• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

constructing SSL with Java

 
Marko Debac
Ranch Hand
Posts: 121
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi everybody,

I am thinking to take for my final project work for master degree, construct SSL with Java, but I dont have experience at all with secure programing. So, my question is: does anybody now in globaly what I need to do to accomplish that task, what are the steps what I need to take for this?
(I was thinking immplementing this SSL on some simple chat, like one from Java Head First - if some one has seen it)

Can anybody tell me some directions, and is this the hell of a job to do it?


Thank you,
Marko
 
Ulf Dittmer
Rancher
Posts: 42967
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
So you're proposing to take an existing protocol (or possibly one you're inventing for this purpose) and secure it via SSL?

Java has support for HTTP SSL connections, so you could start by studying the differences between HttpUrlConnection and HttpsUrlConnection, and you should begin to get an idea of what is involved. I've never looked at the implementation details, so I've no idea if this is potentially quite easy or rather hard.
 
Rahul Bhattacharjee
Ranch Hand
Posts: 2308
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by Marko Debac:

I am thinking to take for my final project work for master degree, construct SSL with Java, but I dont have experience at all with secure programing.


SSL is secure socket layer.Means that the end points of the network connection guerantee that the data that you are pushing through would reach the other end securely by encrypting the plain text.In the other end also there has to be a similar architecture to convert the cipher to plain text.

Basically / Conceptually ther are 7 layers in the normal IP stack.But in SSL , a virtual layer is pushed in between the network layer and the transport layer , which actually takes care of the excrytion at one end and decryption in the other.
Do you really want to do this or want to add encryption and decryption in application layer protocol?
 
Marko Debac
Ranch Hand
Posts: 121
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,
Basically / Conceptually ther are 7 layers in the normal IP stack.But in SSL , a virtual layer is pushed in between the network layer and the transport layer


Thank you for replay, but one little correction for Rahul: There is perfect network model called ISO/OSI model and it has 7 layers, but we use Internet model which has 5 layers, and SSL is in between first-Application layer and second-Transport layer, and he is got two of his layers: handshake and record layer.

I think that is need to study RMI, JCE and JAAS for implementing SSL.


Cheers,
Marko
 
Rahul Bhattacharjee
Ranch Hand
Posts: 2308
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Yes , its true that we are following 5 layered TCP/IP model for internet.

5 layered model

I was under the impression that , SSL/TLS encrypts the TCP packets before putting it into the payload of IP packets.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic