SlideShare a Scribd company logo

Martin Toshev - Java Security Architecture - Codemotion Rome 2019

Download as PPTX, PDF
Codemotion
Codemotion

The session provides an overview of the security architecture of the Java platform in terms of its evolution throughout the versions of the JDK up to JDK 11 and beyond. The security utilities that fullfill the security portfolio of the JDK will be discussed briefly along with several guidelines in designing and implementing secure applications by following security best practices.

Technology
1 of 62
Security architecture of the Java platform Martin Toshev @martin_fmi
@martin_fmi Who am I Software consultant (CoffeeCupConsulting) BG JUG board member (http://jug.bg) OpenJDK and Oracle RBDMS enthusiast
@martin_fmi
@martin_fmi Agenda • Evolution of the Java security model • Security aspects of the new module system • Outside the sandbox: APIs for secure coding • Designing and coding with security in mind
Evolution of the Java security model
@martin_fmi Evolution of the Java security model • Traditionally - companies protect they assets using strict physical and network access policies • Tools such as anti-virus software, firewalls, IPS/IDS systems facilitate this approach
@martin_fmi Evolution of the Java security model • With the introduction of various technologies for loading and executing code on the client machine from the browser (such as Applets) - a new range of concerns emerge related to client security – this is when the Java security sandbox starts to evolve …
@martin_fmi Evolution of the Java security model • The goal of the Java security sandbox is to allow untrusted code from applets to be executed in a trusted environment such as the user's browser
@martin_fmi Evolution of the Java security model • JDK 1.0 (when it all started …) – the original sandbox model was introduced Applet (untrusted) System code (trusted) JVM Browser http://codemotion.it/demoapplet
@martin_fmi Evolution of the Java security model • Code executed by the JVM is divided in two domains – trusted and untrusted • Strict restriction are applied by default on the security model of applets such as denial to read/write data from disk, connect to the network and so on
@martin_fmi Evolution of the Java security model • JDK 1.1 (gaining trust …) – applet signing introduced Applet (untrusted) System code (trusted) JVM Browser Signed Applet (trusted) http://icodemotion.it/demoapplet http://icodemotion.it/trustedapplet
@martin_fmi Evolution of the Java security model • Local code (as in JDK 1.0) and signed applet code (as of JDK 1.1) are trusted • Unsigned remote code (as in JDK 1.0) is not trusted
@martin_fmi Evolution of the Java security model • Steps needed to sign and run an applet: • Compile the applet • Create a JAR file for the applet • Generate a pair of public/private keys • Sign the applet JAR with the private key • Export a certificate for the public key • Import the Certificate as a Trusted Certificate • Create the policy file • Load and run the applet
@martin_fmi Evolution of the Java security model • JDK 1.2 (gaining more trust …) – fine-grained access control Applet System code JVM Browser grant codeBase http://codemotion.it/demoapplet { permission java.io.FilePermisions “C:Windows” “delete” } security.policy SecurityManager.checkPermission(…) AccessController.checkPermission(…) http://codemotion.it/demoapplet
@martin_fmi Evolution of the Java security model • The security model becomes code-centric • Additional access control decisions are specified in a security policy • No more notion of trusted and untrusted code
@martin_fmi Evolution of the Java security model • The notion of protection domain introduced – determined by the security policy • Two types of protection domains – system and application
@martin_fmi Evolution of the Java security model • The protection domain is set during classloading and contains the code source and the list of permissions for the class applet.getClass().getProtectionDomain();
@martin_fmi Evolution of the Java security model • One permission can imply another permission java.io.FilePermissions “C:Windows” “delete” implies java.io.FilePermissions “C:Windowssystem32” “delete”
@martin_fmi Evolution of the Java security model • One code source can imply another code source codeBase http://codemotion.it/ implies codeBase http://codemotion.it/demoapplet
@martin_fmi Evolution of the Java security model • Since an execution thread may pass through classes loaded by different classloaders (and hence – have different protection domains) the following rule of thumb applies: The permission set of an execution thread is considered to be the intersection of the permissions of all protection domains traversed by the execution thread
@martin_fmi Evolution of the Java security model • JDK 1.3, 1,4 (what about entities running the code … ?) – JAAS Applet System code JVM Browser http://codemotion.it/demoapplet grant principal javax.security.auth.x500.X500Principal "cn=Tom" { permission java.io.FilePermissions “C:Windows” “delete” } security.policy
@martin_fmi Evolution of the Java security model • JAAS (Java Authentication and Authorization Service) extends the security model with role- based permissions • The protection domain of a class now may contain not only the code source and the permissions but a list of principals
@martin_fmi Evolution of the Java security model • The authentication component of JAAS is independent of the security sandbox in Java and hence is typically used in more wider context (such as JavaEE application servers) • The authorization component is the one that extends the Java security policy
@martin_fmi Evolution of the Java security model • Core classes of JAAS: • javax.security.auth.Subject - an authenticated subject • java.security.Principal - identifying characteristic of a subject • javax.security.auth.spi.LoginModule - interface for implementors of login (PAM) modules • javax.security.auth.login.LoginContext - creates objects used for authentication
@martin_fmi Evolution of the Java security model • Up to JDK 1.4 the following is a typical flow for permission checking: 1) upon system startup a security policy is set and a security manager is installed Policy.setPolicy(…) System.setSecurityManager(…)
@martin_fmi Evolution of the Java security model • Up to JDK 1.4 the following is a typical flow for permission checking: 2) during classloading (e.g. of a remote applet) bytecode verification is done and the protection domain is set for the current classloader (along with the code source, the set of permissions and the set of JAAS principals)
@martin_fmi Evolution of the Java security model • Up to JDK 1.4 the following is a typical flow for permission checking: 3) when system code is invoked from the remote code the SecurityManager is used to check against the intersection of protection domains based on the chain of threads and their call stacks
@martin_fmi Evolution of the Java security model • Up to JDK 1.4 the following is a typical flow for permission checking: SocketPermission permission = new SocketPermission(“codemotion.it:8000- 9000","connect,accept"); SecurityManager sm = System.getSecurityManager(); if (sm != null) sm.checkPermission(permission);
@martin_fmi Evolution of the Java security model • Up to JDK 1.4 the following is a typical flow for permission checking: 4) application code can also do permission checking against remote code using a SecurityManager or an AccessController
@martin_fmi Evolution of the Java security model • Up to JDK 1.4 the following is a typical flow for permission checking: SocketPermission permission = new SocketPermission(“codemotion.it:8000-9000", "connect,accept"); AccessController.checkPermission(permission)
@martin_fmi Evolution of the Java security model • Up to JDK 1.4 the following is a typical flow for permission checking: 5) application code can also do permission checking with all permissions of the calling domain or a particular JAAS subject AccessController.doPrivileged(…) Subject.doAs(…) Subject.doAsPrivileged(…)
@martin_fmi Evolution of the Java security model • The security model defined by java.lang.SecurityManager is customizable • For example: Oracle JVM uses a custom SecurityManager with additional permission classes where the code source is a database schema (containing e.g. Java stored procedures)
@martin_fmi Evolution of the Java security model • JDK 1.5, 1.6 (enhancing the model …) – new additions to the sandbox model (e.g. LDAP support for JAAS)
@martin_fmi Evolution of the Java security model • JDK 1.7, 1.8 (further enhancing the model …) – enhancements to the sandbox model (e.g. AccessController.doPrivileged() for checking against a subset of permissions)
@martin_fmi Evolution of the Java security model • JDK 1.9 and beyond … (applying the model to modules …) application module system module 1 JVM Browser http://codemotion.it/appmodule security.policy system module 2
Security aspects of the new module system
@martin_fmi The Big Picture 37 JVM Application grant codeBase "jrt:/it.codemotion" { permission java.io.FilePermisions “C:Windows” “delete” } java.policy SecurityManager. checkPermission(…) AccessController. checkPermission(…) java.base java.logging It.codemotion
@martin_fmi Security implications • The security model remains the same with Java modules • System code is split into modules and applications can use a stripped down VM => improved security • Application code can be split into modules with stronger encapsulation at runtime => improved security 38
@martin_fmi Access control • Access control is governed not by the class loader(s) of the module’s classes but by the module itself • Access modifiers are fulfilled by another layer of encapsulation: exported/opened packages 39
@martin_fmi Runtime modules • Modules can also be defined at runtime with multiple classloaders and grouped into module layers for that purpose: 40 obj.getClass().getModule().getLayer().defineModulesXXX(…)
Outside the sandbox: APIs for secure coding
@martin_fmi Outside the sandbox: APIs for secure coding • The security sandbox defines a strict model for execution of remote code in the JVM • The other side of the coin are the security APIs that provide utilities for implementing the different aspects of application security …
@martin_fmi Outside the sandbox: APIs for secure coding • The additional set of APIs includes: • JCA (Java Cryptography Architecture) • PKI (Public Key Infrastructure) utilities • JSSE (Java Secure Socket Extension) • Java GSS API (Java Generic Security Services) • Java SASL API (Java Simple Authentication and Security Layer)
@martin_fmi Outside the sandbox: APIs for secure coding • JCA provides utilities for: • creating digital signatures • creating message digests • using cryptographic ciphers (symetric/asymetric, block/stream) • using different other types of cryptographic services and algorithms
@martin_fmi Outside the sandbox: APIs for secure coding • JCA has a pluggable architecture • JCA is independent from particular cryptographic algorithms • JCA continues to evolve (especially by providing stronger cryptographic algorithms)
@martin_fmi Outside the sandbox: APIs for secure coding • PKI utilities provide means for working with: • certificates • certificate revocation lists (CRL) • OCSP (Online Certificate Status Protocol) • key stores and trust stores (also based on the PKCS - public-key cryptography standards)
@martin_fmi Outside the sandbox: APIs for secure coding • PKI certificate revocation check (revision): • PKI utilities continue to evolve (especially in providing more support for managing certificates and keys) certificate authorityrevocation checking OCSP CRL certificate certificate
@martin_fmi Outside the sandbox: APIs for secure coding • JSSE provides an implementation of the TSL/SSL sockets for working with remote communication • JSSE continues to evolve (especially in the support for additional features such as Server Name Identication)
@martin_fmi Outside the sandbox: APIs for secure coding • Java GSS API provides an alternative of JSSE for secure communication • Java GSS API is a framework for providing token- based security services that is independent of the underlying protocols
@martin_fmi Outside the sandbox: APIs for secure coding • Java GSS API can be used along with JAAS for authentication purposes • Java GSS API continues to evolve (especially in the support for Kerberos authentication)
@martin_fmi Outside the sandbox: APIs for secure coding • Java SASL defines a protocol for exchange of authentication data • Java SASL is a framework where external providers give concrete semantics to the authentication data being exchanged
@martin_fmi Outside the sandbox: APIs for secure coding • Java SASL continues to evolve (especially with support for additional and enhanced properties for exchanging authentication data)
Designing and coding with security in mind
@martin_fmi Designing and coding with security in mind • First of all - follow programing guidelines and best practices - most are not bound to the Java programming language (input validation, error handling, type safety, access modifiers, resource cleanup, prepared SQL queries and whatever you can think of …)
@martin_fmi Designing and coding with security in mind • Respect the SecurityManager - design libraries so that they work in environments with installed SecurityManager • Example: GSON library does not respect the SecurityManager and cannot be used without additional reflective permissions in some scenarios
@martin_fmi Designing and coding with security in mind • Grant minimal permissions to code that requires them - the principle of "least privilege" • Copy-pasting, of course, increases the risk of security flows (if the copied code is flawed)
@martin_fmi Designing and coding with security in mind • Sanitize exception messages from sensitive information - often this results in an unintended exposal of exploitable information • Let alone exception stacktraces … in many cases they convey a wealth of information about the system
Thank you
@martin_fmi References • Java Security Overview (white paper) http://www.oracle.com/technetwork/java/js-white- paper-149932.pdf • Java SE Platform Security Architecture Spec http://docs.oracle.com/javase/7/docs/technotes/guid es/security/spec/security-spec.doc.html • Inside Java 2 Platform Security, 2nd edition http://www.amazon.com/Inside-Java%C2%BF- Platform-Security-Implementation/dp/0201787911
@martin_fmi References • Java Security, 2nd edition, Scott Oaks http://shop.oreilly.com/product/9780596001575.do • Securing Java, Gary McGraw, Ed Felden http://www.securingjava.com • Secure Coding Guidelines for Java SE http://www.oracle.com/technetwork/java/seccodegui de-139067.html#0
@martin_fmi References • Java 2 Network Security http://www.amazon.com/JAVA-Network-Security- 2nd-Edition/dp/0130155926 • Java Security Documentation http://docs.oracle.com/javase/8/docs/technotes/guid es/security/index.html
@martin_fmi References • Core Java Security: Class Loaders, Security Managers and Encryption http://www.informit.com/articles/article.aspx?p=1187 967 • Overview of Java Security Models http://docs.oracle.com/cd/E12839_01/core.1111/e10 043/introjps.htm#CHDCEJGH

