Feeds

Sun J2SE 'twice as fast,' with added Kerberos

Bites back at MS with MIT standard

  • alert
  • submit to reddit

3 Big data security analytics techniques

ComputerWire: IT Industry Intelligence

Sun Microsystems Inc has released its latest Java 2 Standard Edition (J2SE) specification, finally introducing full support for MIT's Kerberos to the Java framework for secure single sign-on to multiple applications and web services,

writes Gavin Clarke.

Palo Alto, California-based Sun has also introduced architectural changes designed to tackle lingering scalability and performance issues that dogged J2SE 1.3. Sun told Computerwire J2SE 1.4 will "break records" but was unable to provide figures.

Senior Java product manager Sherman Dickman said: "We are going to break some performance records, and provide much more complete security for the Java platform." Dickman promised performance figures with J2SE's formal launch next month - the company this week published its final release candidate for review.

Dickman distanced Sun from rival Microsoft's own controversial implementation of Kerberos in Windows 2000, which critics attacked for its use of proprietary extensions. He said J2SE will use the "industry standard" implementation of the Massachusetts Institute of Technology's Kerberos strong authentication protocol.

Kerberos has come into the spotlight in recent months thanks to the growth of web services. Redmond, Washington-based Microsoft last year promised its Passport online identification system would use Kerberos for secure access to .NET web services.

J2SE 1.3 provides some Kerberos support but Sun says that Kerberos will be fully supported in the core 1.4 specification. Dickman cited increased demand from developers for Kerberos, who are making greater use of J2SE and Java 2 Enterprise Edition (J2EE) - which sits on-top of J2SE - in web services. Other security enhancements include Java Secure Socket and Java Cryptography extensions, Java Authentication and Authorization Service and Certificate Path API.

Dickman also revealed changes to the J2SE architecture designed to attract enterprise users, which he claimed made J2SE 1.4 twice as fast as J2SE 1.3. These include a new I/O package that speeds up application performance by replacing individual threads with simultaneous connections to the server. This means a server can support a greater number of applications using fewer channels, increasing performance and J2SE scalability. Other changes include mapped memory files to let Java access native memory - a technique used by applications written in C+ and C++.

J2SE has also been engineered to work on 64-bit Solaris on the Sparc platform. Support for 64-bit increases the amount of data that can be held in the memory and avoids the need to save to hard disk - speeding up data retrieval time.

© Computerwire.com. All rights reserved.

SANS - Survey on application security programs

More from The Register

next story
OpenBSD founder wants to bin buggy OpenSSL library, launches fork
One Heartbleed vuln was too many for Theo de Raadt
Got Windows 8.1 Update yet? Get ready for YET ANOTHER ONE – rumor
Leaker claims big release due this fall as Microsoft herds us into the CLOUD
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Ubuntu 14.04 LTS: Great changes, but sssh don't mention the...
Why HELLO Amazon! You weren't here last time
Patch iOS, OS X now: PDFs, JPEGs, URLs, web pages can pwn your kit
Plus: iThings and desktops at risk of NEW SSL attack flaw
Next Windows obsolescence panic is 450 days from … NOW!
The clock is ticking louder for Windows Server 2003 R2 users
Batten down the hatches, Ubuntu 14.04 LTS due in TWO DAYS
Admins dab straining server brows in advance of Trusty Tahr's long-term support landing
Red Hat to ship RHEL 7 release candidate with a taste of container tech
Grab 'near-final' version of next Enterprise Linux next week
Apple inaugurates free OS X beta program for world+dog
Prerelease software now open to anyone, not just developers – as long as you keep quiet
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.