Background

The need of the security system in the programming platform is very important as the imposers who want to gain data from the platforms of the programming language. This is the reason that the processing of data that are present in the database of the application can be approached by the imposters who are allowed to approach the data. To stop this approach security measures are taken and hence the importances of security feature are measured.

Java has been leading the course of the programming language in terms of the  security of the platform. Java is termed as one of the most robust platforms in terms of programming platforms are concerned with.

Java is considered to be more secured than the programming language C/C++. This is due to the reason that the development of JAVA was done keeping in mind the security features  the programming platform. However, during the processing f the programming languages namely C and C++ the security of the platform was never the major concern for the programmers who built the processing of the project. Leading to the fact that the robustness of the JAVA platform is way m ore and higher than these platforms namely C and C++. The package does not matter inn case of the private data type. The basic security feature of JAVA are as follows: –

• No use of pointers
• Exception handling concept
• Byte code is one of the most important thing that makes the platform very robust
• Tested Code reusability
• Access control function
• Protection from security attacks
• Garbage collection mechanism
• Type-safe reference casting in JVM

Buffer overflow occurs when the processing of the data tries to write more that the capacitive data in the fixed length of block memory. In this case, the buffer, which is out of memory, stops functioning leading to the fact that the processing of the data also stops. This ensures that the entire process of buffer is put into hold (Lee, Jeong & Son, 2017). Due t the fact that buffer can hold only a certain memory, the processing of the data is pre defined and the extra data that is being hold can overwrite the data values in terms of the processing of the data to the adjacent memory. This affect leads to the terminology that the data that are perfectly defined with the usage of the flags, overwrite the data in the data table leading to the fact of string the most recent data and overwriting the data that is already stored in the data table of the system that is dealing with this feature.

Source code

if (!(png_ptr->mode & PNG_HAVE_PLTE)) {

/* Should be an error, but we can cope with it */

png_warning(png_ptr, “Missing PLTE before tRNS”);

}

else if (length > (png_uint_32)png_ptr->num_palette) {

png_warning(png_ptr, “Incorrect tRNS chunk length”);

png_crc_finish(png_ptr, length);

return;

}

…

png_crc_read(png_ptr, readbuf, (png_size_t)length);

SQL is an application entitled attack based on the processing of the application layer technique and hackers and imposters to steal data from the organizations by targeting the applications that re web based use the processing. The verification of the code is the most important terminology to test the processing of the data.

Source code

String DRIVER = “com.ora.jdbc.Driver”;

String DataURL = “jdbc:db://localhost:5112/users”;

System Description: Java security features

String LOGIN = “admin”;

String PASSWORD = “admin123”;

Class.forName(DRIVER);

//Make connection to DB

Connection connection = DriverManager.getConnection(DataURL, LOGIN, PASSWORD);

String Username = request.getParameter(“USER”); // From HTTP request

String Password = request.getParameter(“PASSWORD”); // From HTTP request

int iUserID = -1;

String sLoggedUser = “”;

String sel = “SELECT User_id, Username FROM USERS WHERE Username = ‘” +Username + “‘ AND Password = ‘” + Password + “‘”;

Statement selectStatement = connection.createStatement ();

ResultSet resultSet = selectStatement.executeQuery(sel);

if (resultSet.next()) {

       iUserID = resultSet.getInt(1);

       sLoggedUser = resultSet.getString(2);

}

PrintWriter writer = response.getWriter ();

if (iUserID >= 0) {

       writer.println (“User logged in: ” + sLoggedUser);

} else {

       writer.println (“Access Denied!”)

}

• JAVA security model consists of the processing of the data that intend to help the users for the processing of the entrusted resource using the sand box technology. This feature helps the JAVA feature to run inside the sand box and the processing is maintained for the processing of the reading and writing of the local disk (Bouffard & Lanet, 2015).
• Type safe casting  in JVM includes the fact that the processing of  the data that are referenced are  monitored intensively by the JVM, leading to the fact that the processing of the JVM will ensure the fact that the data management will get cast invalid in terms of the processing of the data will be cast invalid. Structured error handling also plays an important role in the processing of the JVM
• The program that is binary in nature RUNS ON THE java PPLATFORM with the help of the generation of the decode. This ensures the affect that the generating of the byte code will be intermediate in nature. The JVM performs the verification if the byte code before running the become to prevent the program to run unsafe data. This fact ensures the processing of the data management and run time constrains namely bound checking and memory safety (Bouffard & Lanet, 2015).
• The JAVA class library deals with the methodology that the processing of the JAVA class library provide a huge number of API related security in terms of the processing of the cryptographic algorithms and authentication of the secured communication protocol.
• Tested code reusability ensures the encapsulation of the data that is under the transaction process and support is provided for the concept of the programming by contract. Thus factor allows the developers to re use the code which has already been tested during the developing of the JAVA enterprise system

• Executing a dynamically generated code is the most common vulnerability that affects several places. The developers are also aware of this vulnerability leading to the fact that the processing of the SQL injection attacks takes place (Lancia & Bouffard, 2015).
• Directly writing an HTTP parameter to servlet output brings reflected, cross-site scripting vulnerability. This process occurs when the  manifest of the attack gets injected and the processing is within the single HTTP code. This leads to the malicious crafted links to the processing of the victims (Dubey & Misra, 2016).

