JMU
Securing Java Objects
An Introduction


Prof. David Bernstein
James Madison University

Computer Science Department
bernstdh@jmu.edu


Overview
Object Authenticity and Integrity
Object Authenticity and Integrity (cont.)
Object Authenticity and Integrity (cont.)

Steps to Create a SignedObject:

  1. Create a PrivateKey/PublicKey pair
  2. Create a Signature (which is essentially just a hashing algorithm)
  3. Create the SignedObject

Steps to Retrieve a SignedObject:

  1. Get the PublicKey
  2. Get/create the Signature
  3. Verify the SignedObject
  4. Get the original Object
Object Authenticity and Integrity (cont.)
Object Authenticity and Integrity (cont.)
Object Confidentiality
Object Confidentiality (cont.)
Object Confidentiality (cont.)

Steps to Create a SealedObject:

  1. Create and initialize a Cipher
  2. Create the SealedObject

Steps to Retrieve a SealedObject:

  1. Create and initialize a Cipher
  2. Get the original Object
Object Confidentiality (cont.)
An Alternative Approach
Object-Level Access Control
Object-Level Access Control (cont.)
Object-Level Access Control (cont.)
Object-Level Access Control (cont.)

Creating a Guarded Object

  String          filename = "/data/grades.txt"
  FileInputStream input = new FileInputStream(filename);
  FilePermission  permission = new FilePermission(filename, "read");
  GuardedObject   guardedInput = new GuardedObject(input, permission);
  

Using the Guarded Object in Another Class

  // If the object doesn't have read access to the file then the
  // call will cause a SecurityException to be thrown
  FileInputStream input = (FileInputStream)guardedInput.getObject();