Q

Cryptography and Java applications

Implementing cryptography with Java applications is an important security measure. Fortunately, the Java platform supports a number of cryptographic services, explains expert Ramesh Nagappan.

How do I work with Java Cryptography Extension for the best security?

In Java-based applications, cryptography plays a vital role for ensuring confidentiality and integrity of Java objects, data and trusted communication. To support cryptographic services, the Java platform facilitates an extensible security architectural model via standard API mechanisms for integrating cryptography providers. There is support for digital signatures, message digests, encryption/decryption algorithms, PKI, Certificate...

authorities (CA), SSL/TLS based communication and PKCS#11 devices such as cryptographic hardware accelerators and smart cards.

To work with Java cryptographic services in your Java applications, the Java platform offers the following set of API frameworks and their implementations:

  1. Java Cryptographic Architecture (JCA) :
    JCA provides basic cryptographic services and algorithms, which include support for digital signatures and message digests.


  2. Java Cryptography Extension (JCE):
    JCE augments JCA functionalities with added cryptographic services that are subjected to U.S. export control regulations and includes support for encryption and decryption operations, secret key generation and agreement, and message authentication code (MAC) algorithms.


  3. Java Certification Path (CertPath):
    CertPath provides the functionality of checking, verifying and validating the authenticity of certificate chains.


  4. Java Secure Socket Communication (JSSE):
    JSSE facilitates secure communication by protecting the integrity and confidentiality of data exchanged using SSL/TLS protocols.
For more details on understanding the implementation, look to the Java Security API documentation and refer to the book Core Security Patterns for practical guidance and best practices.

More information:
This was first published in October 2006
This Content Component encountered an error

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchSOA

TheServerSide

SearchCloudApplications

SearchAWS

SearchBusinessAnalytics

SearchFinancialApplications

SearchHealthIT

Close