Java Development for Secure Systems Certification Training

Live Online & Classroom Certification Training

This course is for you if you want to secure your Java application using the Java security API. The course has an in depth coverage of concepts like JAAS, Cryptography, permissions and policies and privileged actions.

(4.7) 148 Learners
Instructed by SPRINGPEOPLE
INDIA

No Public/Open-house class on the topic scheduled at the moment!

Course Description

Overview

Java Development for Secure Systems training teaches attendees the broad range of Java security challenges and how to successfully remedy them. This course starts with basic concepts of code security - what the Java SE runtime does to protect the system from Java code and Java code from other Java code - and good secure-coding practices. It then takes students through exercises in basic cryptography skills using the appropriate Java API. Finally it moves on to enterprise software and the issues related to component-based architectures such as Web applications EJBs and Java messaging components.

Objective

At the end of Java Development for Secure Systems training course, the participants will be able to:

  • Understand how the Java language and standard-platform architecture solve many low-level security problems for all Java code.n
  • Design and implement security policies for Java applications, servers and components.

Duration - 3 Days

Prerequisites

Solid Java programming experience is assumed - both structured and object-oriented techniques. knowledge of Core Java and Some knowledge of Java EE architecture and development is also required

Course Curriculum

Expand All
  • Holistic Security Practices
  • Threats to the User
  • The Class Loader and Bytecode Verifier
  • System Classes and the Core API
  • SecurityManager and AccessController
  • Permissions
  • Implication
  • CodeSources
  • Policies
  • Configuring Java SE Security
  • Dynamic Policies
  • Privileged Actions
  • Encryption and Digital Signature
  • Keystores
  • Keys and Certificates
  • Certificate Authorities
  • The KeyStore API
  • Signing JARs
  • Signed CodeSources
  • Additional Policy Semantics
  • Code Injection
  • Final Classes and Methods
  • Singletons, Factories, and Flyweights
  • Methods, Collections, and Data Hiding
  • Sealing JARs
  • Code Obfuscation
  • Object Serialization
  • Threats to Identity and Privacy
  • The Java Cryptography Extensions
  • The Signature Class
  • SignedObjects
  • The Java Cryptography Extensions
  • SecretKeys and KeyGenerator
  • The Cipher Class
  • Dangerous Practices
  • HTTP and JSSE
  • Pluggable Authentication Logic
  • JAAS
  • Packages and Interfaces
  • Subjects and Principals
  • ANDs and ORs
  • Impersonation Methods
  • Permissions for JAAS Use
  • LoginContext and LoginModule
  • Configuring JAAS
  • CallbackHandler and Callbacks
  • Implementing a JAAS Client
  • Implementing a LoginModule
  • Java EE Servers as Code Hosts
  • Tomcat Security Configuration
  • Declaring Roles
  • Securing URLs
  • HTTP Authentication Schemes
  • Securing EJBs
  • Programmatic Security
  • JAAS in Java EE
  • Realms and LoginModules
  • JAAS in Tomcat
  • JACC
  • Certifying a Java EE Application
  • HTTPS Configuration
  • Presentation-Tier Vulnerabilities
  • User Accounts
  • MVC and Security
  • Validating User Input
  • SQL Injection
  • Cross-Site Scripting
  • Reflected XSS
  • Defeating XSS
  • OWASP
  • Penetration Testing
  • Error Handling and Information Leakage
  • Logging and Auditing

Certification

SpringPeople works with top industry experts to identify the leading certification bodies on different technologies - which are well respected in the industry and globally accepted as clear evidence of a professional’s “proven” expertise in the technology. As such, these certification are a high value-add to the CVs and can give a massive boost to professionals in their career/professional growth.

Our certification courses are fully aligned to these high-profile certification exams; at the end of the course, participants will have detailed knowledge, be eligible and be fully ready take up these certification exams and pass with flying colours.

 

Resources

SpringPeople Corporate Learning Center

Job Trends

About the Instructor

Founded in 2009, SpringPeople is a global premier eLearning marketplace for Online Live, Instructor-led classes in the region. It is a certified training delivery partner of leading technology creators, namely Pivotal, Elastic, Lightbend, EMC, VMware, MuleSoft, RSA, and... Read More


Course Rating and Reviews

4.7

Average Rating
5 Stars
28
4 Stars
12
3 Stars
1
2 Stars
0
1 Star
0

SPRINGPEOPLE SpringPeople Trainer

Debashish Maity

Program Architect
Mindtree
Course:
Instructor:
Course Material:
Class Experience:
Provide the latest exercise, classroom guides as current hands outs are old ones and not matching / consistent with class session.

SPRINGPEOPLE SpringPeople Trainer

Ritabrata Chakraborty

Application Development Team Lead
Accenture
Course:
Instructor:
Course Material:
Class Experience:
Kindly include some part of Anypoint-MQ this course.

SPRINGPEOPLE SpringPeople Trainer

Bidyut

Course:
Instructor:
Course Material:
Class Experience:
No comments as of now

This class is intended for participants with some prior exposure to the technology and are now looking to build up their expertise on the topic.

On successful completion of the course, participants will be eligible to sit of the related certification exam (see course overview). All participants receive a course completion certificate, demonstrating their expertise on the subject.

Total duration of the online, live instructor led sessions. Sessions are typically delivered as short lectures (2-hrs weekdays/3-hrs weekends) and detailed hands-on guidance.

Expected offline lab work hours that participants will need to complete and submit to the trainer, during and after the instructor-led online sessions.

  1. We are happy to refund full fee paid - no questions asked - should you feel that the training is not up to your expectations.
  2. Our dedicated team of expert training enablement advisors are available on email, phone and chat to assist you with your queries.
  3. All courseware, including session recordings, will always be available to access to you for future reference and rework.

Contact Us

+91-80-6567-9700 (BLR)

training@springpeople.com

Request Call Back

Related Courses

Recently Viewed