Recommended

Security Architecture of the Java Platform (http://www.javaday.bg event - 14....
Security Architecture of the Java Platform (http://www.javaday.bg event - 14....Security Architecture of the Java Platform (http://www.javaday.bg event - 14....
Security Architecture of the Java Platform (http://www.javaday.bg event - 14....Martin Toshev
 
Java security
Java securityJava security
Java securityAnkush Kumar
 
NSC #2 - D3 05 - Alex Ionescu- Breaking Protected Processes
NSC #2 - D3 05 - Alex Ionescu- Breaking Protected ProcessesNSC #2 - D3 05 - Alex Ionescu- Breaking Protected Processes
NSC #2 - D3 05 - Alex Ionescu- Breaking Protected ProcessesNoSuchCon
 
java2days 2014: Attacking JavaEE Application Servers
java2days 2014: Attacking JavaEE Application Serversjava2days 2014: Attacking JavaEE Application Servers
java2days 2014: Attacking JavaEE Application ServersMartin Toshev
 
Spring security 2017
Spring security 2017Spring security 2017
Spring security 2017Vortexbird
 
Mitigating Java Deserialization attacks from within the JVM
Mitigating Java Deserialization attacks from within the JVMMitigating Java Deserialization attacks from within the JVM
Mitigating Java Deserialization attacks from within the JVMApostolos Giannakidis
 
Windows Internals: fuzzing, hijacking and weaponizing kernel objects
Windows Internals: fuzzing, hijacking and weaponizing kernel objectsWindows Internals: fuzzing, hijacking and weaponizing kernel objects
Windows Internals: fuzzing, hijacking and weaponizing kernel objectsNullbyte Security Conference
 
Dissecting Java Server Faces for Penetration Testing
Dissecting Java Server Faces for Penetration Testing Dissecting Java Server Faces for Penetration Testing
Dissecting Java Server Faces for Penetration Testing Aditya K Sood
 

Recommended

Security Architecture of the Java Platform (http://www.javaday.bg event - 14....
Security Architecture of the Java Platform (http://www.javaday.bg event - 14....Security Architecture of the Java Platform (http://www.javaday.bg event - 14....
Security Architecture of the Java Platform (http://www.javaday.bg event - 14....Martin Toshev
 
Java security
Java securityJava security
Java securityAnkush Kumar
 
NSC #2 - D3 05 - Alex Ionescu- Breaking Protected Processes
NSC #2 - D3 05 - Alex Ionescu- Breaking Protected ProcessesNSC #2 - D3 05 - Alex Ionescu- Breaking Protected Processes
NSC #2 - D3 05 - Alex Ionescu- Breaking Protected ProcessesNoSuchCon
 
java2days 2014: Attacking JavaEE Application Servers
java2days 2014: Attacking JavaEE Application Serversjava2days 2014: Attacking JavaEE Application Servers
java2days 2014: Attacking JavaEE Application ServersMartin Toshev
 
