SlideShare a Scribd company logo

Practical security In a modular world

Download as PPTX, PDF
Martin Toshev
Martin Toshev

This document discusses security aspects of Java modules and compares them to OSGi bundles. It explains that the Java module system brings improved security while fitting into the existing security architecture. Modules introduce another layer of access control and stronger encapsulation for application code. Both modules and bundles define protection domains and can be signed, but modules lack OSGi's notion of local bundle permissions. The new module system enhances security while modularizing the Java platform.

1 of 29
@martin_fmi Practical security in a modular world Martin Toshev
@martin_fmi Who am I Software consultant (CoffeeCupConsulting) BG JUG board member (http://jug.bg) OpenJDK and Oracle RDBMS enthusiast 2
@martin_fmi Agenda • Security sandbox model at a glance • Security aspects of Jigsaw • Jigsaw vs OSGi from a security perspective 3
@martin_fmi Security sandbox model at a glance 4
@martin_fmi The big picture 5 applet/war/bundle System code JVM Browser/Java EE server/OSGI server grant codeBase http://javaday.ua/demoapplet { permission java.io.FilePermisions “C:Windows” “delete” } java.policy SecurityManager.checkPermission(…) AccessController.checkPermission(…)
@martin_fmi Permission checking • Typical flow for permission checking: 1) upon system startup a security policy is set and a security manager is installed: 6 Policy.setPolicy(…) System.setSecurityManager(…)
@martin_fmi Permission checking • Typical flow for permission checking: 2) during classloading (e.g. of a remote applet) bytecode verification is done and the protection domain is set for the current classloader (along with the code source, the set of permissions and the set of JAAS principals) 7
@martin_fmi Protection Domain • The protection domain is set during classloading and contains the code source, the list of principals and the list of permissions for the class • Two types of protection domain: system and application 8 object.getClass().getProtectionDomain();
@martin_fmi Permission checking • Typical flow for permission checking: 3) when system code is invoked from the remote code the SecurityManager is used to check against the intersection of protection domains based on the chain of threads and their call stacks 9
@martin_fmi Permission checking • Typical flow for permission checking: 10 SocketPermission permission = new SocketPermission(“javaday.ua:8000-9000","connect,accept"); SecurityManager sm = System.getSecurityManager(); if (sm != null) { sm.checkPermission(permission); }
@martin_fmi Permission checking • Typical flow for permission checking: 4) application code can also do permission checking against remote code using a SecurityManager or an AccessController 11
@martin_fmi Permission checking • Typical flow for permission checking: 12 SocketPermission permission = new SocketPermission(“javaday.ua:8000-9000", "connect,accept"); AccessController.checkPermission(permission)
@martin_fmi Permission checking • Typical flow for permission checking: 5) application code can also do permission checking with all permissions of the calling domain or a particular JAAS subject 13 AccessController.doPrivileged(…) Subject.doAs(…) Subject.doAsPrivileged(…)
@martin_fmi Example: banking app server 14 FIX protocol integration Banking server (plain Java) Alpha protocol integration Demo application …
@martin_fmi Security sandbox model at a glance (demo) 15
@martin_fmi Security aspects of Jigsaw 16
@martin_fmi The big picture 17 JVM Application grant codeBase http://javaday.ua/demoapplet { permission java.io.FilePermisions “C:Windows” “delete” } java.policy SecurityManager.checkPermission(…) AccessController.checkPermission(…) java.base java.logging other module
@martin_fmi Security implications • The security model remains the same with Java modules • System code is split into modules and applications can use a stripped down VM => improved security • Application code can be split into modules with stronger encapsulation at runtime => improved security 18
@martin_fmi Access control • Access control is governed not by the class loader(s) of the module’s classes but by the module itself • Access modifiers are fulfilled by another layer of encapsulation: exported/opened packages 19
@martin_fmi Runtime modules • Modules can also be defined at runtime with multiple classloaders and grouped into module layers for that purpose: 20 obj.getClass().getModule().getLayer().defineModulesXXX(…)
@martin_fmi Security aspects of Jigsaw (demo) 21
@martin_fmi OSGi vs Jigsaw from a security perspective 22
@martin_fmi OSGi security model • An extension of the Java security model • The OSGi spec provides a set of custom permissions such as PackagePermission (in order to specify whether a bundle exports/imports a package) or ServicePermission (to get or register an OSGI service) 23
@martin_fmi OSGi security model • The PermissionAdmin and ConditionalPermissionAdmin classes provide additional permission management on top of SecurityManager • Local permissions can be specified for each bundle in OSGI-INF/permissions.perm and are useful for bundle security auditing 24
@martin_fmi OSGi vs Jigsaw • Both a Jigsaw module and an OSGi bundle have a distinct protection domain that defines the set of permissions for the Jigsaw module/OSGi bundle • Both a Jigsaw module and an OSGi bundle can be signed and the set of permissions can be defined on the signer of the Jigsaw module/OSGi bundle 25
@martin_fmi OSGi vs Jigsaw • A Jigsaw module doesn’t have the notion of “local permissions” as an OSGi bundle • A runtime Jigsaw module can have classes from multiple classloaders that have different protection domains 26
@martin_fmi Summary • The new module system in Java brings better security while still fitting in platform’s security architecture • The new module systems introduces yet another layer of access control for applications 27
@martin_fmi Thank you ! Q&A 28 demos: https://github.com/martinfmi/practical_security_in_a_modular_world
@martin_fmi References 29 Java platform security architecture http://docs.oracle.com/javase/7/docs/technotes/guides/security/spec/securi ty-spec.doc.html Java Platform Module System (JSR 376) http://openjdk.java.net/projects/jigsaw/spec/

