You can look at the
PostScript version of the slides of my recent talk about Java Security
. There's also an
online introduction into Java
More Security Related Links
The Security FAQ
This is the main document defining the current security policy.
The Princeton Safe Internet Programming Group.
These are the people who found some of the recent bugs in Java. Get their paper from there.
Java Security: Hostile Applets, Holes, & Antidotes (Reliable Software Technologies - McGraw/Felten)
Frank Yellin's Paper on Low Level Security in Java
Security bugs in Java
by Dave Hopwood.
A good overview paper on the Java Security
by MIT's Joseph A. Bank.
Wang Wei's project report on Java
from U of Colorado. Another well-written, comprehensive presentation with some comparisons to other models
Chuck McNamis's talk on Java security
NetScape's Jim Roskind's introduction in Java security
(really high-level, little detail)
First NetScape Developers Conference
History of some Java bugs
, including the DNS attack by
Web graffiti using Java
Microsoft's Security Strategy in ActiveX
NetScape's statements about future directions and "Managed" security
Send comments and additions to