This week's book giveaway is in the OO, Patterns, UML and Refactoring forum. We're giving away four copies of Refactoring for Software Design Smells: Managing Technical Debt and have Girish Suryanarayana, Ganesh Samarthyam & Tushar Sharma on-line! See this thread for details.
I am thinking to take for my final project work for master degree, construct SSL with Java, but I dont have experience at all with secure programing. So, my question is: does anybody now in globaly what I need to do to accomplish that task, what are the steps what I need to take for this? (I was thinking immplementing this SSL on some simple chat, like one from Java Head First - if some one has seen it)
Can anybody tell me some directions, and is this the hell of a job to do it?
So you're proposing to take an existing protocol (or possibly one you're inventing for this purpose) and secure it via SSL?
Java has support for HTTP SSL connections, so you could start by studying the differences between HttpUrlConnection and HttpsUrlConnection, and you should begin to get an idea of what is involved. I've never looked at the implementation details, so I've no idea if this is potentially quite easy or rather hard.
I am thinking to take for my final project work for master degree, construct SSL with Java, but I dont have experience at all with secure programing.
SSL is secure socket layer.Means that the end points of the network connection guerantee that the data that you are pushing through would reach the other end securely by encrypting the plain text.In the other end also there has to be a similar architecture to convert the cipher to plain text.
Basically / Conceptually ther are 7 layers in the normal IP stack.But in SSL , a virtual layer is pushed in between the network layer and the transport layer , which actually takes care of the excrytion at one end and decryption in the other. Do you really want to do this or want to add encryption and decryption in application layer protocol?
Basically / Conceptually ther are 7 layers in the normal IP stack.But in SSL , a virtual layer is pushed in between the network layer and the transport layer
Thank you for replay, but one little correction for Rahul: There is perfect network model called ISO/OSI model and it has 7 layers, but we use Internet model which has 5 layers, and SSL is in between first-Application layer and second-Transport layer, and he is got two of his layers: handshake and record layer.
I think that is need to study RMI, JCE and JAAS for implementing SSL.
Joined: Nov 29, 2005
Yes , its true that we are following 5 layered TCP/IP model for internet.