Spring security 2017
Spring security 2017Spring security 2017
Spring security 2017Vortexbird
 
Mitigating Java Deserialization attacks from within the JVM
Mitigating Java Deserialization attacks from within the JVMMitigating Java Deserialization attacks from within the JVM
Mitigating Java Deserialization attacks from within the JVMApostolos Giannakidis
 
Windows Internals: fuzzing, hijacking and weaponizing kernel objects
Windows Internals: fuzzing, hijacking and weaponizing kernel objectsWindows Internals: fuzzing, hijacking and weaponizing kernel objects
Windows Internals: fuzzing, hijacking and weaponizing kernel objectsNullbyte Security Conference
 
Dissecting Java Server Faces for Penetration Testing
Dissecting Java Server Faces for Penetration Testing Dissecting Java Server Faces for Penetration Testing
Dissecting Java Server Faces for Penetration Testing Aditya K Sood
 
JSF Security
JSF SecurityJSF Security
JSF SecuritySource Conference
 
Security in Java
Security in JavaSecurity in Java
Security in JavaSiddharth Coontoor
 
Reversing & Malware Analysis Training Part 13 - Future Roadmap
Reversing & Malware Analysis Training Part 13 - Future RoadmapReversing & Malware Analysis Training Part 13 - Future Roadmap
Reversing & Malware Analysis Training Part 13 - Future Roadmapsecurityxploded
 
Asec r01-resting-on-your-laurels-will-get-you-pwned
Asec r01-resting-on-your-laurels-will-get-you-pwnedAsec r01-resting-on-your-laurels-will-get-you-pwned
Asec r01-resting-on-your-laurels-will-get-you-pwnedDinis Cruz
 
Android Security Overview and Safe Practices for Web-Based Android Applications
Android Security Overview and Safe Practices for Web-Based Android ApplicationsAndroid Security Overview and Safe Practices for Web-Based Android Applications
Android Security Overview and Safe Practices for Web-Based Android Applicationsh4oxer
 
Implementing application security using the .net framework
Implementing application security using the .net frameworkImplementing application security using the .net framework
Implementing application security using the .net frameworkLalit Kale
 
Hack In Paris 2011 - Practical Sandboxing
Hack In Paris 2011 - Practical SandboxingHack In Paris 2011 - Practical Sandboxing
Hack In Paris 2011 - Practical SandboxingTom Keetch
 
Advanced Malware Analysis Training Session 4 - Anti-Analysis Techniques
Advanced Malware Analysis Training Session 4 - Anti-Analysis TechniquesAdvanced Malware Analysis Training Session 4 - Anti-Analysis Techniques
Advanced Malware Analysis Training Session 4 - Anti-Analysis Techniquessecurityxploded
 
Windows Phone 8 Security Deep Dive
Windows Phone 8 Security Deep DiveWindows Phone 8 Security Deep Dive
Windows Phone 8 Security Deep DiveMicrosoft Developer Network (MSDN) - Belgium and Luxembourg
 
Windows Phone 8 application security
Windows Phone 8 application securityWindows Phone 8 application security
Windows Phone 8 application securityAndrey Chasovskikh
 
DEF CON 24 - Dinesh and Shetty - practical android application exploitation
DEF CON 24 - Dinesh and Shetty - practical android application exploitationDEF CON 24 - Dinesh and Shetty - practical android application exploitation
DEF CON 24 - Dinesh and Shetty - practical android application exploitationFelipe Prado
 
Windows Phone 8 Security and Testing WP8 Apps
Windows Phone 8 Security and Testing WP8 AppsWindows Phone 8 Security and Testing WP8 Apps
Windows Phone 8 Security and Testing WP8 AppsJorge Orchilles
 
Windows Phone Application Penetration Testing
Windows Phone Application Penetration Testing Windows Phone Application Penetration Testing
Windows Phone Application Penetration Testing Jewel Joy
 
JavaSecure
JavaSecureJavaSecure
JavaSecureSangbeomKim
 
Protected Process Light will be Protected – MemoryRanger Fills the Gap Again
Protected Process Light will be Protected – MemoryRanger Fills the Gap AgainProtected Process Light will be Protected – MemoryRanger Fills the Gap Again
Protected Process Light will be Protected – MemoryRanger Fills the Gap AgainIgor Korkin
 
Consulthink @ GDG Meets U - L'Aquila2014 - Codelab: Android Security -Il ke...
Consulthink @ GDG Meets U - L'Aquila2014 - Codelab: Android Security -Il ke...Consulthink @ GDG Meets U - L'Aquila2014 - Codelab: Android Security -Il ke...
Consulthink @ GDG Meets U - L'Aquila2014 - Codelab: Android Security -Il ke...Consulthinkspa
 
Core Impact Pro R1-Release Overview
Core Impact Pro R1-Release OverviewCore Impact Pro R1-Release Overview
Core Impact Pro R1-Release OverviewCore Security
 
Android Security
Android SecurityAndroid Security
Android SecuritySuminda Gunawardhana
 
ASP.NET security vulnerabilities
ASP.NET security vulnerabilitiesASP.NET security vulnerabilities
ASP.NET security vulnerabilitiesAleksandar Bozinovski
 
Understanding android security model
Understanding android security modelUnderstanding android security model
Understanding android security modelPragati Rai
 
Security Аrchitecture of Тhe Java Platform
Security Аrchitecture of Тhe Java PlatformSecurity Аrchitecture of Тhe Java Platform
Security Аrchitecture of Тhe Java PlatformMartin Toshev
 
Javantura v4 - Security architecture of the Java platform - Martin Toshev
Javantura v4 - Security architecture of the Java platform - Martin ToshevJavantura v4 - Security architecture of the Java platform - Martin Toshev
Javantura v4 - Security architecture of the Java platform - Martin ToshevHUJAK - Hrvatska udruga Java korisnika / Croatian Java User Association
 

More Related Content

What's hot

Reversing & Malware Analysis Training Part 13 - Future Roadmap
Reversing & Malware Analysis Training Part 13 - Future RoadmapReversing & Malware Analysis Training Part 13 - Future Roadmap
Reversing & Malware Analysis Training Part 13 - Future Roadmapsecurityxploded
 
Asec r01-resting-on-your-laurels-will-get-you-pwned
Asec r01-resting-on-your-laurels-will-get-you-pwnedAsec r01-resting-on-your-laurels-will-get-you-pwned
Asec r01-resting-on-your-laurels-will-get-you-pwnedDinis Cruz
 
Android Security Overview and Safe Practices for Web-Based Android Applications
Android Security Overview and Safe Practices for Web-Based Android ApplicationsAndroid Security Overview and Safe Practices for Web-Based Android Applications
Android Security Overview and Safe Practices for Web-Based Android Applicationsh4oxer
 
Implementing application security using the .net framework
Implementing application security using the .net frameworkImplementing application security using the .net framework
Implementing application security using the .net frameworkLalit Kale
 
Hack In Paris 2011 - Practical Sandboxing
Hack In Paris 2011 - Practical SandboxingHack In Paris 2011 - Practical Sandboxing
Hack In Paris 2011 - Practical SandboxingTom Keetch
 
Advanced Malware Analysis Training Session 4 - Anti-Analysis Techniques
Advanced Malware Analysis Training Session 4 - Anti-Analysis TechniquesAdvanced Malware Analysis Training Session 4 - Anti-Analysis Techniques
Advanced Malware Analysis Training Session 4 - Anti-Analysis Techniquessecurityxploded
 
Windows Phone 8 application security
Windows Phone 8 application securityWindows Phone 8 application security
Windows Phone 8 application securityAndrey Chasovskikh
 
DEF CON 24 - Dinesh and Shetty - practical android application exploitation
DEF CON 24 - Dinesh and Shetty - practical android application exploitationDEF CON 24 - Dinesh and Shetty - practical android application exploitation
DEF CON 24 - Dinesh and Shetty - practical android application exploitationFelipe Prado
 
Windows Phone 8 Security and Testing WP8 Apps
Windows Phone 8 Security and Testing WP8 AppsWindows Phone 8 Security and Testing WP8 Apps
Windows Phone 8 Security and Testing WP8 AppsJorge Orchilles
 
