1 / 13

Java Vs .Net

Java Vs .Net. Presented By, Naveen Kumar Ratkal. Outline. CLR VS JVM Java Byte Code and MSIL Comparing the stacks Major security vulnerabilities reported Java Authentication and Authorization service (JAAS) Class file and Cs file Security features Comparison Java or .Net.

pearl
Download Presentation

Java Vs .Net

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Java Vs .Net Presented By, Naveen Kumar Ratkal

  2. Outline • CLR VS JVM • Java Byte Code and MSIL • Comparing the stacks • Major security vulnerabilities reported • Java Authentication and Authorization service (JAAS) • Class file and Cs file • Security features Comparison • Java or .Net

  3. JVM vs. CLR • JVM designed for platform independence • Single language: Java (?) • A separate JVM for each OS & device • CLR designed for language independence • Multiple languages for development • C++, VB, C#, (J#) • APL, COBOL, Eiffel, Forth, Fortran, Haskel, SML, Mercury, Mondrian, Oberon, Pascal, Perl, Python, RPG, Scheme, SmallScript, … • Impressive usage of formal methods and programming language research during development Underlying OS: Windows (?)

  4. CLR vs JVM C# VB .Net Managed C/C++ Lots of other Languages Java MSIL Byte Codes CLR Security Runtime Services JRE (JVM) Security Runtime Services Windows OS Mac Win Unix Linux Both are ‘middle layers’ between an intermediate language & the underlying OS

  5. Java Byte Code and MSIL • Java byte code (or JVML) is the low-level language of the JVM. • MSIL (or CIL or IL) is the low-level language of the .NET Common Language Runtime (CLR). • Superficially, the two languages look very similar. MSIL: ldloc.1 ldloc.2 add stloc.3 JVML: iload 1 iload 2 iadd istore 3

  6. VB C++ C# Perl Python … … Eclipse Webshpere Studio Win32 MSMQ, COM+, IIS, WMI, AD, ADAM, Indexing, UDDI, etc. BEA Weblogic Comparing the stacks Struts ASP.Net JSP Servlets Visual Studio.net Java JDBC ADO.NET J2EE Class Library Base Class Library Java runtime CLR J2EE App Servers Websphere, Weblogic , Tomcat, etc. JMS Apache Win32, Unix, Linux

  7. Major security vulnerabilities reported One of the buy CVE-2000-1061 - execute arbitrary commands via a malicious web page or email

  8. Java Authentication and Authorization service (JAAS) • To verify that a user is a subject and granting the user certain principals; "who you are." • The JAAS authentication component provides the ability to check who is currently executing Java code, regardless of whether the code is running as an application, an applet, a bean, or a servlet.

  9. Class file and Cs file • With almost every form, we write a cs file which handles the events. • .class files does same thing in Java’s web application which is placed in the WEB-INF classes folder.

  10. Security features Comparison

  11. Cntd..

  12. Choosing between Java and .Net • The ultimate choice usually depends not on technical superiority, but on: • cultural/”religious”/political preferences • Skill set of your developers • Customer preference • Vendor relations

  13. References Websites : http://vsbabu.org/mt/archives/2003/09/05/slashdot_java_vs_net.html http://www.cgisecurity.com/lib/J2EEandDotNetsecurityByGerMulcahy.pdf http://diuf.unifr.ch/softeng/seminars/SE2003/buchmann/htmlpaper/index.html Book : Java Security - By oaks

More Related