Recommended

BlueHat v17 || Where, how, and why is SSL traffic on mobile getting intercept...
BlueHat v17 || Where, how, and why is SSL traffic on mobile getting intercept...BlueHat v17 || Where, how, and why is SSL traffic on mobile getting intercept...
BlueHat v17 || Where, how, and why is SSL traffic on mobile getting intercept...
BlueHat Security Conference
 
BlueHat v17 || Betraying the BIOS: Where the Guardians of the BIOS are Failing
BlueHat v17 || Betraying the BIOS: Where the Guardians of the BIOS are Failing BlueHat v17 || Betraying the BIOS: Where the Guardians of the BIOS are Failing
BlueHat v17 || Betraying the BIOS: Where the Guardians of the BIOS are Failing
BlueHat Security Conference
 
ubantu mod security
ubantu mod securityubantu mod security
ubantu mod securityKunal gupta
 
Hack Into Drupal Sites (or, How to Secure Your Drupal Site)
Hack Into Drupal Sites (or, How to Secure Your Drupal Site)Hack Into Drupal Sites (or, How to Secure Your Drupal Site)
Hack Into Drupal Sites (or, How to Secure Your Drupal Site)
nyccamp
 
Secure Coding - Web Application Security Vulnerabilities and Best Practices
Secure Coding - Web Application Security Vulnerabilities and Best PracticesSecure Coding - Web Application Security Vulnerabilities and Best Practices
Secure Coding - Web Application Security Vulnerabilities and Best PracticesWebsecurify
 
Hack any website
Hack any websiteHack any website
Hack any websitesunil kumar
 
Understanding Windows Access Token Manipulation
Understanding Windows Access Token ManipulationUnderstanding Windows Access Token Manipulation
Understanding Windows Access Token Manipulation
Justin Bui
 
Hacking intranet websites
Hacking intranet websitesHacking intranet websites
Hacking intranet websites
shehab najjar
 

Recommended

BlueHat v17 || Where, how, and why is SSL traffic on mobile getting intercept...
BlueHat v17 || Where, how, and why is SSL traffic on mobile getting intercept...BlueHat v17 || Where, how, and why is SSL traffic on mobile getting intercept...
BlueHat v17 || Where, how, and why is SSL traffic on mobile getting intercept...
BlueHat Security Conference
 
BlueHat v17 || Betraying the BIOS: Where the Guardians of the BIOS are Failing
BlueHat v17 || Betraying the BIOS: Where the Guardians of the BIOS are Failing BlueHat v17 || Betraying the BIOS: Where the Guardians of the BIOS are Failing
BlueHat v17 || Betraying the BIOS: Where the Guardians of the BIOS are Failing
BlueHat Security Conference
 
ubantu mod security
ubantu mod securityubantu mod security
ubantu mod securityKunal gupta
 
Hack Into Drupal Sites (or, How to Secure Your Drupal Site)
Hack Into Drupal Sites (or, How to Secure Your Drupal Site)Hack Into Drupal Sites (or, How to Secure Your Drupal Site)
Hack Into Drupal Sites (or, How to Secure Your Drupal Site)
nyccamp
 
Secure Coding - Web Application Security Vulnerabilities and Best Practices
Secure Coding - Web Application Security Vulnerabilities and Best PracticesSecure Coding - Web Application Security Vulnerabilities and Best Practices
Secure Coding - Web Application Security Vulnerabilities and Best PracticesWebsecurify
 
Hack any website
Hack any websiteHack any website
Hack any websitesunil kumar
 
Understanding Windows Access Token Manipulation
Understanding Windows Access Token ManipulationUnderstanding Windows Access Token Manipulation
Understanding Windows Access Token Manipulation
Justin Bui
 
Hacking intranet websites
Hacking intranet websitesHacking intranet websites
Hacking intranet websites
shehab najjar
 
Martin Toshev - Java Security Architecture - Codemotion Rome 2019
Martin Toshev - Java Security Architecture - Codemotion Rome 2019Martin Toshev - Java Security Architecture - Codemotion Rome 2019
Martin Toshev - Java Security Architecture - Codemotion Rome 2019
Codemotion
 
Security Architecture of the Java Platform (BG OUG, Plovdiv, 13.06.2015)
Security Architecture of the Java Platform (BG OUG, Plovdiv, 13.06.2015)Security Architecture of the Java Platform (BG OUG, Plovdiv, 13.06.2015)
Security Architecture of the Java Platform (BG OUG, Plovdiv, 13.06.2015)
Martin Toshev
 
Security Аrchitecture of Тhe Java Platform
Security Аrchitecture of Тhe Java PlatformSecurity Аrchitecture of Тhe Java Platform
Security Аrchitecture of Тhe Java Platform
Martin Toshev
 
Javantura v4 - Security architecture of the Java platform - Martin Toshev
Javantura v4 - Security architecture of the Java platform - Martin ToshevJavantura v4 - Security architecture of the Java platform - Martin Toshev
Javantura v4 - Security architecture of the Java platform - Martin Toshev
HUJAK - Hrvatska udruga Java korisnika / Croatian Java User Association
 
Guidelines to Improve the Robustness of the OSGi Framework and Its Services A...
Guidelines to Improve the Robustness of the OSGi Framework and Its Services A...Guidelines to Improve the Robustness of the OSGi Framework and Its Services A...
Guidelines to Improve the Robustness of the OSGi Framework and Its Services A...
mfrancis
 
Introduction to OSGGi
Introduction to OSGGiIntroduction to OSGGi
Introduction to OSGGi
Marek Koniew
 
Groovy In the Cloud
Groovy In the CloudGroovy In the Cloud
Groovy In the Cloud
Jim Driscoll
 
