java之Secure communication terminology
来源:互联网 发布:2015最新癌症数据统计 编辑:程序博客网 时间:2024/05/24 01:29
java之Secure communication terminology
There are several terms that are used when working with secure communications. These include the following:
Authentication: This is the process of verifying a user or system
Authorization: This is the process of allowing access to protected resources
Encryption: This is the process of encoding and subsequently decoding information to protect it from unauthorized individuals
Hashing algorithms: These provide a way of producing a unique value for a document, and they are used in support of other security techniques
Digital signatures: These provide a way of digitally authenticating a document
Certificates: These are normally used as a chain, and they support the confirmation of the identity of principals and other actors
Authentication and authorization are related. Authentication is the process of determining whether a person or system is who they claim to be. This is commonly achieved using an ID and a password. However, there are other authentication techniques, such as smart cards, and biometric signatures, such as fingerprint, or iris scans.
Authorization is the process of determining what resources an individual or system has access to. It is one thing to verify that an individual is who they say they are. It is another thing to ensure that the user can only access authorized resources.
Encryption has evolved and will continue to improve. Java supports symmetric and asymmetric encryption techniques. The process starts with the generation of keys, which are normally stored in a keystore. Applications that need to encrypt or decrypt data will access a keystore to retrieve the appropriate keys. The keystore itself needs to be protected so that it cannot be tampered with or otherwise compromised.
Authorization is the process of determining what resources an individual or system has access to. It is one thing to verify that an individual is who they say they are. It is another thing to ensure that the user can only access authorized resources.
Encryption has evolved and will continue to improve. Java supports symmetric and asymmetric encryption techniques. The process starts with the generation of keys, which are normally stored in a keystore. Applications that need to encrypt or decrypt data will access a keystore to retrieve the appropriate keys. The keystore itself needs to be protected so that it cannot be tampered with or otherwise compromised.
Hashing is the process of taking data and returning a number that represents the data. A hash algorithm performs this operation, and it must be fast. However, it is extremely difficult, if not impossible, to derive the original data when given only the hash value. This is called a one-way hash function.
The advantage of this technique is that the data can be sent along with the hash value to a receiver.The data is not encrypted, but the hash value is encrypted using a set of asymmetric keys. The receiver can then use the original hash algorithm to compute a hash value for the received data. If this new hash value matches the hash value that was sent,
then the receiver can be assured that the data has not been modified or corrupted in the transmission. This provides a more reliable means of transferring data that does not need to be encrypted, but where some assurance that it has not been modified can be given.
A certificate is part of the previous process and it uses a hash function and asymmetric keys. Acertificate chain provides a means of verifying that a certificate is valid, assuming that the root of the chain can be trusted.
读书笔记:
Learning Network Programming with Java
Copyright © 2015 Packt Publishing
First published: December 2015
Production reference: 1141215
Published by Packt Publishing Ltd.
Livery Place
35 Livery Street
Birmingham B3 2PB, UK.
ISBN 978-1-78588-547-1
www.packtpub.com
Copyright © 2015 Packt Publishing
First published: December 2015
Production reference: 1141215
Published by Packt Publishing Ltd.
Livery Place
35 Livery Street
Birmingham B3 2PB, UK.
ISBN 978-1-78588-547-1
www.packtpub.com
1 0
- java之Secure communication terminology
- java之Secure hash functions
- terminology
- Building Secure ASP.NET Applications: Authentication, Authorization, and Secure Communication
- Building Secure ASP.NET Applications: Authentication, Authorization, and Secure Communication
- (待翻译)Building Secure ASP.NET Applications: Authentication, Authorization, and Secure Communication
- dxe communication 之protocol
- Java-to-Javascript Communication
- Java Communication design(Updating)
- java process communication
- SettingsProvider之Secure
- JSch -- Java Secure Channel
- Java heap terminology: young, old and permanent generations
- HTML5新特性之Communication
- Communication
- Communication
- Communication
- flash communication with java server
- 从容器和Kubernetes技术看现代云计算的发展轨迹
- 合并两个排序的链表
- IOS学习之——ViewController之间正向传值
- 网络直播电视之M3U8解析篇 (下)
- 字符串计数(动态规划)
- java之Secure communication terminology
- 【DFS】HDU2181哈密顿绕行世界问题
- C++学习笔记之二 C++基础学习2
- adb操作命令详解及大全
- Apriori算法详解
- Leetcode题解 232. Implement Queue using Stacks
- 为什么要来CSDN
- java web工程web.xml配置详解
- FZU 2144 Shooting Game (贪心区域划分)