Security Features Overview of Merlin (J2SE Version 1.4)

by Craig Walker
Sept. 1, 2017 0 comments SANS Institute Management solaris issues

All the safeguards that we, as security professionals, employ are rendered useless if the foundation upon which they are laid is not sound. That is why JavaTM has become the language of choice for the security minded application developer. From its inception, security was one of the primary tenets of the JavaTM distributed computing platform. The language implemented several features to enforce secure programming including range checking on strings and arrays, garbage collection and automatic memory management. Runtime code legitimacy is insured by the byte code verifier and the JavaTM Virtual Machine (JVM). The security manager in conjunction with the class loader enforce strict access policy for code operating on a machine. The JavaTM ‘sandbox’ of JDK 1.0 created a new trust model for distributed and potentially malicious code. That model has been extended and redefined in subsequent JDK versions.

https://www.sans.org/reading-room/whitepapers/solaris/security-features-overview-merlin-j2se-vers...