OWASP ZAP Workshop for QA Testers
OWASP ZAP Workshop for QA TestersOWASP ZAP Workshop for QA Testers
OWASP ZAP Workshop for QA Testers
Javan Rasokat
 
Do not disturb my circles! Secure Application Isolation with OSGi - Mirko Jah...
Do not disturb my circles! Secure Application Isolation with OSGi - Mirko Jah...Do not disturb my circles! Secure Application Isolation with OSGi - Mirko Jah...
Do not disturb my circles! Secure Application Isolation with OSGi - Mirko Jah...
mfrancis
 
Security Architecture of the Java platform
Security Architecture of the Java platformSecurity Architecture of the Java platform
Security Architecture of the Java platform
Martin Toshev
 
42 minutes to secure your code....
42 minutes to secure your code....42 minutes to secure your code....
42 minutes to secure your code....
Sebastien Gioria
 
2015 09-18-jug summer camp
2015 09-18-jug summer camp2015 09-18-jug summer camp
2015 09-18-jug summer camp
Sebastien Gioria
 
Building Secure OSGi Applications
Building Secure OSGi ApplicationsBuilding Secure OSGi Applications
Building Secure OSGi Applications
Marcel Offermans
 
Security Architecture of the Java Platform (http://www.javaday.bg event - 14....
Security Architecture of the Java Platform (http://www.javaday.bg event - 14....Security Architecture of the Java Platform (http://www.javaday.bg event - 14....
Security Architecture of the Java Platform (http://www.javaday.bg event - 14....
Martin Toshev
 
CDI and Seam 3: an Exciting New Landscape for Java EE Development
CDI and Seam 3: an Exciting New Landscape for Java EE DevelopmentCDI and Seam 3: an Exciting New Landscape for Java EE Development
CDI and Seam 3: an Exciting New Landscape for Java EE Development
Saltmarch Media
 
[UniteKorea2013] Protecting your Android content
[UniteKorea2013] Protecting your Android content[UniteKorea2013] Protecting your Android content
[UniteKorea2013] Protecting your Android content
William Hugo Yang
 
Security of go modules and vulnerability scanning in go center (1)
Security of go modules and vulnerability scanning in go center (1)Security of go modules and vulnerability scanning in go center (1)
Security of go modules and vulnerability scanning in go center (1)
Deep Datta
 
OSGi als App-Plattform - Ein Ausflug durch den Security-Layer
OSGi als App-Plattform - Ein Ausflug durch den Security-Layer OSGi als App-Plattform - Ein Ausflug durch den Security-Layer
OSGi als App-Plattform - Ein Ausflug durch den Security-Layer OSGiUsers
 
Securing Microservices using Play and Akka HTTP
Securing Microservices using Play and Akka HTTPSecuring Microservices using Play and Akka HTTP
Securing Microservices using Play and Akka HTTP
Rafal Gancarz
 
Security of Go Modules and Vulnerability Scanning in GoCenter and VS Code
Security of Go Modules and Vulnerability Scanning in GoCenter and VS CodeSecurity of Go Modules and Vulnerability Scanning in GoCenter and VS Code
Security of Go Modules and Vulnerability Scanning in GoCenter and VS Code
Deep Datta
 
Building highly scalable data pipelines with Apache Spark
Building highly scalable data pipelines with Apache SparkBuilding highly scalable data pipelines with Apache Spark
Building highly scalable data pipelines with Apache Spark
Martin Toshev
 
Big data processing with Apache Spark and Oracle Database
Big data processing with Apache Spark and Oracle DatabaseBig data processing with Apache Spark and Oracle Database
Big data processing with Apache Spark and Oracle Database
Martin Toshev
 

More Related Content

Similar to Practical security In a modular world

Martin Toshev - Java Security Architecture - Codemotion Rome 2019
Martin Toshev - Java Security Architecture - Codemotion Rome 2019Martin Toshev - Java Security Architecture - Codemotion Rome 2019
Martin Toshev - Java Security Architecture - Codemotion Rome 2019
Codemotion
 
Security Architecture of the Java Platform (BG OUG, Plovdiv, 13.06.2015)
Security Architecture of the Java Platform (BG OUG, Plovdiv, 13.06.2015)Security Architecture of the Java Platform (BG OUG, Plovdiv, 13.06.2015)
Security Architecture of the Java Platform (BG OUG, Plovdiv, 13.06.2015)
Martin Toshev
 
Security Аrchitecture of Тhe Java Platform
Security Аrchitecture of Тhe Java PlatformSecurity Аrchitecture of Тhe Java Platform
Security Аrchitecture of Тhe Java Platform
Martin Toshev
 
Javantura v4 - Security architecture of the Java platform - Martin Toshev
Javantura v4 - Security architecture of the Java platform - Martin ToshevJavantura v4 - Security architecture of the Java platform - Martin Toshev
Javantura v4 - Security architecture of the Java platform - Martin Toshev
HUJAK - Hrvatska udruga Java korisnika / Croatian Java User Association
 
Guidelines to Improve the Robustness of the OSGi Framework and Its Services A...
Guidelines to Improve the Robustness of the OSGi Framework and Its Services A...Guidelines to Improve the Robustness of the OSGi Framework and Its Services A...
Guidelines to Improve the Robustness of the OSGi Framework and Its Services A...
mfrancis
 
Introduction to OSGGi
Introduction to OSGGiIntroduction to OSGGi
Introduction to OSGGi
Marek Koniew
 
Groovy In the Cloud
Groovy In the CloudGroovy In the Cloud
Groovy In the Cloud
Jim Driscoll
 
OWASP ZAP Workshop for QA Testers
OWASP ZAP Workshop for QA TestersOWASP ZAP Workshop for QA Testers
OWASP ZAP Workshop for QA Testers
Javan Rasokat
 
