![]() This document bridges such publications together and includes coverage of additional topics. Others, such as Software Security: Building Security In, outline guiding principles for software security. ![]() Existing publications, such as Effective Java, provide excellent guidelines related to Java software design. To minimize the likelihood of security vulnerabilities caused by programmer error, Java developers should adhere to recommended coding guidelines. The explicit static typing of Java makes code easy to understand (and facilitates static analysis), and the dynamic checks ensure unexpected conditions result in predictable behavior. These features also make Java programs highly resistant to the stack-smashing and buffer overflow attacks possible in the C and to a lesser extent C++ programming languages. Java programs and libraries check for illegal state at the earliest opportunity. The language is type-safe, and the runtime provides automatic memory management and bounds-checking on arrays. ![]() The Java language and virtual machine provide many features to mitigate common programming mistakes. The choice of language system impacts the robustness of any software program. These bugs could potentially be used to steal confidential data from the machine and intranet, misuse system resources, prevent useful operation of the machine, assist further attacks, and many other malicious activities. However, following secure coding best practices is still necessary to avoid bugs that could weaken security and even inadvertently open the very holes that Java's security features were intended to protect against. Java's architecture and components include security mechanisms that can help to protect against hostile, misbehaving, or unsafe code.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |