Difference between revisions of "JGridstart/Notes"

From PDP/Grid Wiki
Jump to navigationJump to search
m
(add security links)
Line 3: Line 3:
 
* Private key (&passphrase)
 
* Private key (&passphrase)
 
** keep in memory with timeout when appropriate
 
** keep in memory with timeout when appropriate
** make sure it doesn't hit swap, if possible
+
** make sure it doesn't hit swap, if possible -- [https://www.securecoding.cert.org/confluence/display/seccode/MEM06-C.+Ensure+that+sensitive+data+is+not+written+out+to+disk MEM06-C]
 +
** [https://www.securecoding.cert.org/confluence/display/java/MSC31-J.+Never+hardcode+sensitive+information?rootCommentId=26345518 MSC31-J] never hardcode sensitive information
 +
** make sure it's not serializable
 +
** Securing Java, part [http://softwaredev.earthweb.com/java/article/0,,12082_741921,00.html 1], [http://softwaredev.earthweb.com/java/article/0,,12082_756601,00.html 2] and [http://www.developer.com/java/article.php/767971 3].
 
* Human Interface Guidelines
 
* Human Interface Guidelines
 
** [http://library.gnome.org/devel/hig-book/stable/ Gnome HIG]
 
** [http://library.gnome.org/devel/hig-book/stable/ Gnome HIG]
 
** [http://developer.apple.com/documentation/userexperience/Conceptual/AppleHIGuidelines/ Apple HIG]
 
** [http://developer.apple.com/documentation/userexperience/Conceptual/AppleHIGuidelines/ Apple HIG]

Revision as of 09:46, 1 April 2009

some notes on User:Wvengen@nikhef.nl/JGridStart

  • Private key (&passphrase)
    • keep in memory with timeout when appropriate
    • make sure it doesn't hit swap, if possible -- MEM06-C
    • MSC31-J never hardcode sensitive information
    • make sure it's not serializable
    • Securing Java, part 1, 2 and 3.
  • Human Interface Guidelines