Do not disturb my circles! Secure Application Isolation with OSGi - Mirko Jah...
Do not disturb my circles! Secure Application Isolation with OSGi - Mirko Jah...Do not disturb my circles! Secure Application Isolation with OSGi - Mirko Jah...
Do not disturb my circles! Secure Application Isolation with OSGi - Mirko Jah...
mfrancis
 
Security Architecture of the Java platform
Security Architecture of the Java platformSecurity Architecture of the Java platform
Security Architecture of the Java platform
Martin Toshev
 
42 minutes to secure your code....
42 minutes to secure your code....42 minutes to secure your code....
42 minutes to secure your code....
Sebastien Gioria
 
2015 09-18-jug summer camp
2015 09-18-jug summer camp2015 09-18-jug summer camp
2015 09-18-jug summer camp
Sebastien Gioria
 
Building Secure OSGi Applications
Building Secure OSGi ApplicationsBuilding Secure OSGi Applications
Building Secure OSGi Applications
Marcel Offermans
 
Security Architecture of the Java Platform (http://www.javaday.bg event - 14....
Security Architecture of the Java Platform (http://www.javaday.bg event - 14....Security Architecture of the Java Platform (http://www.javaday.bg event - 14....
Security Architecture of the Java Platform (http://www.javaday.bg event - 14....
Martin Toshev
 
CDI and Seam 3: an Exciting New Landscape for Java EE Development
CDI and Seam 3: an Exciting New Landscape for Java EE DevelopmentCDI and Seam 3: an Exciting New Landscape for Java EE Development
CDI and Seam 3: an Exciting New Landscape for Java EE Development
Saltmarch Media
 
[UniteKorea2013] Protecting your Android content
[UniteKorea2013] Protecting your Android content[UniteKorea2013] Protecting your Android content
[UniteKorea2013] Protecting your Android content
William Hugo Yang
 
Security of go modules and vulnerability scanning in go center (1)
Security of go modules and vulnerability scanning in go center (1)Security of go modules and vulnerability scanning in go center (1)
Security of go modules and vulnerability scanning in go center (1)
Deep Datta
 
OSGi als App-Plattform - Ein Ausflug durch den Security-Layer
OSGi als App-Plattform - Ein Ausflug durch den Security-Layer OSGi als App-Plattform - Ein Ausflug durch den Security-Layer
OSGi als App-Plattform - Ein Ausflug durch den Security-Layer OSGiUsers
 
Securing Microservices using Play and Akka HTTP
Securing Microservices using Play and Akka HTTPSecuring Microservices using Play and Akka HTTP
Securing Microservices using Play and Akka HTTP
Rafal Gancarz
 
Security of Go Modules and Vulnerability Scanning in GoCenter and VS Code
Security of Go Modules and Vulnerability Scanning in GoCenter and VS CodeSecurity of Go Modules and Vulnerability Scanning in GoCenter and VS Code
Security of Go Modules and Vulnerability Scanning in GoCenter and VS Code
Deep Datta
 

Similar to Practical security In a modular world (20)

Martin Toshev - Java Security Architecture - Codemotion Rome 2019
Martin Toshev - Java Security Architecture - Codemotion Rome 2019Martin Toshev - Java Security Architecture - Codemotion Rome 2019
Martin Toshev - Java Security Architecture - Codemotion Rome 2019
 
Security Architecture of the Java Platform (BG OUG, Plovdiv, 13.06.2015)
Security Architecture of the Java Platform (BG OUG, Plovdiv, 13.06.2015)Security Architecture of the Java Platform (BG OUG, Plovdiv, 13.06.2015)
Security Architecture of the Java Platform (BG OUG, Plovdiv, 13.06.2015)
 
Security Аrchitecture of Тhe Java Platform
Security Аrchitecture of Тhe Java PlatformSecurity Аrchitecture of Тhe Java Platform
Security Аrchitecture of Тhe Java Platform
 
Javantura v4 - Security architecture of the Java platform - Martin Toshev
Javantura v4 - Security architecture of the Java platform - Martin ToshevJavantura v4 - Security architecture of the Java platform - Martin Toshev
Javantura v4 - Security architecture of the Java platform - Martin Toshev
 
Guidelines to Improve the Robustness of the OSGi Framework and Its Services A...
Guidelines to Improve the Robustness of the OSGi Framework and Its Services A...Guidelines to Improve the Robustness of the OSGi Framework and Its Services A...
Guidelines to Improve the Robustness of the OSGi Framework and Its Services A...
 
Introduction to OSGGi
Introduction to OSGGiIntroduction to OSGGi
Introduction to OSGGi
 
Groovy In the Cloud
Groovy In the CloudGroovy In the Cloud
Groovy In the Cloud
 
OWASP ZAP Workshop for QA Testers
OWASP ZAP Workshop for QA TestersOWASP ZAP Workshop for QA Testers
OWASP ZAP Workshop for QA Testers
 
Do not disturb my circles! Secure Application Isolation with OSGi - Mirko Jah...
Do not disturb my circles! Secure Application Isolation with OSGi - Mirko Jah...Do not disturb my circles! Secure Application Isolation with OSGi - Mirko Jah...
Do not disturb my circles! Secure Application Isolation with OSGi - Mirko Jah...
 
Security Architecture of the Java platform
Security Architecture of the Java platformSecurity Architecture of the Java platform
Security Architecture of the Java platform
 
42 minutes to secure your code....
42 minutes to secure your code....42 minutes to secure your code....
42 minutes to secure your code....
 
