Java Security Model
Attributes
Focused on Protecting Users from Hostile Programs Downloaded from Untrusted
Sources Across a Network
Accomplished via a Customizable "Sandbox" in which Java Programs Run
Sandbox for Untrusted Applets, for example, Prohibits Many Activities incl
- Reading from or writing to local disk
- Making a networ connection to any host, except the one from which
the applet came
- Creating a new process
- Loading a new dynamic library or directly calling a native method
Java Cryptology
This is different from Java "Security" as we are discussing here. It
is used to encrypt data that is used in applications and certainly
provides "security" for such data and applications. It is provided by an
entirel separate API of its own.