Chapter 5. Elements of Security Policy
Policy must be clear, consistent, and confident.
—Dwight D. Eisenhower
A security policy, specified separately from the Java runtime system by a system administrator or user, indicates what security-sensitive system resources may be accessed by various groups of code. A security policy is essentially a mapping from a set of properties characterizing running code to a set of resource access permissions granted to the code. Some code will be granted a certain set of permissions, whereas other code will be granted its own set of permissions. In a Java runtime environment, the policy contents are represented in an implementation of the abstract Policy class.
This chapter documents the elements that comprise ...
Get Inside Java™ 2 Platform Security: Architecture, API Design, and Implementation, Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
