Document Actions
WORLDCOMP'07 Tutorial
 |
Cryptographic Features and Applications in Java (and C++)
Prof. Ray Kresman, Bowling Green State University, USA Date: June 27, 2007 Time: 6:00 - 9:30 PM Location: TBA |
Java and C++ are preferred languages for application development. Java is gaining prominence for both stand-alone and web enabled applications. However, aspects of Java Cryptography are less well understood. It has relevance to the design and deployment of secure Java application by software developers. The cryptographic capabilities of Java make it an attractive vehicle for building secure applications. For example, the Java Cryptographic Extension (JCE) promises plug-in cryptographic libraries and seamless addition of a number of security components and services such as message digests, digital signatures, random number generators and algorithms for symmetric and public key cryptography.
This tutorial provides an overview of the Java cryptographic library features. We will describe some of the cryptographic mechanisms, and their use, in Java. Where applicable, we will also discuss application of these techniques in C++.
Objectives
- Understand basics of cryptography and their provisions in Java
- Be familiar with the role of Java security manager
- Know how to override methods of the security manager
- Know the methods and usage options of Java cryptographic modules
- Write simple programs for computing digests and doing authentications
- Understand basics of SSL and their deployment in Java
Intended Audience
This tutorial is geared for computer professionals and software developers interested in writing secure applications in Java.
Background of the Audience
Web surfing. Proficiency in object-oriented concepts in Java and/or C++ programming languages. Exposure to security concepts such as digests, encryption and certificates is also desirable.
Tutorial Outline
- Introduction (10 minutes)
- Language overview (15 minutes)
-
- Java Overview and relationship to C++
- Applets and applications
- Java security (20 minutes)
-
- Visibility and security features
- Rights of application
- Rights of Applet
- Java Cryptographic Extension (20 minutes)
-
- Security
- What is JCE?
- JCE components
- Using JCE in applications and applets
- Secure communication (20 minutes)
-
- DES classes
- Member functions
- Implementation of DES
- Java and C++ examples
- Key exchange (20 minutes)
-
- Key exchange b/w strangers
- Diffie Hellman protocol
- MD5 and Secure hash
- Java and C++ examples
- Digest Algorithms (20 minutes)
-
- Message digest class
- Securing a digest in Java
- MD5 and Secure hash
- Java and C++ examples
- Secure Socket Layer (20 minutes)
-
- How does it work?
- Encapsulation
- Concluding Remarks and Discussion (20 minutes)
Biography of Instructor
Ray Kresman is a Professor of Computer Science at Bowling Green State University, Bowling Green, OH. His applied computer science interests include computer security and web-to-database connectivity, three-tier architectures and secure Internet technologies, and data warehousing. The National Science Foundation supported Dr. Kresman?s work on distributed systems. He has published widely in the area of distributed systems and complexity of algorithms.
Dr. Ray Kresman
Professor of Computer Science
Bowling Green State University
Bowling Green, OH, USA
E-mail: rama@cs.bgsu.edu
