java之Secure communication terminology

java之Secure communication terminology

There are several terms that are used when working with secure communications. These include the following:

Authentication: This is the process of verifying a user or system

Authorization: This is the process of allowing access to protected resources

Encryption: This is the process of encoding and subsequently decoding information to protect it from unauthorized individuals

Hashing algorithms: These provide a way of producing a unique value for a document, and they are used in support of other security techniques

Digital signatures: These provide a way of digitally authenticating a document

Certificates: These are normally used as a chain, and they support the confirmation of the identity of principals and other actors

Authentication and authorization are related. Authentication is the process of determining whether a person or system is
who they claim to be. This is commonly achieved using an ID and a password. However, there are other authentication techniques, such as smart cards, and biometric signatures, such as fingerprint, or iris scans.

Authorization is the process of determining what resources an individual or system has access to. It is one thing to verify that an individual is who they say they are. It is another thing to ensure that the user can only
access authorized resources.

Encryption has evolved and will continue to improve. Java supports symmetric and asymmetric encryption techniques. The process starts with the generation of keys, which are normally stored in a keystore. Applications that
need to encrypt or decrypt data will access a keystore to retrieve the appropriate keys. The keystore itself needs to be protected so that it cannot be tampered with or otherwise compromised.

Hashing is the process of taking data and returning a number that represents the data. A hash algorithm performs this operation,
and it must be fast. However, it is extremely difficult, if not impossible, to derive the original data when given only the hash value. This is called a one-way hash function.

The advantage of this technique is that the data can be sent along with the hash value to a receiver.
The data is not encrypted, but the hash value is encrypted using a set of asymmetric keys. The receiver can then use the original hash algorithm to compute a hash value for the received data. If this new hash value matches the hash value that
was sent,

then the receiver can be assured that the data has not been modified or corrupted in the transmission. This provides a more reliable means of transferring data that does not need to be encrypted, but where some assurance that it has not been modified can be
given.

A certificate is part of the previous process and it uses a hash function and asymmetric keys. A
certificate chain provides a means of verifying that a certificate is valid,  assuming that the root of the chain can be trusted.

读书笔记:

Learning
Network Programming with Java

Copyright ? 2015 Packt Publishing

First published: December 2015

Production reference: 1141215

Published by Packt Publishing Ltd.

Livery Place

35 Livery Street

Birmingham B3 2PB, UK.

ISBN 978-1-78588-547-1

www.packtpub.com

时间: 2024-11-05 20:36:10

java之Secure communication terminology的相关文章

java之Secure hash functions

java之Secure hash functions A secure hash function will generate a large number, called the hash value, when given a document of some sort. This document can be of almost any type. We will be using simple strings in our examples. The function is a one

Java Secure Socket Extension (JSSE) Reference Guide

Skip to Content Oracle Technology Network Software Downloads Documentation Search Java Secure Socket Extension (JSSE) Reference Guide This guide covers the following topics: Skip Navigation Links Introduction Features and Benefits JSSE Standard API S

Method and system for public-key-based secure authentication to distributed legacy applications

A method, a system, an apparatus, and a computer program product are presented for an authentication process. A host application or system within a distributed data processing system supports one or more controlled resources, such as a legacy applica

Java 8 新特性概述

Oracle 在 2014 年 3 月发布了 Java 8 正式版,该版本是一个有重大改变的版本,对 JAVA 带来了诸多新特性.其中主要的新特性涵盖:函数式接口.Lambda 表达式.集合的流式操作.注解的更新.安全性的增强.IO\NIO 的改进.完善的全球化功能等.本文将对 Java 8 中几个重要新特性进行介绍. 函数式接口 Java 8 引入的一个核心概念是函数式接口(Functional Interfaces).通过在接口里面添加一个抽象方法,这些方法可以直接从接口中运行.如果一个接口

Ultra-wideband (UWB) secure wireless device pairing and associated systems

Methods and systems are disclosed for ultra-wideband (UWB) secure wireless device pairing. Secure pairing between devices for secure UWB communications is conducted over in-band UWB communications to provide secure pairing without requiring a visual

java Network programming using socket(1)

Java supports stream-based communication and packet-based communication,and the first is universal. Create ServerSocket 1.Create ServerSocket ServerSocket serverSocket=new ServerSocket(port); 2.Listen to the connect Socket socket=serverSocket.accept(

P6 Professional Installation and Configuration Guide (Microsoft SQL Server Database) 16 R1

P6 Professional Installation and Configuration Guide (Microsoft SQL Server Database) 16 R1       May 2016 Contents About This Guide...................................................................................... 11 Shared Topics in This Guide .

C++开源库集合

| Main | Site Index | Download | mimetic A free/GPL C++ MIME Library mimetic is a free/GPL Email library (MIME) written in C++ designed to be easy to use and integrate but yet fast and efficient. It is based on the C++ standard library and heavily us

Coherence的集群成员的离开和加入

最近在客户那里环境中coherence集群不稳定,所以找出一些文档,需要搞清楚Coherence内部的一些机制 1.集群成员的离开 关于状态的检测,官方的说法是: Death detection is a cluster mechanism that quickly detects when a cluster member has failed. Failed cluster members are removed from the cluster and all other cluster