Security

by Ron Monzillo

In an enterprise computing environment, failure, compromise, or lack of availability of computing resources can jeopardize the viability of the enterprise. An organization must take steps to identify threats to security. Once they are identified, steps should be taken to reduce these threats.

Although J2EE products, and hence J2EE applications, may not displace existing enterprise security infrastructures, they do offer significant value when integrated with these existing infrastructures. The J2EE application programming model attempts to leverage existing security services rather than require new services or mechanisms.

This discussion begins with a review of some security concepts and mechanisms. It describes the security concerns and characteristics of enterprise applications and explores the application of J2EE security mechanisms to the design, implementation, and deployment of secure enterprise applications.