2015 09-18-jug summer camp
2015 09-18-jug summer camp2015 09-18-jug summer camp
2015 09-18-jug summer camp
 
Building Secure OSGi Applications
Building Secure OSGi ApplicationsBuilding Secure OSGi Applications
Building Secure OSGi Applications
 
Security Architecture of the Java Platform (http://www.javaday.bg event - 14....
Security Architecture of the Java Platform (http://www.javaday.bg event - 14....Security Architecture of the Java Platform (http://www.javaday.bg event - 14....
Security Architecture of the Java Platform (http://www.javaday.bg event - 14....
 
CDI and Seam 3: an Exciting New Landscape for Java EE Development
CDI and Seam 3: an Exciting New Landscape for Java EE DevelopmentCDI and Seam 3: an Exciting New Landscape for Java EE Development
CDI and Seam 3: an Exciting New Landscape for Java EE Development
 
[UniteKorea2013] Protecting your Android content
[UniteKorea2013] Protecting your Android content[UniteKorea2013] Protecting your Android content
[UniteKorea2013] Protecting your Android content
 
Security of go modules and vulnerability scanning in go center (1)
Security of go modules and vulnerability scanning in go center (1)Security of go modules and vulnerability scanning in go center (1)
Security of go modules and vulnerability scanning in go center (1)
 
OSGi als App-Plattform - Ein Ausflug durch den Security-Layer
OSGi als App-Plattform - Ein Ausflug durch den Security-Layer OSGi als App-Plattform - Ein Ausflug durch den Security-Layer
OSGi als App-Plattform - Ein Ausflug durch den Security-Layer
 
Securing Microservices using Play and Akka HTTP
Securing Microservices using Play and Akka HTTPSecuring Microservices using Play and Akka HTTP
Securing Microservices using Play and Akka HTTP
 
Security of Go Modules and Vulnerability Scanning in GoCenter and VS Code
Security of Go Modules and Vulnerability Scanning in GoCenter and VS CodeSecurity of Go Modules and Vulnerability Scanning in GoCenter and VS Code
Security of Go Modules and Vulnerability Scanning in GoCenter and VS Code
 

More from Martin Toshev

Building highly scalable data pipelines with Apache Spark
Building highly scalable data pipelines with Apache SparkBuilding highly scalable data pipelines with Apache Spark
Building highly scalable data pipelines with Apache Spark
Martin Toshev
 
Big data processing with Apache Spark and Oracle Database
Big data processing with Apache Spark and Oracle DatabaseBig data processing with Apache Spark and Oracle Database
Big data processing with Apache Spark and Oracle Database
Martin Toshev
 
Jdk 10 sneak peek
Jdk 10 sneak peekJdk 10 sneak peek
Jdk 10 sneak peek
Martin Toshev
 
Semantic Technology In Oracle Database 12c
Semantic Technology In Oracle Database 12cSemantic Technology In Oracle Database 12c
Semantic Technology In Oracle Database 12c
Martin Toshev
 
Java 9 Security Enhancements in Practice
Java 9 Security Enhancements in PracticeJava 9 Security Enhancements in Practice
Java 9 Security Enhancements in Practice
Martin Toshev
 
Java 9 sneak peek
Java 9 sneak peekJava 9 sneak peek
Java 9 sneak peek
Martin Toshev
 
Writing Stored Procedures in Oracle RDBMS
Writing Stored Procedures in Oracle RDBMSWriting Stored Procedures in Oracle RDBMS
Writing Stored Procedures in Oracle RDBMS
Martin Toshev
 
Spring RabbitMQ
Spring RabbitMQSpring RabbitMQ
Spring RabbitMQ
Martin Toshev
 
Oracle Database 12c Attack Vectors
Oracle Database 12c Attack VectorsOracle Database 12c Attack Vectors
Oracle Database 12c Attack Vectors
Martin Toshev
 
JVM++: The Graal VM
JVM++: The Graal VMJVM++: The Graal VM
JVM++: The Graal VM
Martin Toshev
 
RxJS vs RxJava: Intro
RxJS vs RxJava: IntroRxJS vs RxJava: Intro
RxJS vs RxJava: Intro
Martin Toshev
 
Spring RabbitMQ
Spring RabbitMQSpring RabbitMQ
Spring RabbitMQ
Martin Toshev
 
Writing Stored Procedures with Oracle Database 12c
Writing Stored Procedures with Oracle Database 12cWriting Stored Procedures with Oracle Database 12c
Writing Stored Procedures with Oracle Database 12c
Martin Toshev
 
Concurrency Utilities in Java 8
Concurrency Utilities in Java 8Concurrency Utilities in Java 8
Concurrency Utilities in Java 8Martin Toshev
 
The RabbitMQ Message Broker
The RabbitMQ Message BrokerThe RabbitMQ Message Broker
The RabbitMQ Message Broker
Martin Toshev
 
Modularity of The Java Platform Javaday (http://javaday.org.ua/)
Modularity of The Java Platform Javaday (http://javaday.org.ua/)Modularity of The Java Platform Javaday (http://javaday.org.ua/)
Modularity of The Java Platform Javaday (http://javaday.org.ua/)
Martin Toshev
 
Writing Java Stored Procedures in Oracle 12c
Writing Java Stored Procedures in Oracle 12cWriting Java Stored Procedures in Oracle 12c
Writing Java Stored Procedures in Oracle 12c
Martin Toshev
 
KDB database (EPAM tech talks, Sofia, April, 2015)
KDB database (EPAM tech talks, Sofia, April, 2015)KDB database (EPAM tech talks, Sofia, April, 2015)
KDB database (EPAM tech talks, Sofia, April, 2015)
Martin Toshev
 
Eclipse plug in development
Eclipse plug in developmentEclipse plug in development
Eclipse plug in development
Martin Toshev
 
Modular Java
Modular JavaModular Java
Modular Java
Martin Toshev
 

More from Martin Toshev (20)

Building highly scalable data pipelines with Apache Spark
Building highly scalable data pipelines with Apache SparkBuilding highly scalable data pipelines with Apache Spark
Building highly scalable data pipelines with Apache Spark
 
Big data processing with Apache Spark and Oracle Database
Big data processing with Apache Spark and Oracle DatabaseBig data processing with Apache Spark and Oracle Database
Big data processing with Apache Spark and Oracle Database
 
Jdk 10 sneak peek
Jdk 10 sneak peekJdk 10 sneak peek
Jdk 10 sneak peek
 
Semantic Technology In Oracle Database 12c
Semantic Technology In Oracle Database 12cSemantic Technology In Oracle Database 12c
Semantic Technology In Oracle Database 12c
 
Java 9 Security Enhancements in Practice
Java 9 Security Enhancements in PracticeJava 9 Security Enhancements in Practice
Java 9 Security Enhancements in Practice
 
Java 9 sneak peek
Java 9 sneak peekJava 9 sneak peek
Java 9 sneak peek
 
Writing Stored Procedures in Oracle RDBMS
Writing Stored Procedures in Oracle RDBMSWriting Stored Procedures in Oracle RDBMS
Writing Stored Procedures in Oracle RDBMS
 
Spring RabbitMQ
Spring RabbitMQSpring RabbitMQ
Spring RabbitMQ
 
Oracle Database 12c Attack Vectors
Oracle Database 12c Attack VectorsOracle Database 12c Attack Vectors
Oracle Database 12c Attack Vectors
 
JVM++: The Graal VM
JVM++: The Graal VMJVM++: The Graal VM
JVM++: The Graal VM
 
RxJS vs RxJava: Intro
RxJS vs RxJava: IntroRxJS vs RxJava: Intro
RxJS vs RxJava: Intro
 
Spring RabbitMQ
Spring RabbitMQSpring RabbitMQ
Spring RabbitMQ
 
Writing Stored Procedures with Oracle Database 12c
Writing Stored Procedures with Oracle Database 12cWriting Stored Procedures with Oracle Database 12c
Writing Stored Procedures with Oracle Database 12c
 
Concurrency Utilities in Java 8
Concurrency Utilities in Java 8Concurrency Utilities in Java 8
Concurrency Utilities in Java 8
 
The RabbitMQ Message Broker
The RabbitMQ Message BrokerThe RabbitMQ Message Broker
The RabbitMQ Message Broker
 
Modularity of The Java Platform Javaday (http://javaday.org.ua/)
Modularity of The Java Platform Javaday (http://javaday.org.ua/)Modularity of The Java Platform Javaday (http://javaday.org.ua/)
Modularity of The Java Platform Javaday (http://javaday.org.ua/)
 
Writing Java Stored Procedures in Oracle 12c
Writing Java Stored Procedures in Oracle 12cWriting Java Stored Procedures in Oracle 12c
Writing Java Stored Procedures in Oracle 12c
 
KDB database (EPAM tech talks, Sofia, April, 2015)
KDB database (EPAM tech talks, Sofia, April, 2015)KDB database (EPAM tech talks, Sofia, April, 2015)
KDB database (EPAM tech talks, Sofia, April, 2015)
 
Eclipse plug in development
Eclipse plug in developmentEclipse plug in development
Eclipse plug in development
 
Modular Java
Modular JavaModular Java
Modular Java
 

Recently uploaded

一比一原版(IIT毕业证)伊利诺伊理工大学毕业证成绩单专业办理
一比一原版(IIT毕业证)伊利诺伊理工大学毕业证成绩单专业办理一比一原版(IIT毕业证)伊利诺伊理工大学毕业证成绩单专业办理
一比一原版(IIT毕业证)伊利诺伊理工大学毕业证成绩单专业办理
zwunae
 
Nuclear Power Economics and Structuring 2024
Nuclear Power Economics and Structuring 2024Nuclear Power Economics and Structuring 2024
Nuclear Power Economics and Structuring 2024
Massimo Talia
 
Immunizing Image Classifiers Against Localized Adversary Attacks
Immunizing Image Classifiers Against Localized Adversary AttacksImmunizing Image Classifiers Against Localized Adversary Attacks
Immunizing Image Classifiers Against Localized Adversary Attacks
gerogepatton
 
ML for identifying fraud using open blockchain data.pptx
ML for identifying fraud using open blockchain data.pptxML for identifying fraud using open blockchain data.pptx
ML for identifying fraud using open blockchain data.pptx
Vijay Dialani, PhD
 
block diagram and signal flow graph representation
block diagram and signal flow graph representationblock diagram and signal flow graph representation
block diagram and signal flow graph representation
Divya Somashekar
 
Railway Signalling Principles Edition 3.pdf
Railway Signalling Principles Edition 3.pdfRailway Signalling Principles Edition 3.pdf
Railway Signalling Principles Edition 3.pdf
TeeVichai
 
Standard Reomte Control Interface - Neometrix
Standard Reomte Control Interface - NeometrixStandard Reomte Control Interface - Neometrix
Standard Reomte Control Interface - Neometrix
Neometrix_Engineering_Pvt_Ltd
 
Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)
Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)
Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)
MdTanvirMahtab2
 
Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...
Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...
Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...
AJAYKUMARPUND1
 
NO1 Uk best vashikaran specialist in delhi vashikaran baba near me online vas...
NO1 Uk best vashikaran specialist in delhi vashikaran baba near me online vas...NO1 Uk best vashikaran specialist in delhi vashikaran baba near me online vas...
NO1 Uk best vashikaran specialist in delhi vashikaran baba near me online vas...
Amil Baba Dawood bangali
 
weather web application report.pdf
weather web application report.pdfweather web application report.pdf
weather web application report.pdf
Pratik Pawar
 
