Making the JDK More Secure - New Features and Default Configuration
Offered By: Java via YouTube
Course Description
Overview
Explore how Oracle is enhancing JDK security in this 44-minute conference talk by Sean Mullan. Discover new JDK 9 security features, including SHA-3, OCSP stapling, DTLS, and DRBG SecureRandom. Learn about the default security configuration that protects applications from weak cryptographic algorithms and the disabling of SHA-1 certificates. Understand the cryptographic roadmap, Java security components, and the implementation of unlimited cryptographic policy by default. Gain insights into PKCS12 keystores, CPU instructions for GHASH and RSA, and TLS Application Layer Protocol Negotiation Extension. Examine the module system security features and their impact on Java application security in today's internet-connected world.
Syllabus
Intro
Program Agenda
Making the JDK More Secure
Java Security Components
Making the DK Secure by Default
Cryptographic Roadmap
Disable SHA-1 Certificates
Enable Unlimited Cryptographic Policy By Default
Configuring the Restrictions
Default Restrictions
Restrictions Example
JDK 9 Security Features
Create PKCS12 Keystores by Default
Leverage CPU Instructions for GHASH and RSA
DRBG-Based Secure Random Implementations
OCSP Stapling for TLS
TLS Application Layer Protocol Negotiation Extension
Datagram Transport Layer Security (DTLS)
Other Module System Security Features
Conclusion
Taught by
Java
Related Courses
Hardening Java's Access Control by Abolishing Implicit Privilege ElevationIEEE via YouTube BaRMIe - Poking Java’s Back Door
44CON Information Security Conference via YouTube Penetration Testing Considered Harmful
44CON Information Security Conference via YouTube New Exploit Technique in Java Deserialization Attack
Black Hat via YouTube An In-Depth Study of More Than Ten Years of Java Exploitation
Association for Computing Machinery (ACM) via YouTube