

  39. Java Security Model (cont.)

  40. Java Security Model (cont.)

  41. Java Security Model (cont.)

  42. Java Security Model (cont.)

  43. Java Security Model (cont.)

  44. Java Security Model (cont.)

  45. Java Security Model (cont.)

  46. Java Security Architecture • The J2SE 1.3 introduced • policy-based access control • X.509 v3 implementation of certificate interfaces • tools for creating and managing security keys and certificates

  47. Java Security Architecture • J2SE 1.4 continued by adding • Java Authentication and Authorization Service (JAAS) • Java Cryptography Extension (JCE) • Java Secure Socket Extension (JSSE) • Features for Kerberos communication

  48. Java Security Architecture Road Map 1 5 7 4 6 2 3

  49. Java Security Architecture

  50. Java Cryptographic Architecture