Windows Phone Application Penetration Testing
Windows Phone Application Penetration Testing Windows Phone Application Penetration Testing
Windows Phone Application Penetration Testing Jewel Joy
 
Protected Process Light will be Protected – MemoryRanger Fills the Gap Again
Protected Process Light will be Protected – MemoryRanger Fills the Gap AgainProtected Process Light will be Protected – MemoryRanger Fills the Gap Again
Protected Process Light will be Protected – MemoryRanger Fills the Gap AgainIgor Korkin
 
Consulthink @ GDG Meets U - L'Aquila2014 - Codelab: Android Security -Il ke...
Consulthink @ GDG Meets U - L'Aquila2014 - Codelab: Android Security -Il ke...Consulthink @ GDG Meets U - L'Aquila2014 - Codelab: Android Security -Il ke...
Consulthink @ GDG Meets U - L'Aquila2014 - Codelab: Android Security -Il ke...Consulthinkspa
 
Core Impact Pro R1-Release Overview
Core Impact Pro R1-Release OverviewCore Impact Pro R1-Release Overview
Core Impact Pro R1-Release OverviewCore Security
 
Understanding android security model
Understanding android security modelUnderstanding android security model
Understanding android security modelPragati Rai
 

What's hot (20)

JSF Security
JSF SecurityJSF Security
JSF Security
 
Security in Java
Security in JavaSecurity in Java
Security in Java
 
Reversing & Malware Analysis Training Part 13 - Future Roadmap
Reversing & Malware Analysis Training Part 13 - Future RoadmapReversing & Malware Analysis Training Part 13 - Future Roadmap
Reversing & Malware Analysis Training Part 13 - Future Roadmap
 
Asec r01-resting-on-your-laurels-will-get-you-pwned
Asec r01-resting-on-your-laurels-will-get-you-pwnedAsec r01-resting-on-your-laurels-will-get-you-pwned
Asec r01-resting-on-your-laurels-will-get-you-pwned
 
Android Security Overview and Safe Practices for Web-Based Android Applications
Android Security Overview and Safe Practices for Web-Based Android ApplicationsAndroid Security Overview and Safe Practices for Web-Based Android Applications
Android Security Overview and Safe Practices for Web-Based Android Applications
 
Implementing application security using the .net framework
Implementing application security using the .net frameworkImplementing application security using the .net framework
Implementing application security using the .net framework
 
Hack In Paris 2011 - Practical Sandboxing
Hack In Paris 2011 - Practical SandboxingHack In Paris 2011 - Practical Sandboxing
Hack In Paris 2011 - Practical Sandboxing
 
Advanced Malware Analysis Training Session 4 - Anti-Analysis Techniques
Advanced Malware Analysis Training Session 4 - Anti-Analysis TechniquesAdvanced Malware Analysis Training Session 4 - Anti-Analysis Techniques
Advanced Malware Analysis Training Session 4 - Anti-Analysis Techniques
 
Windows Phone 8 Security Deep Dive
Windows Phone 8 Security Deep DiveWindows Phone 8 Security Deep Dive
Windows Phone 8 Security Deep Dive
 
Windows Phone 8 application security
Windows Phone 8 application securityWindows Phone 8 application security
Windows Phone 8 application security
 
DEF CON 24 - Dinesh and Shetty - practical android application exploitation
DEF CON 24 - Dinesh and Shetty - practical android application exploitationDEF CON 24 - Dinesh and Shetty - practical android application exploitation
DEF CON 24 - Dinesh and Shetty - practical android application exploitation
 
Windows Phone 8 Security and Testing WP8 Apps
Windows Phone 8 Security and Testing WP8 AppsWindows Phone 8 Security and Testing WP8 Apps
Windows Phone 8 Security and Testing WP8 Apps
 
Windows Phone Application Penetration Testing
Windows Phone Application Penetration Testing Windows Phone Application Penetration Testing
Windows Phone Application Penetration Testing
 
JavaSecure
JavaSecureJavaSecure
JavaSecure
 
Protected Process Light will be Protected – MemoryRanger Fills the Gap Again
Protected Process Light will be Protected – MemoryRanger Fills the Gap AgainProtected Process Light will be Protected – MemoryRanger Fills the Gap Again
Protected Process Light will be Protected – MemoryRanger Fills the Gap Again
 
Consulthink @ GDG Meets U - L'Aquila2014 - Codelab: Android Security -Il ke...
Consulthink @ GDG Meets U - L'Aquila2014 - Codelab: Android Security -Il ke...Consulthink @ GDG Meets U - L'Aquila2014 - Codelab: Android Security -Il ke...
Consulthink @ GDG Meets U - L'Aquila2014 - Codelab: Android Security -Il ke...
 
Core Impact Pro R1-Release Overview
Core Impact Pro R1-Release OverviewCore Impact Pro R1-Release Overview
Core Impact Pro R1-Release Overview
 
Android Security
Android SecurityAndroid Security
Android Security
 
ASP.NET security vulnerabilities
ASP.NET security vulnerabilitiesASP.NET security vulnerabilities
ASP.NET security vulnerabilities
 
Understanding android security model
Understanding android security modelUnderstanding android security model
Understanding android security model
 

Similar to Martin Toshev - Java Security Architecture - Codemotion Rome 2019

Security Аrchitecture of Тhe Java Platform
Security Аrchitecture of Тhe Java PlatformSecurity Аrchitecture of Тhe Java Platform
Security Аrchitecture of Тhe Java PlatformMartin Toshev
 
Security Architecture of the Java Platform (BG OUG, Plovdiv, 13.06.2015)
Security Architecture of the Java Platform (BG OUG, Plovdiv, 13.06.2015)Security Architecture of the Java Platform (BG OUG, Plovdiv, 13.06.2015)
Security Architecture of the Java Platform (BG OUG, Plovdiv, 13.06.2015)Martin Toshev
 
Security Architecture of the Java platform
Security Architecture of the Java platformSecurity Architecture of the Java platform
Security Architecture of the Java platformMartin Toshev
 
Java Platform Security Architecture
Java Platform Security ArchitectureJava Platform Security Architecture
Java Platform Security ArchitectureRamesh Nagappan
 
Practical security In a modular world
Practical security In a modular worldPractical security In a modular world
Practical security In a modular worldMartin Toshev
 
Chapter three Java_security.ppt
Chapter three Java_security.pptChapter three Java_security.ppt
Chapter three Java_security.pptHaymanotTadese
 
Tollas Ferenc - Java security
Tollas Ferenc - Java securityTollas Ferenc - Java security
Tollas Ferenc - Java securityveszpremimeetup
 
From java to android a security analysis
From java to android a security analysisFrom java to android a security analysis
From java to android a security analysisPragati Rai
 
Java Exploit Analysis .
Java Exploit Analysis .Java Exploit Analysis .
Java Exploit Analysis .Rahul Sasi
 
Sandboxing (Distributed computing)
Sandboxing (Distributed computing)Sandboxing (Distributed computing)
Sandboxing (Distributed computing)Sri Prasanna
 
Vulnex app secusa2013
Vulnex app secusa2013Vulnex app secusa2013
Vulnex app secusa2013drewz lin
 
2015 09-18-jug summer camp
2015 09-18-jug summer camp2015 09-18-jug summer camp
2015 09-18-jug summer campSebastien Gioria
 
42 minutes to secure your code....
42 minutes to secure your code....42 minutes to secure your code....
42 minutes to secure your code....Sebastien Gioria
 
Creating Secure Applications
Creating Secure Applications Creating Secure Applications
Creating Secure Applications guest879f38
 
3.Secure Design Principles And Process
3.Secure Design Principles And Process3.Secure Design Principles And Process
3.Secure Design Principles And Processphanleson
 
CDI and Seam 3: an Exciting New Landscape for Java EE Development
CDI and Seam 3: an Exciting New Landscape for Java EE DevelopmentCDI and Seam 3: an Exciting New Landscape for Java EE Development
CDI and Seam 3: an Exciting New Landscape for Java EE DevelopmentSaltmarch Media
 
Java & The Android Stack: A Security Analysis
Java & The Android Stack: A Security AnalysisJava & The Android Stack: A Security Analysis
Java & The Android Stack: A Security AnalysisPragati Rai
 

Similar to Martin Toshev - Java Security Architecture - Codemotion Rome 2019 (20)

Security Аrchitecture of Тhe Java Platform
Security Аrchitecture of Тhe Java PlatformSecurity Аrchitecture of Тhe Java Platform
Security Аrchitecture of Тhe Java Platform
 
Javantura v4 - Security architecture of the Java platform - Martin Toshev
Javantura v4 - Security architecture of the Java platform - Martin ToshevJavantura v4 - Security architecture of the Java platform - Martin Toshev
Javantura v4 - Security architecture of the Java platform - Martin Toshev
 
Security Architecture of the Java Platform (BG OUG, Plovdiv, 13.06.2015)
Security Architecture of the Java Platform (BG OUG, Plovdiv, 13.06.2015)Security Architecture of the Java Platform (BG OUG, Plovdiv, 13.06.2015)
Security Architecture of the Java Platform (BG OUG, Plovdiv, 13.06.2015)
 
Security Architecture of the Java platform
Security Architecture of the Java platformSecurity Architecture of the Java platform
Security Architecture of the Java platform
 
Java Platform Security Architecture
Java Platform Security ArchitectureJava Platform Security Architecture
Java Platform Security Architecture
 
Practical security In a modular world
Practical security In a modular worldPractical security In a modular world
Practical security In a modular world
 
Chapter three Java_security.ppt
Chapter three Java_security.pptChapter three Java_security.ppt
Chapter three Java_security.ppt
 
Java Security
Java SecurityJava Security
Java Security
 
Tollas Ferenc - Java security
Tollas Ferenc - Java securityTollas Ferenc - Java security
Tollas Ferenc - Java security
 
From java to android a security analysis
From java to android a security analysisFrom java to android a security analysis
From java to android a security analysis
 
Java Exploit Analysis .
Java Exploit Analysis .Java Exploit Analysis .
Java Exploit Analysis .
 
Advanced Java
Advanced JavaAdvanced Java
Advanced Java
 
Sandboxing (Distributed computing)
Sandboxing (Distributed computing)Sandboxing (Distributed computing)
Sandboxing (Distributed computing)
 
Vulnex app secusa2013
Vulnex app secusa2013Vulnex app secusa2013
Vulnex app secusa2013
 
2015 09-18-jug summer camp
2015 09-18-jug summer camp2015 09-18-jug summer camp
2015 09-18-jug summer camp
 
42 minutes to secure your code....
42 minutes to secure your code....42 minutes to secure your code....
42 minutes to secure your code....
 
Creating Secure Applications
Creating Secure Applications Creating Secure Applications
Creating Secure Applications
 
3.Secure Design Principles And Process
3.Secure Design Principles And Process3.Secure Design Principles And Process
3.Secure Design Principles And Process
 
CDI and Seam 3: an Exciting New Landscape for Java EE Development
CDI and Seam 3: an Exciting New Landscape for Java EE DevelopmentCDI and Seam 3: an Exciting New Landscape for Java EE Development
CDI and Seam 3: an Exciting New Landscape for Java EE Development
 
Java & The Android Stack: A Security Analysis
Java & The Android Stack: A Security AnalysisJava & The Android Stack: A Security Analysis
Java & The Android Stack: A Security Analysis
 

More from Codemotion

Fuzz-testing: A hacker's approach to making your code more secure | Pascal Ze...
Fuzz-testing: A hacker's approach to making your code more secure | Pascal Ze...Fuzz-testing: A hacker's approach to making your code more secure | Pascal Ze...
Fuzz-testing: A hacker's approach to making your code more secure | Pascal Ze...Codemotion
 
Pompili - From hero to_zero: The FatalNoise neverending story
Pompili - From hero to_zero: The FatalNoise neverending storyPompili - From hero to_zero: The FatalNoise neverending story
Pompili - From hero to_zero: The FatalNoise neverending storyCodemotion
 
Pastore - Commodore 65 - La storia
Pastore - Commodore 65 - La storiaPastore - Commodore 65 - La storia
Pastore - Commodore 65 - La storiaCodemotion
 
Pennisi - Essere Richard Altwasser
Pennisi - Essere Richard AltwasserPennisi - Essere Richard Altwasser
Pennisi - Essere Richard AltwasserCodemotion
 
Michel Schudel - Let's build a blockchain... in 40 minutes! - Codemotion Amst...
Michel Schudel - Let's build a blockchain... in 40 minutes! - Codemotion Amst...Michel Schudel - Let's build a blockchain... in 40 minutes! - Codemotion Amst...
Michel Schudel - Let's build a blockchain... in 40 minutes! - Codemotion Amst...Codemotion
 
Richard Süselbeck - Building your own ride share app - Codemotion Amsterdam 2019
Richard Süselbeck - Building your own ride share app - Codemotion Amsterdam 2019Richard Süselbeck - Building your own ride share app - Codemotion Amsterdam 2019
Richard Süselbeck - Building your own ride share app - Codemotion Amsterdam 2019Codemotion
 
Eward Driehuis - What we learned from 20.000 attacks - Codemotion Amsterdam 2019
Eward Driehuis - What we learned from 20.000 attacks - Codemotion Amsterdam 2019Eward Driehuis - What we learned from 20.000 attacks - Codemotion Amsterdam 2019
Eward Driehuis - What we learned from 20.000 attacks - Codemotion Amsterdam 2019Codemotion
 
Francesco Baldassarri - Deliver Data at Scale - Codemotion Amsterdam 2019 -
Francesco Baldassarri - Deliver Data at Scale - Codemotion Amsterdam 2019 - Francesco Baldassarri - Deliver Data at Scale - Codemotion Amsterdam 2019 -
Francesco Baldassarri - Deliver Data at Scale - Codemotion Amsterdam 2019 - Codemotion
 
Martin Förtsch, Thomas Endres - Stereoscopic Style Transfer AI - Codemotion A...
Martin Förtsch, Thomas Endres - Stereoscopic Style Transfer AI - Codemotion A...Martin Förtsch, Thomas Endres - Stereoscopic Style Transfer AI - Codemotion A...
Martin Förtsch, Thomas Endres - Stereoscopic Style Transfer AI - Codemotion A...Codemotion
 
Melanie Rieback, Klaus Kursawe - Blockchain Security: Melting the "Silver Bul...
Melanie Rieback, Klaus Kursawe - Blockchain Security: Melting the "Silver Bul...Melanie Rieback, Klaus Kursawe - Blockchain Security: Melting the "Silver Bul...
Melanie Rieback, Klaus Kursawe - Blockchain Security: Melting the "Silver Bul...Codemotion
 
Angelo van der Sijpt - How well do you know your network stack? - Codemotion ...
Angelo van der Sijpt - How well do you know your network stack? - Codemotion ...Angelo van der Sijpt - How well do you know your network stack? - Codemotion ...
Angelo van der Sijpt - How well do you know your network stack? - Codemotion ...Codemotion
 
Lars Wolff - Performance Testing for DevOps in the Cloud - Codemotion Amsterd...
Lars Wolff - Performance Testing for DevOps in the Cloud - Codemotion Amsterd...Lars Wolff - Performance Testing for DevOps in the Cloud - Codemotion Amsterd...
Lars Wolff - Performance Testing for DevOps in the Cloud - Codemotion Amsterd...Codemotion
 
Sascha Wolter - Conversational AI Demystified - Codemotion Amsterdam 2019
Sascha Wolter - Conversational AI Demystified - Codemotion Amsterdam 2019Sascha Wolter - Conversational AI Demystified - Codemotion Amsterdam 2019
Sascha Wolter - Conversational AI Demystified - Codemotion Amsterdam 2019Codemotion
 
