After the huge success of JAVA in 1990, a need arose to develop its security model and there came the JAVA Security Model in the year 1995. After its development the JAVA Security Model got mixed reactions from the people, some said that it is very difficult to use while some said that it can be used efficiently without any hiccups. Usually JAVA is quite a secure language as it does not involve the use of pointers, which prevents it from the accidental misuse and also prevents it from crashing as the concepts of dangling pointers are not present here.
JAVA can be broken into three parts, the JAVA language, web browser and JAVA libraries. The JAVA language is secure as we can not use the physical memory since no concepts of pointers are there. JAVA libraries can also provide security if they are correctly used. The JAVA security model works on the basis of verification of the byte code. The byte code verifier first verifies the byte code and then allows it to get compiled and finally get executed. The byte code verifier usually works faster than the compiler and is a simple program. Because of the high degree of use of the JAVA language from internet to mobile applications, its security model has to be complex. Besides this, JAVA is also used for network support applications.
The JAVA security model does not allow the access of physical memory, so it also disallows the dynamic allocation and de allocation of memory. Any JAVA application or applet is first checked, and it is verified that whether it is present in the policy text file or not, by the run time environment. If the policy text file denies the running of an application then that application is immediately stopped. The policy text file has to be modified to run that application.
The JAVA security model provides security at the cost of speed, which means that if you increase the security then the speed is definitely going to get decreased. So, for this reason, the JAVA security model is often criticized. JAVA security model can not provide security to the full extent as there are often new problems coming up with the development of technology. As the JAVA language keeps on updating itself, the security model also needs to be updated for the working of JAVA language in a feasible fashion.
by Camila 1 year ago
Relevant Links