Does your application transmit customer information? Are there fields of sensitive customer data stored in your DB? Can your application be used on insecure networks? If so, you need a working knowledge of encryption and how to leverage Open Source APIs and libraries to make securing your data as easy as possible. Cryptography is quickly becoming a developer's new frontier of responsibility in many data-centric applications.
In today's data-sensitive and news-sensationalizing world, don't become the next headline by an inadvertent release of private customer or company data. Secure your persisted, transmitted and in-memory data and learn the terminology you'll need to navigate the ecosystem of symmetric and public/private key cryptography.
Cryptography at first seems like a daunting topic. But after a basic intro and the leverage of the Java Cryptography Extension (JCE), it seems downright feasible to add encryption and decryption capabilities to your application.
Developers weren't satisfied with just the JCE and its plug-in concepts though. Over the last few years, framework architects have made strides in either wrapping or re-writing the approachable JCE in more convenient APIs and fluent interfaces that make effective and accurate crypto down right simple.
Explore three of these libraries -- Jasypt, BouncyCastle and KeyCzar -- and how they can be leveraged to make your next Java cryptography and data security effort a simple exercise and not a tribulation.
Jasypt, BouncyCastle and KeyCzar are three open source frameworks that bring unique new crypto algorithms such as elliptic curve cryptography to the enterprise developer, remove repetitive ceremonious setup and tear down coding, and add high level adapters to the Spring and Hibernate frameworks.
Prerequisite: Basic understanding of cryptography (hashing, symmetric, asymmetric)
23rd–25th September 2011