Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Java Cryptography Architecture (JCA)
Post: #1

Java Cryptography Architecture (JCA)

The Java Cryptography Architecture (JCA) is a framework for working with cryptography using the Java programming language. It forms part of the Java security API, and was first introduced in JDK 1.1 in the package.
Post: #2
Authentication is tremendously important in computer applications. The program or person you communicate with may be in the next room or on another continent; you have none of the usual visual or aural clues that are helpful in everyday transactions , Java Cryptography gives a best palace to deal this great task
Where Java is becoming the preferred language of choice for both stand-alone and web enabled
applications. However, aspects of Java Cryptography are less well understood. Java Cryptography
has relevance in network security, and in the design and deployment of real-life secure Java
application by software developers. For example, the Java Cryptographic Extension (JCE)
promises plug-in cryptographic libraries and seamless addition of a number of security
components and services such as message digests, digital signatures, random number generators
and algorithms for symmetric and public key cryptography

It includes
* Message digests produce a small "fingerprint" of a larger set of data.
* Digital signatures can be used to prove the integrity of data.
* Certificates are used as cryptographically safe containers for public keys.

for more see
Post: #3
Nick Pullman

Java Cryptography
Basic Cryptographic Functions

 Private/Public Key Pair Generation
 Secret Key Generation
 Hash Functions
 Digital Signatures
 Random Number Generation
 Encryption/Decryption
Java Cryptographic Overview
 Java cryptography uses 2 main APIs
• Java Cryptographic Architecture (JCA)
• Java Cryptographic Extensions (JCE)
 Robust and Extensible
 Platform independent
 Interoperable among vendor implementations
Java Cryptographic Architecture
 JCA/JCE define the types and functionalities of different cryptographic services
 The actual cryptographic implementation is done by service providers
 JCA/JCE is made up of mostly “engine” classes which provide a standard interface into the service providers
 This makes the overall implementation extensible since new service providers can be “plugged in”
JCA Overview
 Core classes and interfaces related to Java cryptography
 Contains 2 provider classes that are used to manage and maintain the service providers
• Provider: class that represents a cryptographic service provider
• Security: class that manages the installed providers and their security properties
 Contains a number of engine classes which are used to interface with cryptographic services
JCA Classes
 MessageDigest: used to implement one-way hash functions such as MD5 or SHA
 Signature: used to implement digital signatures
 KeyPairGenerator: used to create public/private key pairs for different algorithms
 KeyFactory: used to convert keys into key specifications and then vice-versa
 CertificateFactory: used to generate certificates
 KeyStore: used to create a keystore which maintains keys and certificates in memory for later usage
 AlgorithmParameters: used to maintain the security parameters for specific algorithms
 AlgorithmParameterGenerator: used to create a set of parameters to be used for specific algorithms
 SecureRandom: used to create random or pseudo-random numbers
JCA Examples
 Create Message Digest
• byte[] dataBytes = “This is test data”.getBytes(); MessageDigest md = MessageDigest.getInstance("SHA1"); md.update(dataBytes); byte[] digest = md.digest();
 First, the test data is populated.
 Second, a concrete message digest object is created with SHA1 as the cryptographic algorithm
 Third, the message digest object is updated; i.e. the digest is updated using the current bytes
 Finally, the digest method completes the algorithm
 Create Keystore
• KeyStore ks = KeyStore.getInstance("JCEKS"); ks.load(null,password.toCharArray()); fos = new;, password.toCharArray());
 First, create the concrete KeyStore object.
 Second, load “ks” with a null input
 Third, create the output stream to save the file.
 Fourth, the store method saves the KeyStore to the file specified and protects it with the password
 Finally, close the output stream.
Post: #4
The Java™ platform was designed with a strong emphasis on security. At its core, the Java language itself is type-safe and provides automatic garbage collection, enhancing the robustness of application code. A secure class loading and verification mechanism ensures that only legitimate Java code is executed. The initial version of the Java platform created a safe environment for running potentially untrusted code, such as Java applets downloaded from a public network. As the platform has grown and widened its range of deployment, the Java security architecture has correspondingly evolved to support an expanding set of services. Today the architecture includes a large set of application programming interfaces (APIs), tools, and implementations of commonly-used security algorithms, mechanisms, and protocols. This provides the developer a comprehensive security framework for writing applications, and also provides the user or administrator a set of tools to securely manage applications.
The Java security APIs span a wide range of areas. Cryptographic and public key infrastructure (PKI) interfaces provide the underlying basis for developing secure applications. Interfaces for performing authentication and access control enable applications to guard against unauthorized access to protected resources.The APIs allow for multiple interoperable implementations of algorithms and other security services. Services are implemented in providers, which are plugged into the Java platform via a standard interface that makes it easy for applications to obtain security services without having to know anything about their implementations. This allows developers to focus on how to integrate security into their applications, rather than on how to implement complex security mechanisms.
The Java platform includes a number of providers that implement a core set of security services. It also allows for additional custom providers to be installed. This enables developers to extend the platform with new security mechanisms.
This paper gives a broad overview of security in the Java platform, from secure language features to the security APIs, tools, and built-in provider services, highlighting key packages and classes where applicable.
The Security API is a core API of the Java programming language, built around the package (and its subpackages). This API is designed to allow developers to incorporate both low-level and high-level security functionality into their programs.
The first release of Security API in JDK 1.1 introduced the "Java Cryptography Architecture" (JCA), a framework for accessing and developing cryptographic functionality for the Java platform. In JDK 1.1, the JCA included APIs for digital signatures and message digests.
In subsequent releases, the Java 2 SDK significantly extended the Java Cryptography Architecture, as described in this document. It also upgraded the certificate management infrastructure to support X.509 v3 certificates, and introduced a new Java Security Architecture for fine-grain, highly configurable, flexible, and extensible access control.