Architectural Portfolio Sean Lockwood
Architectural Portfolio Sean LockwoodArchitectural Portfolio Sean Lockwood
Architectural Portfolio Sean Lockwood
seandesed
 
The Benefits and Techniques of Trenchless Pipe Repair.pdf
The Benefits and Techniques of Trenchless Pipe Repair.pdfThe Benefits and Techniques of Trenchless Pipe Repair.pdf
The Benefits and Techniques of Trenchless Pipe Repair.pdf
Pipe Restoration Solutions
 
Planning Of Procurement o different goods and services
Planning Of Procurement o different goods and servicesPlanning Of Procurement o different goods and services
Planning Of Procurement o different goods and services
JoytuBarua2
 
HYDROPOWER - Hydroelectric power generation
HYDROPOWER - Hydroelectric power generationHYDROPOWER - Hydroelectric power generation
HYDROPOWER - Hydroelectric power generation
Robbie Edward Sayers
 
Investor-Presentation-Q1FY2024 investor presentation document.pptx
Investor-Presentation-Q1FY2024 investor presentation document.pptxInvestor-Presentation-Q1FY2024 investor presentation document.pptx
Investor-Presentation-Q1FY2024 investor presentation document.pptx
AmarGB2
 
AP LAB PPT.pdf ap lab ppt no title specific
AP LAB PPT.pdf ap lab ppt no title specificAP LAB PPT.pdf ap lab ppt no title specific
AP LAB PPT.pdf ap lab ppt no title specific
BrazilAccount1
 
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...
Dr.Costas Sachpazis
 
power quality voltage fluctuation UNIT - I.pptx
power quality voltage fluctuation UNIT - I.pptxpower quality voltage fluctuation UNIT - I.pptx
power quality voltage fluctuation UNIT - I.pptx
ViniHema
 
WATER CRISIS and its solutions-pptx 1234
WATER CRISIS and its solutions-pptx 1234WATER CRISIS and its solutions-pptx 1234
WATER CRISIS and its solutions-pptx 1234
AafreenAbuthahir2
 

Recently uploaded (20)

一比一原版(IIT毕业证)伊利诺伊理工大学毕业证成绩单专业办理
一比一原版(IIT毕业证)伊利诺伊理工大学毕业证成绩单专业办理一比一原版(IIT毕业证)伊利诺伊理工大学毕业证成绩单专业办理
一比一原版(IIT毕业证)伊利诺伊理工大学毕业证成绩单专业办理
 
Nuclear Power Economics and Structuring 2024
Nuclear Power Economics and Structuring 2024Nuclear Power Economics and Structuring 2024
Nuclear Power Economics and Structuring 2024
 
Immunizing Image Classifiers Against Localized Adversary Attacks
Immunizing Image Classifiers Against Localized Adversary AttacksImmunizing Image Classifiers Against Localized Adversary Attacks
Immunizing Image Classifiers Against Localized Adversary Attacks
 
ML for identifying fraud using open blockchain data.pptx
ML for identifying fraud using open blockchain data.pptxML for identifying fraud using open blockchain data.pptx
ML for identifying fraud using open blockchain data.pptx
 
block diagram and signal flow graph representation
block diagram and signal flow graph representationblock diagram and signal flow graph representation
block diagram and signal flow graph representation
 
Railway Signalling Principles Edition 3.pdf
Railway Signalling Principles Edition 3.pdfRailway Signalling Principles Edition 3.pdf
Railway Signalling Principles Edition 3.pdf
 
Standard Reomte Control Interface - Neometrix
Standard Reomte Control Interface - NeometrixStandard Reomte Control Interface - Neometrix
Standard Reomte Control Interface - Neometrix
 
Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)
Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)
Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)
 
Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...
Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...
Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...
 
NO1 Uk best vashikaran specialist in delhi vashikaran baba near me online vas...
NO1 Uk best vashikaran specialist in delhi vashikaran baba near me online vas...NO1 Uk best vashikaran specialist in delhi vashikaran baba near me online vas...
NO1 Uk best vashikaran specialist in delhi vashikaran baba near me online vas...
 
weather web application report.pdf
weather web application report.pdfweather web application report.pdf
weather web application report.pdf
 
Architectural Portfolio Sean Lockwood
Architectural Portfolio Sean LockwoodArchitectural Portfolio Sean Lockwood
Architectural Portfolio Sean Lockwood
 
The Benefits and Techniques of Trenchless Pipe Repair.pdf
The Benefits and Techniques of Trenchless Pipe Repair.pdfThe Benefits and Techniques of Trenchless Pipe Repair.pdf
The Benefits and Techniques of Trenchless Pipe Repair.pdf
 
Planning Of Procurement o different goods and services
Planning Of Procurement o different goods and servicesPlanning Of Procurement o different goods and services
Planning Of Procurement o different goods and services
 
HYDROPOWER - Hydroelectric power generation
HYDROPOWER - Hydroelectric power generationHYDROPOWER - Hydroelectric power generation
HYDROPOWER - Hydroelectric power generation
 
Investor-Presentation-Q1FY2024 investor presentation document.pptx
Investor-Presentation-Q1FY2024 investor presentation document.pptxInvestor-Presentation-Q1FY2024 investor presentation document.pptx
Investor-Presentation-Q1FY2024 investor presentation document.pptx
 
AP LAB PPT.pdf ap lab ppt no title specific
AP LAB PPT.pdf ap lab ppt no title specificAP LAB PPT.pdf ap lab ppt no title specific
AP LAB PPT.pdf ap lab ppt no title specific
 
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...
 