This fact van also be proven with the number f rules each platform has. The number if rules for JAVA is 168 and these are the rules that are required for the processing of the programming language with proper efficiency. These rules act as the pebble for the processing of the platform. These rules are must follow as the processing of the platform is due to the fact that the rules it possess is very robust in nature (Bayer & Reich, 2017). This feature if the rule of the platform being robust in nature takes into consideration the fact that the data processing in the platform of JAVA is also very robust in nature. This includes the fact that the data processing that is done stays secure and the framework which is very robust in nature is responsible for the security of the data in the platform. This fact ensures that the processing of the data in this platform will process the entre code, store the code that is being run and take a back up of the same code and then start evaluating the coed. The major factors that make java more robust and more secured than other computing languages are the properties like inheritance and encapsulation. Inheritance is a process by which the properties one class is inherited by another class in java (Singh, 2014). This aspect helps in keeping a back up of the data that is once produced during the processing of data. This fact ensures that the data processing will be done with the help of the back up that is one of the vital characteristics of java. In this feature, objects are created ;leading to the fact that the objects of one class is inherited by other classes which acts as the major reason for the processing of the back up of the data. This objects can be inherited by any lass until the object is private in nature. The diversion of the platform in terms of default, public and private also ensures the fact that the data processing is much more secured in the processing of the data. This fact ensures that the data that is default in nature can be approached and inherited by other classes of same type by the classes that are different in type cannot access the data that are default in nature. The data that are public in nature can be approached by the processing of the classes that re of its type and the classes that re not of its type and in case of private data type the data can not be accessed by the processing of the other classes. These features are not present in C and C++ (Dwivedi & Rath, 2015). The feature of pointer of C and C++ that used for the addressing purpose is not present in JAVA. JAVA is a platform independent language unlike C.

Conclusion

From the above report it can be can be concluded that JAVA is one of the most secured language, taking into consideration the features of the other high level languages including the other high level programming languages. This fact ensures that the usage of JAVA is very efficient in nature and the processing ensures that the data processing is secured in nature too. Despite the high security provided by the platform of JAVA, ASP provides more robustness as only 15% vulnerability is found till date regarding the processing of the ASP. Hence ASP will act to be a better language than JAVA in terms of security, hence use of ASP is highly recommended. 

Reference

Dwivedi, A. K., & Rath, S. K. (2015). Incorporating security features in service-oriented architecture using security patterns. ACM SIGSOFT Software Engineering Notes, 40(1), 1-6.

Singh, R. (2014). An Overview of Android Operating System and Its Security. Int. Journal of Engineering Research and Applications, 4(2), 519-521.

Bayer, T., & Reich, C. (2017). Security of mobile agents in distributed java agent development framework (JADE) platforms.

Dubey, A., & Misra, A. (2016). Android security: attacks and defenses. Auerbach Publications.

Dumoulin, C., Franciscus, G., & Husted, T. (2017). Struts in Action Building web applications with the leading Java framework. Manning Publications Co..

Devi, T., & Ganesan, R. (2015). Platform-as-a-Service (PaaS): Model and Security Issues. International Journal of Advances in Applied Sciences, 4(1), 13-23.

Lancia, J., & Bouffard, G. (2015, November). Java card virtual machine compromising from a bytecode verified applet. In International Conference on Smart Card Research and Advanced Applications (pp. 75-88). Springer, Cham.

Aafer, Y., Zhang, X., & Du, W. (2016, August). Harvesting Inconsistent Security Configurations in Custom Android ROMs via Differential Analysis. In USENIX Security Symposium (pp. 1153-1168).

Amin, N., & Tate, R. (2016, October). Java and scala’s type systems are unsound: the existential crisis of null pointers. In Proceedings of the 2016 ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications (pp. 838-848). ACM.

Bouffard, G., & Lanet, J. L. (2015). The ultimate control flow transfer in a Java based smart card. Computers & Security, 50, 33-46.

Jain, S., Vaibhav, A., & Goyal, L. (2014, February). Raspberry Pi based interactive home automation system through E-mail. In Optimization, Reliabilty, and Information Technology (ICROIT), 2014 International Conference on (pp. 277-280). IEEE.

Mesbah, A., Lanet, J. L., & Mezghiche, M. (2017). Reverse engineering a Java Card memory management algorithm. computers & security, 66, 97-114.

Lee, Y., Jeong, J., & Son, Y. (2017). Design and implementation of the secure compiler and virtual machine for developing secure IoT services. Future Generation Computer Systems, 76, 350-357.