The Java language is designed to be type-safe and easy to use. It provides automatic memory management, garbage collection, and range-checking on arrays. This reduces the overall programming burden placed on developers, leading to fewer subtle programming errors and to safer, more robust code. In addition, the Java language defines different access modifiers that can be assigned to Java classes, methods, and fields, enabling developers to restrict access to their class implementations as appropriate. Specifically, the language defines four distinct access levels: private, protected, public, and, if unspecified, package. The most open access specifier is public—access is allowed to anyone. The most restrictive modifier is private—access is not allowed outside the particular class in which the private member (a method, for example) is defined. The protected modifier allows access to any subclass, or to other classes within the same
package. Package-level access only allows access to classes within the same package.
A compiler translates Java programs into a machine-independent bytecode representation. A bytecode verifier is invoked to ensure that only legitimate bytecodes are executed in the Java runtime. It checks that the bytecodes conform to the Java Language Specification and do not violate Java language rules or namespace restrictions. The verifier also checks for memory management violations, stack underflows or overflows, and illegal data typecasts. Once bytecodes have been verified, the Java runtime prepares them for execution.
The Java platform defines a set of APIs spanning major security areas, including cryptography, public key infrastructure, authentication, secure communication, and access control. These APIs allow developers to easily integrate security into their application code. They were designed around the following principles:
1. Implementation independence
Applications do not need to implement security themselves. Rather, they can request security
services from the Java platform. Security services are implemented in providers (see below),
which are plugged into the Java platform via a standard interface. An application may rely on
multiple independent providers for security functionality.
2. Implementation interoperability
Providers are interoperable across applications. Specifically, an application is not bound to a
specific provider, and a provider is not bound to a specific application.
3. Algorithm extensibility
The Java platform includes a number of built-in providers that implement a basic set of security
services that are widely used today. However, some applications may rely on emerging standards
not yet implemented, or on proprietary services. The Java platform supports the installation of
custom providers that implement such services.
Security Providers
The class encapsulates the notion of a security provider in the Java platform. It specifies the provider’s name and lists the security services it implements. Multiple providers may be configured at the same time, and are listed in order of preference. When a security service is requested, the highest priority provider that implements that service is selected.
Applications rely on the relevant getInstance method to obtain a security service from an underlying provider. For example, message digest creation represents one type of service available from providers. (Chapter 4 discusses message digests and other cryptographic services.) An application invokes the getInstance method in the class to obtain an implementation of a specific message digest algorithm, such as MD5.
Post: #5
to get information about the topic cryptography full report fullreport,ppt and related topic refer the link bellow

Important Note..!

If you are not satisfied with above reply ,..Please


So that we will collect data for you and will made reply to the request....OR try below "QUICK REPLY" box to add a reply to this page
Popular Searches: java cryptography architecture seminar report, ppt on java cryptography, java cryptography, java cryptography seminar, java cryptography by jonathan knudsen, java cryptography algorithms, full seminar report on jca free download,

Quick Reply
Type your reply to this message here.

Image Verification
Image Verification
(case insensitive)
Please enter the text within the image on the left in to the text box below. This process is used to prevent automated posts.

Possibly Related Threads...
Thread: Author Replies: Views: Last Post
  cryptography and network security full report computer science technology 20 25,331 31-05-2016 12:17 PM
Last Post: dhanyavp
  Cryptography and Network Security seminar surveyer 5 3,662 08-08-2011 09:59 AM
Last Post: seminar addict
  The Common Component Architecture seminar class 1 834 23-04-2011 12:45 PM
Last Post: seminar class
  Cryptography: Securing the Information Age seminar class 0 1,311 23-03-2011 11:24 AM
Last Post: seminar class
  Exploring Hierarchy Architecture for Wireless Sensor Networks Management project report helper 0 776 18-10-2010 05:20 PM
Last Post: project report helper
  Composition of Java-based Router Elements and its Application to Generalized Video computer science topics 0 943 17-06-2010 01:18 PM
Last Post: computer science topics
  JHDL (Java Hardware Description Language) computer science crazy 1 1,881 20-02-2010 08:15 PM
Last Post: shankar.legend
  Cognitive architecture computer science crazy 0 766 03-09-2009 05:22 PM
Last Post: computer science crazy