Showing posts with label exception. Show all posts
Showing posts with label exception. Show all posts

Tuesday, July 15, 2014

Why java is Secure

When it comes across the security issue of programming languages, Java is surplus over traditional programming languages like C and C++. Java is more secure than C and C++ for the following reasons:

·         Its JVM and not OS: All Java programs run over JVM platform and not on Operating system. So any OS related updates or modification does not affect execution of Java program.

·         Sandbox Security Model: Java applets are executed inside sandbox which creates an environment, which provides restricted access to OS resources and allows user to run un-trusted code from unknown source safely.

·         No Pointer Manipulation: In traditional programming memory references can be manipulated but in Java we cannot manipulate references. Thus you cannot cause an object reference to point to an arbitrary memory location, which in turn provides secure memory access.

·         Byte Code Verifier:  Byte code verifier checks correctness of class files and API libraries. Java uses this byte code verifier module which checks Java code automatically before executing it.

·         Array Boundary Check: Java provides run time array boundary check which is not provided in traditional programming.

·         Packages and Access Modifiers: This combination of packages and access modifiers allows your class to have detailed knowledge of each other, but not expose that knowledge outside that package.

·         Run Time Exception Handling: Exceptional conditions may arise in traditional programming which may lead to abnormal termination of programs but Java provides exception handling which helps to handle and eliminate this abnormal termination.

·         Dynamic Memory Allocation and De-allocation: In traditional programming C,C++ dynamic memory management is very difficult as memory allocation and de-allocation must be done by programmer but Java does this dynamic memory allocation and de-allocation without any extra efforts. Java uses new operator to dynamically allocate memory and Garbage Collection technique to handle automatic memory de-allocation.


·         Two Level of Code Checking: Code is checked two times, first at compile time and then at run time which can be considered as more secure than single level of code checking.