As the person who led the JavaSoft team that developed the Java security
technology discussed in this book, it is extremely gratifying to see people
spend their precious time writing about our technology and products. Every
engineer’s dream is to have his or her technology deployed and used by
thousands of others, and this book is a great help to Java developers who
write security-aware applications.
Every day I read e-mails and articles dealing with computer security attacks and breaches, and the
repercussions that follow. I have been getting onboard with computer security for decades, and there is
no end in sight for this effort. Each and every professional in information technology has a commitment
to keep with regard to computer security. We have, most of us, signed computing codes of conduct, and
further we have aligned ourselves with those who protect the computing resources of our respective
The purpose of this book is to answer those questions, from the point of view of people who want to use Java, but want to do so reliably, securely and safely. That makes this book different from much recent writing on Java, which focuses, perfectly legitimately, on how a Java system can be broken into and how to avoid those dangers. On the contrary, this book focuses on how Java can be made secure and how to exploit its strengths. The goal is to provide practical help to the various groups involved in making a Java-based application or Web site into an industrial-strength commercial proposit.