Chapter 3 System Preparation192 September 2002 HPSS Installation GuideRelease 4.5, Revision 2call returns silently if it determines the code is allowed the requested access, and otherwise throwsan exception, which halts the program.Applet code runs under a security manager (usually) because most browsers implement one. Thesecurity manager won't let the applet do anything not allowed by the policy file(s). Applets are notallowed to install security managers; browsers do it first thing, anyway, and nobody can install asecond one in a running programApplications don't have to run under a security manager. If they choose to run under a securitymanager, then, like applets, they can do only what the policy file(s) allow. Code must havejava.lang.RuntimePermission setSecurityManager in order to set the security manager, or else itgets the default Security Manager.By default, the java.security file lets you pass additional java policy file on command line; this canbe disabled in java.security by changingpolicy.allowSystemProperty=trueto false:policy.allowSystemProperty=falseBy default, the java.security file specifies system wide and user policy files; this, too, can bechanged in the file.SSL provides the SSM Data Server and the hpssadm utility a secure encrypted channel over whichto transport the hpssadm user's password. SSL requires the use of two kinds of keys, symmetricand public, and of X.509 certificates.A key is a number used with an encryption algorithm to encrypt or decrypt data.Anything encrypted with a symmetric key can be decrypted only by the same symmetric key. If twoparties have access to the same symmetric key, they can use it to shared encrypted information.Public keys are created in pairs consisting of a public key and a private key. Anything encryptedwith the public key can be decrypted only with the private key, and vice versa, anything encryptedwith the private key can be decrypted only with the public key. In general, a user is the only onewho has access to his own private key, but he makes his public key known to everybody. Thenanybody can encrypt data for him in his public key, and he is the only one who can decrypt it.Symmetric key encryption is faster than public key encryption, but public key encryption is easierto manage, because you don't have to distribute and protect a shared key to all the parties involved.The private key is retained by one party and protected; the public key is distributed to everyoneand need not be protected.A digital signature is an encrypted piece of data used to validate the identity of the sender. Digitalsignatures are created by having a party encrypt some known piece of data in his private key. Thenanybody can decrypt the data using his public key, and if the decryption works properly, they knowthe signature is valid and only the true party could have sent it, since he's the only one with accessto the private key.An X.509 certificate is a digitally signed electronic document identifying a party. It includes, amongother things, a name representing the party, a representation of his public key, and a digitalsignature of some certificate authority. A certificate authority is a company, like Verisign, whom