Michele Tonutti - Scaling is caring - Codemotion Amsterdam 2019
Michele Tonutti - Scaling is caring - Codemotion Amsterdam 2019Michele Tonutti - Scaling is caring - Codemotion Amsterdam 2019
Michele Tonutti - Scaling is caring - Codemotion Amsterdam 2019Codemotion
 
Pat Hermens - From 100 to 1,000+ deployments a day - Codemotion Amsterdam 2019
Pat Hermens - From 100 to 1,000+ deployments a day - Codemotion Amsterdam 2019Pat Hermens - From 100 to 1,000+ deployments a day - Codemotion Amsterdam 2019
Pat Hermens - From 100 to 1,000+ deployments a day - Codemotion Amsterdam 2019Codemotion
 
James Birnie - Using Many Worlds of Compute Power with Quantum - Codemotion A...
James Birnie - Using Many Worlds of Compute Power with Quantum - Codemotion A...James Birnie - Using Many Worlds of Compute Power with Quantum - Codemotion A...
James Birnie - Using Many Worlds of Compute Power with Quantum - Codemotion A...Codemotion
 
Don Goodman-Wilson - Chinese food, motor scooters, and open source developmen...
Don Goodman-Wilson - Chinese food, motor scooters, and open source developmen...Don Goodman-Wilson - Chinese food, motor scooters, and open source developmen...
Don Goodman-Wilson - Chinese food, motor scooters, and open source developmen...Codemotion
 
Pieter Omvlee - The story behind Sketch - Codemotion Amsterdam 2019
Pieter Omvlee - The story behind Sketch - Codemotion Amsterdam 2019Pieter Omvlee - The story behind Sketch - Codemotion Amsterdam 2019
Pieter Omvlee - The story behind Sketch - Codemotion Amsterdam 2019Codemotion
 
Dave Farley - Taking Back “Software Engineering” - Codemotion Amsterdam 2019
Dave Farley - Taking Back “Software Engineering” - Codemotion Amsterdam 2019Dave Farley - Taking Back “Software Engineering” - Codemotion Amsterdam 2019
Dave Farley - Taking Back “Software Engineering” - Codemotion Amsterdam 2019Codemotion
 
Joshua Hoffman - Should the CTO be Coding? - Codemotion Amsterdam 2019
Joshua Hoffman - Should the CTO be Coding? - Codemotion Amsterdam 2019Joshua Hoffman - Should the CTO be Coding? - Codemotion Amsterdam 2019
Joshua Hoffman - Should the CTO be Coding? - Codemotion Amsterdam 2019Codemotion
 

More from Codemotion (20)

Fuzz-testing: A hacker's approach to making your code more secure | Pascal Ze...
Fuzz-testing: A hacker's approach to making your code more secure | Pascal Ze...Fuzz-testing: A hacker's approach to making your code more secure | Pascal Ze...
Fuzz-testing: A hacker's approach to making your code more secure | Pascal Ze...
 
Pompili - From hero to_zero: The FatalNoise neverending story
Pompili - From hero to_zero: The FatalNoise neverending storyPompili - From hero to_zero: The FatalNoise neverending story
Pompili - From hero to_zero: The FatalNoise neverending story
 
Pastore - Commodore 65 - La storia
Pastore - Commodore 65 - La storiaPastore - Commodore 65 - La storia
Pastore - Commodore 65 - La storia
 
Pennisi - Essere Richard Altwasser
Pennisi - Essere Richard AltwasserPennisi - Essere Richard Altwasser
Pennisi - Essere Richard Altwasser
 
Michel Schudel - Let's build a blockchain... in 40 minutes! - Codemotion Amst...
Michel Schudel - Let's build a blockchain... in 40 minutes! - Codemotion Amst...Michel Schudel - Let's build a blockchain... in 40 minutes! - Codemotion Amst...
Michel Schudel - Let's build a blockchain... in 40 minutes! - Codemotion Amst...
 
Richard Süselbeck - Building your own ride share app - Codemotion Amsterdam 2019
Richard Süselbeck - Building your own ride share app - Codemotion Amsterdam 2019Richard Süselbeck - Building your own ride share app - Codemotion Amsterdam 2019
Richard Süselbeck - Building your own ride share app - Codemotion Amsterdam 2019
 
Eward Driehuis - What we learned from 20.000 attacks - Codemotion Amsterdam 2019
Eward Driehuis - What we learned from 20.000 attacks - Codemotion Amsterdam 2019Eward Driehuis - What we learned from 20.000 attacks - Codemotion Amsterdam 2019
Eward Driehuis - What we learned from 20.000 attacks - Codemotion Amsterdam 2019
 
Francesco Baldassarri - Deliver Data at Scale - Codemotion Amsterdam 2019 -
Francesco Baldassarri - Deliver Data at Scale - Codemotion Amsterdam 2019 - Francesco Baldassarri - Deliver Data at Scale - Codemotion Amsterdam 2019 -
Francesco Baldassarri - Deliver Data at Scale - Codemotion Amsterdam 2019 -
 
Martin Förtsch, Thomas Endres - Stereoscopic Style Transfer AI - Codemotion A...
Martin Förtsch, Thomas Endres - Stereoscopic Style Transfer AI - Codemotion A...Martin Förtsch, Thomas Endres - Stereoscopic Style Transfer AI - Codemotion A...
Martin Förtsch, Thomas Endres - Stereoscopic Style Transfer AI - Codemotion A...
 
Melanie Rieback, Klaus Kursawe - Blockchain Security: Melting the "Silver Bul...
Melanie Rieback, Klaus Kursawe - Blockchain Security: Melting the "Silver Bul...Melanie Rieback, Klaus Kursawe - Blockchain Security: Melting the "Silver Bul...
Melanie Rieback, Klaus Kursawe - Blockchain Security: Melting the "Silver Bul...
 
Angelo van der Sijpt - How well do you know your network stack? - Codemotion ...
Angelo van der Sijpt - How well do you know your network stack? - Codemotion ...Angelo van der Sijpt - How well do you know your network stack? - Codemotion ...
Angelo van der Sijpt - How well do you know your network stack? - Codemotion ...
 
Lars Wolff - Performance Testing for DevOps in the Cloud - Codemotion Amsterd...
Lars Wolff - Performance Testing for DevOps in the Cloud - Codemotion Amsterd...Lars Wolff - Performance Testing for DevOps in the Cloud - Codemotion Amsterd...
Lars Wolff - Performance Testing for DevOps in the Cloud - Codemotion Amsterd...
 
Sascha Wolter - Conversational AI Demystified - Codemotion Amsterdam 2019
Sascha Wolter - Conversational AI Demystified - Codemotion Amsterdam 2019Sascha Wolter - Conversational AI Demystified - Codemotion Amsterdam 2019
Sascha Wolter - Conversational AI Demystified - Codemotion Amsterdam 2019
 
Michele Tonutti - Scaling is caring - Codemotion Amsterdam 2019
Michele Tonutti - Scaling is caring - Codemotion Amsterdam 2019Michele Tonutti - Scaling is caring - Codemotion Amsterdam 2019
Michele Tonutti - Scaling is caring - Codemotion Amsterdam 2019
 
Pat Hermens - From 100 to 1,000+ deployments a day - Codemotion Amsterdam 2019
Pat Hermens - From 100 to 1,000+ deployments a day - Codemotion Amsterdam 2019Pat Hermens - From 100 to 1,000+ deployments a day - Codemotion Amsterdam 2019
Pat Hermens - From 100 to 1,000+ deployments a day - Codemotion Amsterdam 2019
 
James Birnie - Using Many Worlds of Compute Power with Quantum - Codemotion A...
James Birnie - Using Many Worlds of Compute Power with Quantum - Codemotion A...James Birnie - Using Many Worlds of Compute Power with Quantum - Codemotion A...
James Birnie - Using Many Worlds of Compute Power with Quantum - Codemotion A...
 
Don Goodman-Wilson - Chinese food, motor scooters, and open source developmen...
Don Goodman-Wilson - Chinese food, motor scooters, and open source developmen...Don Goodman-Wilson - Chinese food, motor scooters, and open source developmen...
Don Goodman-Wilson - Chinese food, motor scooters, and open source developmen...
 
