| | |
- Download jsse-source.zip, the code source for the examples
and scripts used in this tutorial.
- Download the JDK 1.4 (http://java.sun.com/j2se/1.4/download.html)
from Sun Microsystems.
- Read the installation instructions for JSSE 1.0.2 (http://java.sun.com/products/jsse/INSTALL.html),
an extension to the Java 2 platform.
- The Sans Institute offers a good introduction to the history of
public-key (Diffie-Hellman) cryptography (http://rr.sans.org/encryption/diffie.php).
- The IEEE maintains a page documenting specifications for public-key cryptography (http://grouper.ieee.org/groups/1363/).
- Verisign, an IBM affiliate, is a major third-party provider of SSL
certificates (http://www.verisign.com/products/site/index.html).
- Thawte, another major provider of SSL certificates, will let you
try before you buy (http://www.thawte.com/).
- Sun Microsystems's Security
enhancements for the Java 2 SDK, Standard Edition v1.4 (http://java.sun.com/j2se/1.4/docs/guide/security/) describes the security features included in JDK 1.4.
- Read Sun's guide to the Java Cryptography
Extension (http://java.sun.com/products/jce/) to find out more about JCE.
- The Java Secure Socket Extension (JSSE) Reference Guide (http://java.sun.com/j2se/1.4/docs/guide/security/jsse/JSSERefGuide.html) provides a comprehensive guide to JSSE.
- For more hands-on learning about sockets programming for the Java platform,
take the "Java sockets 101" tutorial by Roy Miller and Adam Williams (developerWorks, August 2001, http://www-106.ibm.com/developerworks/education/r-jsock.html).
- For details on streams, check out the tutorial Introduction to Java I/O by IBM Learning Services (developerWorks, April 2000, http://www-106.ibm.com/developerworks/education/r-jio.html). Note that this tutorial is not based on Java 1.4.
- The
JDK 1.4 tutorial, also by Greg Travis, includes a chapter on JSSE (Manning Publications, May 2002, http://www.amazon.com/exec/obidos/ASIN/1930110456/103-2127487-6951840).
- To learn more about socket programming, read Java Network Programming : A Complete Guide to Networking, Streams, and Distributed Computing, by Merlin Hughes, Michael Shoffner, Derek Hamner, and Conrad Hughes (Manning Publications, 1999, http://www.amazon.com/exec/obidos/ASIN/188477749X/qid=1016060142/sr=8-1/ ref=sr_8_71_1/103-2127487-6951840).
- Another good resource for learning about socket programming and security is Java
Network Programming, by Elliotte Rusty Harold (O'Reilly and Associates, 2000, http://www.amazon.com/exec/obidos/ASIN/1565928709/103-2127487-6951840).
- If you need to learn more about security on the Java 2 platform, see
Professional
Java Security, by Jess Garms and Daniel Somerfield (Wrox Press, 2001, http://www.amazon.com/exec/obidos/ASIN/1861004257/103-2127487-6951840).
- The whitepaper "Security
in a Web services world" (developerWorks, April 2002, http://www-106.ibm.com/developerworks/library/ws-secmap/) discusses the new joint IBM-Microsoft proposal for integrated, standardized security on Web services architectures; the proposal includes a provision for the use of public-key technology.
- The IBM Zurich
Research Lab (http://www.zurich.ibm.com/csc/infosec/) has a long history in the study and implementation of security systems, especially in the area of cryptography.
|
