|
|
| Previous | Table of Contents | Next |
The Java environment is robust because it gets rid of several traditional problems that programmers have with creating solid code. The Java inventors considered extending C++ to include the functionality required by a distributed program, but soon realized that it would be too problematic. The major obstacles in making C++ a portable program are its use of pointers to directly address memory locations and its lack of automatic memory management. These features enable the programmer to write code that is syntactically and semantically correct, yet still proceeds to crash the system for one reason or another. Java, on the other hand, ensures a robust environment by eliminating pointers and providing automatic memory management.
Because the point of the Java programs is to automatically load and run, it is unacceptable for an application to have a bug that could bring the system down by, for example, writing over the operating system’s memory space. For this reason, Java does not employ the use of pointers. Memory addresses cannot be dereferenced, and a programmer cannot employ pointer arithmetic to move through memory. Additionally, Java provides for array bounds checking so that a program cannot index address space not allocated to the array.
Java provides automatic memory management in the form of an automatic garbage collector. This garbage collector keeps track of all objects and references to those objects in a Java program. When an object has no more references, the garbage collector tags it for removal. The garbage collector runs as a low priority thread in the background and clears the object, returning its memory back to the pool either when the program is not using many processor cycles, or when there is an immediate need for more memory. By running as a separate thread, the garbage collector provides the ease of use and robustness of automatic memory management without the overhead of a full-time memory management scheme.
The necessities of distributed computing demand the highest levels of security for any client operating system. Java provides security through several features of the Java runtime environment:
When Java code first enters the interpreter and before it even has a chance to run, it is checked for language compliance. Even though the compiler only generates correct code, the interpreter checks it again to be sure, because the code could have been intentionally or unintentionally changed between compile time and runtime.
The Java interpreter then determines the memory layout for the classes. This means that hackers cannot infer anything about what the structure of a class might be on the hardware itself and then use that information to forge accesses. Additionally, the class loader places each class loaded from the network into its own memory area.
Moreover, the Java interpreter’s security checks continue by making sure that classes loaded do not access the file system except in the specific manner in which they are permitted by the client or user. Altogether, this makes Java one of the most secure applications for any system. Site administrators are undoubtedly uncomfortable with the idea of programs automatically loading and running. The Java team has made every effort to assure administrators that their worst fears, such as an especially effective Java-based virus or Trojan horse, will never become reality.
Java security is sometimes compared to a three-legged stool. Without all three legs to support the stool, it would fall. In a similar manner, the bytecode verifier, runtime memory layout, and file-access restrictions support the security environment of Java.
Java’s most important feature is that it is a truly object-oriented language. The Java designers decided to break from any existing language and create one from scratch. Although Java has the look and feel of C++, it is in fact a wholly independent language, designed to be object-oriented from the start. This provides several benefits, including the following:
Java provides the fundamental element of object-oriented programming (OOP)—the object—in the class. The class is a collection of variables and methods that encapsulate functionality into a reusable and dynamically loadable object. Thus, once the class has been created, it can be used as a template for creating additional classes that provide extra functionality. A programmer, for example, might create a class for displaying rectangles on the screen and then decide that it would be nice to have a filled rectangle. Rather than writing a whole new class, the programmer can simply direct Java to use the old class with a few extra features. In fact, the programmer can do so without even having the original source code.
After a class has been created, the Java runtime environment allows for the dynamic loading of classes. This means that existing applications can add functionality by linking in new classes that encapsulate the methods needed. You might be surfing the net, for example, and find a file for which you have no helper application. Traditionally, you would be stuck looking for an application that could deal with the file. The Java browser, on the other hand, asks the server with the file for a class that can handle the file, dynamically loads it in along with the file, and displays the file without skipping a beat.
| Previous | Table of Contents | Next |