Pieter Omvlee - The story behind Sketch - Codemotion Amsterdam 2019
Pieter Omvlee - The story behind Sketch - Codemotion Amsterdam 2019Pieter Omvlee - The story behind Sketch - Codemotion Amsterdam 2019
Pieter Omvlee - The story behind Sketch - Codemotion Amsterdam 2019
 
Dave Farley - Taking Back “Software Engineering” - Codemotion Amsterdam 2019
Dave Farley - Taking Back “Software Engineering” - Codemotion Amsterdam 2019Dave Farley - Taking Back “Software Engineering” - Codemotion Amsterdam 2019
Dave Farley - Taking Back “Software Engineering” - Codemotion Amsterdam 2019
 
Joshua Hoffman - Should the CTO be Coding? - Codemotion Amsterdam 2019
Joshua Hoffman - Should the CTO be Coding? - Codemotion Amsterdam 2019Joshua Hoffman - Should the CTO be Coding? - Codemotion Amsterdam 2019
Joshua Hoffman - Should the CTO be Coding? - Codemotion Amsterdam 2019
 

Recently uploaded

Bluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfBluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfngoud9212
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGMarianaLemus7
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsPrecisely
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 

Recently uploaded (20)

Bluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfBluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdf
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power Systems
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 

Martin Toshev - Java Security Architecture - Codemotion Rome 2019

  • 1. Security architecture of the Java platform Martin Toshev @martin_fmi
  • 2. @martin_fmi Who am I Software consultant (CoffeeCupConsulting) BG JUG board member (http://jug.bg) OpenJDK and Oracle RBDMS enthusiast
  • 4. @martin_fmi Agenda • Evolution of the Java security model • Security aspects of the new module system • Outside the sandbox: APIs for secure coding • Designing and coding with security in mind
  • 5. Evolution of the Java security model
  • 6. @martin_fmi Evolution of the Java security model • Traditionally - companies protect they assets using strict physical and network access policies • Tools such as anti-virus software, firewalls, IPS/IDS systems facilitate this approach
  • 7. @martin_fmi Evolution of the Java security model • With the introduction of various technologies for loading and executing code on the client machine from the browser (such as Applets) - a new range of concerns emerge related to client security – this is when the Java security sandbox starts to evolve …
  • 8. @martin_fmi Evolution of the Java security model • The goal of the Java security sandbox is to allow untrusted code from applets to be executed in a trusted environment such as the user's browser
  • 9. @martin_fmi Evolution of the Java security model • JDK 1.0 (when it all started …) – the original sandbox model was introduced Applet (untrusted) System code (trusted) JVM Browser http://codemotion.it/demoapplet
  • 10. @martin_fmi Evolution of the Java security model • Code executed by the JVM is divided in two domains – trusted and untrusted • Strict restriction are applied by default on the security model of applets such as denial to read/write data from disk, connect to the network and so on
  • 11. @martin_fmi Evolution of the Java security model • JDK 1.1 (gaining trust …) – applet signing introduced Applet (untrusted) System code (trusted) JVM Browser Signed Applet (trusted) http://icodemotion.it/demoapplet http://icodemotion.it/trustedapplet
  • 12. @martin_fmi Evolution of the Java security model • Local code (as in JDK 1.0) and signed applet code (as of JDK 1.1) are trusted • Unsigned remote code (as in JDK 1.0) is not trusted
  • 13. @martin_fmi Evolution of the Java security model • Steps needed to sign and run an applet: • Compile the applet • Create a JAR file for the applet • Generate a pair of public/private keys • Sign the applet JAR with the private key • Export a certificate for the public key • Import the Certificate as a Trusted Certificate • Create the policy file • Load and run the applet
  • 14. @martin_fmi Evolution of the Java security model • JDK 1.2 (gaining more trust …) – fine-grained access control Applet System code JVM Browser grant codeBase http://codemotion.it/demoapplet { permission java.io.FilePermisions “C:Windows” “delete” } security.policy SecurityManager.checkPermission(…) AccessController.checkPermission(…) http://codemotion.it/demoapplet
  • 15. @martin_fmi Evolution of the Java security model • The security model becomes code-centric • Additional access control decisions are specified in a security policy • No more notion of trusted and untrusted code
  • 16. @martin_fmi Evolution of the Java security model • The notion of protection domain introduced – determined by the security policy • Two types of protection domains – system and application
  • 17. @martin_fmi Evolution of the Java security model • The protection domain is set during classloading and contains the code source and the list of permissions for the class applet.getClass().getProtectionDomain();
  • 18. @martin_fmi Evolution of the Java security model • One permission can imply another permission java.io.FilePermissions “C:Windows” “delete” implies java.io.FilePermissions “C:Windowssystem32” “delete”
  • 19. @martin_fmi Evolution of the Java security model • One code source can imply another code source codeBase http://codemotion.it/ implies codeBase http://codemotion.it/demoapplet
  • 20. @martin_fmi Evolution of the Java security model • Since an execution thread may pass through classes loaded by different classloaders (and hence – have different protection domains) the following rule of thumb applies: The permission set of an execution thread is considered to be the intersection of the permissions of all protection domains traversed by the execution thread
  • 21. @martin_fmi Evolution of the Java security model • JDK 1.3, 1,4 (what about entities running the code … ?) – JAAS Applet System code JVM Browser http://codemotion.it/demoapplet grant principal javax.security.auth.x500.X500Principal "cn=Tom" { permission java.io.FilePermissions “C:Windows” “delete” } security.policy
  • 22. @martin_fmi Evolution of the Java security model • JAAS (Java Authentication and Authorization Service) extends the security model with role- based permissions • The protection domain of a class now may contain not only the code source and the permissions but a list of principals
  • 23. @martin_fmi Evolution of the Java security model • The authentication component of JAAS is independent of the security sandbox in Java and hence is typically used in more wider context (such as JavaEE application servers) • The authorization component is the one that extends the Java security policy
  • 24. @martin_fmi Evolution of the Java security model • Core classes of JAAS: • javax.security.auth.Subject - an authenticated subject • java.security.Principal - identifying characteristic of a subject • javax.security.auth.spi.LoginModule - interface for implementors of login (PAM) modules • javax.security.auth.login.LoginContext - creates objects used for authentication
  • 25. @martin_fmi Evolution of the Java security model • Up to JDK 1.4 the following is a typical flow for permission checking: 1) upon system startup a security policy is set and a security manager is installed Policy.setPolicy(…) System.setSecurityManager(…)
  • 26. @martin_fmi Evolution of the Java security model • Up to JDK 1.4 the following is a typical flow for permission checking: 2) during classloading (e.g. of a remote applet) bytecode verification is done and the protection domain is set for the current classloader (along with the code source, the set of permissions and the set of JAAS principals)
  • 27. @martin_fmi Evolution of the Java security model • Up to JDK 1.4 the following is a typical flow for permission checking: 3) when system code is invoked from the remote code the SecurityManager is used to check against the intersection of protection domains based on the chain of threads and their call stacks
  • 28. @martin_fmi Evolution of the Java security model • Up to JDK 1.4 the following is a typical flow for permission checking: SocketPermission permission = new SocketPermission(“codemotion.it:8000- 9000","connect,accept"); SecurityManager sm = System.getSecurityManager(); if (sm != null) sm.checkPermission(permission);
  • 29. @martin_fmi Evolution of the Java security model • Up to JDK 1.4 the following is a typical flow for permission checking: 4) application code can also do permission checking against remote code using a SecurityManager or an AccessController
  • 30. @martin_fmi Evolution of the Java security model • Up to JDK 1.4 the following is a typical flow for permission checking: SocketPermission permission = new SocketPermission(“codemotion.it:8000-9000", "connect,accept"); AccessController.checkPermission(permission)
  • 31. @martin_fmi Evolution of the Java security model • Up to JDK 1.4 the following is a typical flow for permission checking: 5) application code can also do permission checking with all permissions of the calling domain or a particular JAAS subject AccessController.doPrivileged(…) Subject.doAs(…) Subject.doAsPrivileged(…)
