JavaOne 2013: Deploying Java Applications Securely
By Joni Gordon-Oracle on Sep 23, 2013
Monday at JavaOne, Andy Herrick, Mark Howe, and David DeHaven talked about best practices for making Java applets and Java Web Start applications more secure in the Deploying Java Applications Securely conference. Andy, David, and Thomas Ng will also be hosting a BOF session on Tuesday, Java Deployment Security, Features, and Best Practices.
For additional information on secure deployments, see Guidelines for Securing Rich Internet Applications in the Java Tutorials. The Deploying an Applet and Deploying a Java Web Start Application lessons summarize the deployment steps, including security recommendations such as using manifest attributes and signing the JAR file.
The Deployment Rule Set feature for enterprise environments is described in Deployment Rule Set in the Java RIA Development and Deployment guide. This guide also provides a flow chart of how deployment works in Rich Internet Application Deployment Process.