power quality voltage fluctuation UNIT - I.pptx
power quality voltage fluctuation UNIT - I.pptxpower quality voltage fluctuation UNIT - I.pptx
power quality voltage fluctuation UNIT - I.pptx
 
WATER CRISIS and its solutions-pptx 1234
WATER CRISIS and its solutions-pptx 1234WATER CRISIS and its solutions-pptx 1234
WATER CRISIS and its solutions-pptx 1234
 

Practical security In a modular world

  • 1. @martin_fmi Practical security in a modular world Martin Toshev
  • 2. @martin_fmi Who am I Software consultant (CoffeeCupConsulting) BG JUG board member (http://jug.bg) OpenJDK and Oracle RDBMS enthusiast 2
  • 3. @martin_fmi Agenda • Security sandbox model at a glance • Security aspects of Jigsaw • Jigsaw vs OSGi from a security perspective 3
  • 5. @martin_fmi The big picture 5 applet/war/bundle System code JVM Browser/Java EE server/OSGI server grant codeBase http://javaday.ua/demoapplet { permission java.io.FilePermisions “C:Windows” “delete” } java.policy SecurityManager.checkPermission(…) AccessController.checkPermission(…)
  • 6. @martin_fmi Permission checking • Typical flow for permission checking: 1) upon system startup a security policy is set and a security manager is installed: 6 Policy.setPolicy(…) System.setSecurityManager(…)
  • 7. @martin_fmi Permission checking • Typical flow for permission checking: 2) during classloading (e.g. of a remote applet) bytecode verification is done and the protection domain is set for the current classloader (along with the code source, the set of permissions and the set of JAAS principals) 7
  • 8. @martin_fmi Protection Domain • The protection domain is set during classloading and contains the code source, the list of principals and the list of permissions for the class • Two types of protection domain: system and application 8 object.getClass().getProtectionDomain();
  • 9. @martin_fmi Permission checking • Typical flow for permission checking: 3) when system code is invoked from the remote code the SecurityManager is used to check against the intersection of protection domains based on the chain of threads and their call stacks 9
  • 10. @martin_fmi Permission checking • Typical flow for permission checking: 10 SocketPermission permission = new SocketPermission(“javaday.ua:8000-9000","connect,accept"); SecurityManager sm = System.getSecurityManager(); if (sm != null) { sm.checkPermission(permission); }
  • 11. @martin_fmi Permission checking • Typical flow for permission checking: 4) application code can also do permission checking against remote code using a SecurityManager or an AccessController 11
  • 12. @martin_fmi Permission checking • Typical flow for permission checking: 12 SocketPermission permission = new SocketPermission(“javaday.ua:8000-9000", "connect,accept"); AccessController.checkPermission(permission)
  • 13. @martin_fmi Permission checking • Typical flow for permission checking: 5) application code can also do permission checking with all permissions of the calling domain or a particular JAAS subject 13 AccessController.doPrivileged(…) Subject.doAs(…) Subject.doAsPrivileged(…)
  • 14. @martin_fmi Example: banking app server 14 FIX protocol integration Banking server (plain Java) Alpha protocol integration Demo application …
  • 17. @martin_fmi The big picture 17 JVM Application grant codeBase http://javaday.ua/demoapplet { permission java.io.FilePermisions “C:Windows” “delete” } java.policy SecurityManager.checkPermission(…) AccessController.checkPermission(…) java.base java.logging other module
  • 18. @martin_fmi Security implications • The security model remains the same with Java modules • System code is split into modules and applications can use a stripped down VM => improved security • Application code can be split into modules with stronger encapsulation at runtime => improved security 18
  • 19. @martin_fmi Access control • Access control is governed not by the class loader(s) of the module’s classes but by the module itself • Access modifiers are fulfilled by another layer of encapsulation: exported/opened packages 19
  • 20. @martin_fmi Runtime modules • Modules can also be defined at runtime with multiple classloaders and grouped into module layers for that purpose: 20 obj.getClass().getModule().getLayer().defineModulesXXX(…)
  • 22. @martin_fmi OSGi vs Jigsaw from a security perspective 22
  • 23. @martin_fmi OSGi security model • An extension of the Java security model • The OSGi spec provides a set of custom permissions such as PackagePermission (in order to specify whether a bundle exports/imports a package) or ServicePermission (to get or register an OSGI service) 23
  • 24. @martin_fmi OSGi security model • The PermissionAdmin and ConditionalPermissionAdmin classes provide additional permission management on top of SecurityManager • Local permissions can be specified for each bundle in OSGI-INF/permissions.perm and are useful for bundle security auditing 24
  • 25. @martin_fmi OSGi vs Jigsaw • Both a Jigsaw module and an OSGi bundle have a distinct protection domain that defines the set of permissions for the Jigsaw module/OSGi bundle • Both a Jigsaw module and an OSGi bundle can be signed and the set of permissions can be defined on the signer of the Jigsaw module/OSGi bundle 25
  • 26. @martin_fmi OSGi vs Jigsaw • A Jigsaw module doesn’t have the notion of “local permissions” as an OSGi bundle • A runtime Jigsaw module can have classes from multiple classloaders that have different protection domains 26
  • 27. @martin_fmi Summary • The new module system in Java brings better security while still fitting in platform’s security architecture • The new module systems introduces yet another layer of access control for applications 27
  • 28. @martin_fmi Thank you ! Q&A 28 demos: https://github.com/martinfmi/practical_security_in_a_modular_world
  • 29. @martin_fmi References 29 Java platform security architecture http://docs.oracle.com/javase/7/docs/technotes/guides/security/spec/securi ty-spec.doc.html Java Platform Module System (JSR 376) http://openjdk.java.net/projects/jigsaw/spec/