  • 32. @martin_fmi Evolution of the Java security model • The security model defined by java.lang.SecurityManager is customizable • For example: Oracle JVM uses a custom SecurityManager with additional permission classes where the code source is a database schema (containing e.g. Java stored procedures)
  • 33. @martin_fmi Evolution of the Java security model • JDK 1.5, 1.6 (enhancing the model …) – new additions to the sandbox model (e.g. LDAP support for JAAS)
  • 34. @martin_fmi Evolution of the Java security model • JDK 1.7, 1.8 (further enhancing the model …) – enhancements to the sandbox model (e.g. AccessController.doPrivileged() for checking against a subset of permissions)
  • 35. @martin_fmi Evolution of the Java security model • JDK 1.9 and beyond … (applying the model to modules …) application module system module 1 JVM Browser http://codemotion.it/appmodule security.policy system module 2
  • 36. Security aspects of the new module system
  • 37. @martin_fmi The Big Picture 37 JVM Application grant codeBase "jrt:/it.codemotion" { permission java.io.FilePermisions “C:Windows” “delete” } java.policy SecurityManager. checkPermission(…) AccessController. checkPermission(…) java.base java.logging It.codemotion
  • 38. @martin_fmi Security implications • The security model remains the same with Java modules • System code is split into modules and applications can use a stripped down VM => improved security • Application code can be split into modules with stronger encapsulation at runtime => improved security 38
  • 39. @martin_fmi Access control • Access control is governed not by the class loader(s) of the module’s classes but by the module itself • Access modifiers are fulfilled by another layer of encapsulation: exported/opened packages 39
  • 40. @martin_fmi Runtime modules • Modules can also be defined at runtime with multiple classloaders and grouped into module layers for that purpose: 40 obj.getClass().getModule().getLayer().defineModulesXXX(…)
  • 41. Outside the sandbox: APIs for secure coding
  • 42. @martin_fmi Outside the sandbox: APIs for secure coding • The security sandbox defines a strict model for execution of remote code in the JVM • The other side of the coin are the security APIs that provide utilities for implementing the different aspects of application security …
  • 43. @martin_fmi Outside the sandbox: APIs for secure coding • The additional set of APIs includes: • JCA (Java Cryptography Architecture) • PKI (Public Key Infrastructure) utilities • JSSE (Java Secure Socket Extension) • Java GSS API (Java Generic Security Services) • Java SASL API (Java Simple Authentication and Security Layer)
  • 44. @martin_fmi Outside the sandbox: APIs for secure coding • JCA provides utilities for: • creating digital signatures • creating message digests • using cryptographic ciphers (symetric/asymetric, block/stream) • using different other types of cryptographic services and algorithms
  • 45. @martin_fmi Outside the sandbox: APIs for secure coding • JCA has a pluggable architecture • JCA is independent from particular cryptographic algorithms • JCA continues to evolve (especially by providing stronger cryptographic algorithms)
  • 46. @martin_fmi Outside the sandbox: APIs for secure coding • PKI utilities provide means for working with: • certificates • certificate revocation lists (CRL) • OCSP (Online Certificate Status Protocol) • key stores and trust stores (also based on the PKCS - public-key cryptography standards)
  • 47. @martin_fmi Outside the sandbox: APIs for secure coding • PKI certificate revocation check (revision): • PKI utilities continue to evolve (especially in providing more support for managing certificates and keys) certificate authorityrevocation checking OCSP CRL certificate certificate
  • 48. @martin_fmi Outside the sandbox: APIs for secure coding • JSSE provides an implementation of the TSL/SSL sockets for working with remote communication • JSSE continues to evolve (especially in the support for additional features such as Server Name Identication)
  • 49. @martin_fmi Outside the sandbox: APIs for secure coding • Java GSS API provides an alternative of JSSE for secure communication • Java GSS API is a framework for providing token- based security services that is independent of the underlying protocols
  • 50. @martin_fmi Outside the sandbox: APIs for secure coding • Java GSS API can be used along with JAAS for authentication purposes • Java GSS API continues to evolve (especially in the support for Kerberos authentication)
  • 51. @martin_fmi Outside the sandbox: APIs for secure coding • Java SASL defines a protocol for exchange of authentication data • Java SASL is a framework where external providers give concrete semantics to the authentication data being exchanged
  • 52. @martin_fmi Outside the sandbox: APIs for secure coding • Java SASL continues to evolve (especially with support for additional and enhanced properties for exchanging authentication data)
  • 53. Designing and coding with security in mind
  • 54. @martin_fmi Designing and coding with security in mind • First of all - follow programing guidelines and best practices - most are not bound to the Java programming language (input validation, error handling, type safety, access modifiers, resource cleanup, prepared SQL queries and whatever you can think of …)
  • 55. @martin_fmi Designing and coding with security in mind • Respect the SecurityManager - design libraries so that they work in environments with installed SecurityManager • Example: GSON library does not respect the SecurityManager and cannot be used without additional reflective permissions in some scenarios
  • 56. @martin_fmi Designing and coding with security in mind • Grant minimal permissions to code that requires them - the principle of "least privilege" • Copy-pasting, of course, increases the risk of security flows (if the copied code is flawed)
  • 57. @martin_fmi Designing and coding with security in mind • Sanitize exception messages from sensitive information - often this results in an unintended exposal of exploitable information • Let alone exception stacktraces … in many cases they convey a wealth of information about the system
  • 59. @martin_fmi References • Java Security Overview (white paper) http://www.oracle.com/technetwork/java/js-white- paper-149932.pdf • Java SE Platform Security Architecture Spec http://docs.oracle.com/javase/7/docs/technotes/guid es/security/spec/security-spec.doc.html • Inside Java 2 Platform Security, 2nd edition http://www.amazon.com/Inside-Java%C2%BF- Platform-Security-Implementation/dp/0201787911
  • 60. @martin_fmi References • Java Security, 2nd edition, Scott Oaks http://shop.oreilly.com/product/9780596001575.do • Securing Java, Gary McGraw, Ed Felden http://www.securingjava.com • Secure Coding Guidelines for Java SE http://www.oracle.com/technetwork/java/seccodegui de-139067.html#0
  • 61. @martin_fmi References • Java 2 Network Security http://www.amazon.com/JAVA-Network-Security- 2nd-Edition/dp/0130155926 • Java Security Documentation http://docs.oracle.com/javase/8/docs/technotes/guid es/security/index.html
  • 62. @martin_fmi References • Core Java Security: Class Loaders, Security Managers and Encryption http://www.informit.com/articles/article.aspx?p=1187 967 • Overview of Java Security Models http://docs.oracle.com/cd/E12839_01/core.1111/e10 043/introjps.htm#CHDCEJGH

Editor's Notes

  1. The code source on the other hand contains the URL location, the list of signers and the list of certificates
  2. The code source on the other hand contains the URL location, the list of signers and the list of certificates
  3. The code source on the other hand contains the URL location, the list of signers and the list of certificates
  4. The code source on the other hand contains the URL location, the list of signers and the list of certificates
  5. The code source on the other hand contains the URL location, the list of signers and the list of certificates
  6. A typical scenario – in a single multiuser operating system we may have multiple users accessing the same applet from the browser – we may want to define permissions based on the currently logged-in user by providing integration with e.g. Kerberos (in case of a Windows OS)
  7. An AccessControlContext keeps the list of protection domains for the current thread
  8. An AccessControlContext keeps the list of protection domains for the current thread
  9. There are two main differences in using a SecurityManager and an AccessController: The SecurityManager needs to be installed while AccessController only provides static methods The SecurityManager can be customized while AccessController provides additional algorithms that can be used over the default security model
  10. There are two main differences in using a SecurityManager and an AccessController: The SecurityManager needs to be installed while AccessController only provides static methods The SecurityManager can be customized while AccessController provides additional algorithms that can be used over the default security model
  11. Calling code with a different JAAS subject is similar to the Unix setuid utility