Abstract
This paper demonstrates a way to let companies offer web-based applications or services over the Internet where the data is transmitted over a highly secured SSL connection, even for exportable browsers providing only a weak SSL implementation. The solution is based on a Java Applet which itself implements the SSL protocol and therefore is independent of the browsers implementation. After the Applet has been started it reopens a strong SSL connection back to the server where it was loaded from. Further this paper discusses problems related to firewalls which don’t allow an Applet to connect directly to another host outside the LAN. Using a demo Applet, some restrictions of SSL connections opened in that way are shown. In addition, problems concerning the different JDK implementations found in common web browsers and a technology called Java Activator are analyzed with respect to our example.
Chapter PDF
Similar content being viewed by others
References
Java Development Kit, Sun Microsystems, http://www.javasoft.com/products/jdk
JavaScript, Netscape, http://developer.netscape.com/tech/javascript/index.html
Java Applet Security, Javasoft, http://java.sun.com/security/SRM.html
Java Applets, Sun Microsystems, hhttp://www.javasoft.com/applets/index.html
SSL, Netscape, http://home.netscape.com/eng/ssl3/index.html
HTTP, W3C, http://www.w3.org/Protocols/
HTML, W3C, http://www.w3.org/MarkUp/
URLConnection, JDK Documentation, http://www.javasoft.com/products/j dk/ 1.0.2/api/java.net. URLConnection.html
Java Archive, Sun Microsystems, http://www.javasoft.com/products/jdk/1.1 /docs/guide/jar/index.html
Signed JAR files, Sun Microsystems, http://java.sun.com/security/signExample/
JDK Versions, Sun Microsystems, http://java.sun.com/products/OV jdkProduct.html
Java Activator, Sun Microsystems, http://www.javasoft.com/products/activator/index.html
ActiveX, Microsoft, http://www.microsoft.com/com/default.asp
PlugIn, Netscape, http://home.netscape.com/plugins/
SSL Applet, IAIK, http://jcewww.iaik.tu-graz.ac.at/Applet/Applet.html
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1999 Springer Science+Business Media Dordrecht
About this chapter
Cite this chapter
Platzer, W. (1999). Secure Data-Transfer for Web-Based Applications. In: Preneel, B. (eds) Secure Information Networks. IFIP — The International Federation for Information Processing, vol 23. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-35568-9_20
Download citation
DOI: https://doi.org/10.1007/978-0-387-35568-9_20
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4757-6487-1
Online ISBN: 978-0-387-35568-9
eBook Packages: Springer Book Archive