| Wiki Markup |
|---|
Sensitive data shouldmust be protected from eavesdropping and malicious tampering during transit. An Obfuscated Transfer Object \[[Steel 2005|AA. Bibliography#Steel 05]\] that is strongly encrypted can protect data in exchanges that involve multiple business tiers or end user systems. This approach is known as _sealing_ the object. To guarantee object integrity, apply a digital signature to the sealed object. |
...
Avoid using home-brewed cryptographic algorithms; such algorithms almost certainly introduce unnecessary vulnerabilities. Applications that apply home-brewed "cryptography" in the readObject() and writeObject() methods are prime examples of anti-patterns.
...
To provide message confidentiality, use the javax.crypto.SealedObject class. This class encapsulates a serialized object and encrypts (or seals) it. A strong cryptographic algorithm that uses a secure cryptographic key and padding scheme must be employed to initialize the Cipher object parameter. The seal and unseal utility methods provide the encryption and decryption facilities respectively.
In addition, use the sign() and unsign() utility methods when the integrity of the object is to be ensured. The two new arguments passed in to the SignedObject() method to sign the object are Signature and a private key derived from a KeyPair object. To verify the signature, a PublicKey as well as a Signature argument is passed to the SignedObject.verify() method.
...