You can look at the PostScript version of the slides of my recent talk about Java Security. There's also an online introduction into Java .

More Security Related Links

• The Security FAQ
  This is the main document defining the current security policy.
• The Princeton Safe Internet Programming Group. These are the people who found some of the recent bugs in Java. Get their paper from there.
  
• Java Security: Hostile Applets, Holes, & Antidotes (Reliable Software Technologies - McGraw/Felten)
  
• Frank Yellin's Paper on Low Level Security in Java
  

  ---

• Security bugs in Java by Dave Hopwood.
  
• A good overview paper on the Java Security by MIT's Joseph A. Bank.
  
• Wang Wei's project report on Java from U of Colorado. Another well-written, comprehensive presentation with some comparisons to other models
  
• Chuck McNamis's talk on Java security
  
• NetScape's Jim Roskind's introduction in Java security (really high-level, little detail)
  from the First NetScape Developers Conference

  ---

• History of some Java bugs, including the DNS attack by Steve Gibbons.
  
• Web graffiti using Java,
  
• Microsoft's Security Strategy in ActiveX
  
• Some outlook on how JavaScript and Java will interact in the future
  
• NetScape's statements about future directions and "Managed" security