堆栈内存溢出
  简体   繁体   English

Java安全套接字数据传输/接收器

[英]Java secured socket data transfer / receiver

 原文  2013-01-18 16:30:26       java/ security/ sockets/ chat

问题描述

I have build up a Chat application, and I'm using PrintWriter and Scanner to read and write to stream. 我已经建立了一个聊天应用程序,并且正在使用PrintWriterScanner读取和写入流。 For example: 例如: 

Socket socket = new Socket(HOST, PORT);
Scanner IN = new Scanner(socket.getInputStream());
PrintWriter OUT = new PrintWriter(socket.getOutputStream());
String MESSAGE = "";

while(true){
 if(IN.hasNext()){
    MESSAGE = IN.nextLine();
    OUT.println("RESPONSE: " + MESSAGE);
    OUT.flush();
 }
}

I have thinking about what if somebody connects to my server (ServerSocket), he could read all data what have I write to stream. 我在考虑如果有人连接到我的服务器(ServerSocket),他可以读取我写的所有数据流。 The worst case it would be if he writes to the stream. 最坏的情况是他写流。

I was thinking about encryption. 我在考虑加密。 All data would be encrypted and the "RECEIVER" would decrypt data stream. 所有数据将被加密,而“ RECEIVER”将解密数据流。 Also, I must use a secured key, in the beginning or at the end of the encrypted string that would be written to the stream. 另外,我必须在将写入流的加密字符串的开头或结尾使用安全密钥。 And if the secured key is valid, the string will be allowed to be read by the receiver. 并且,如果安全密钥有效,则接收方将允许读取该字符串。

Is this a good solution? 这是一个好的解决方案吗? Is this enough secured? 这足够安全吗? It is good enough to use PrinterWriter and Scanner to read/write to a stream? 使用PrinterWriter和Scanner读/写流就足够了吗? What about InputStreamReader and BufferedStream? 那么InputStreamReader和BufferedStream呢?

1 个解决方案

解决方案1
 0  2013-01-18 16:54:10

I would advice you not create the socket server from scratch as you are attempting. 我建议您不要在尝试时从头创建套接字服务器。 Use Netty (or even Apache mina) to do this. 使用Netty(甚至Apache Mina)来执行此操作。 Netty has built-in support for SSL and you can setup client-side certificates. Netty具有对SSL的内置支持,您可以设置客户端证书。 If you are unwilling to take on the extra work of SSL, then you can implement IP based restrictions or add a simple password into your protocol coupled with SSL. 如果您不愿意承担SSL的额外工作,则可以实施基于IP的限制,或者在与SSL结合的协议中添加简单的密码。

For more information: http://netty.io 有关更多信息: http : //netty.io

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Java TCP 套接字:数据传输很慢 - Java TCP socket: data transfer is slow 如何通过Socket Java传输数据 - How To Transfer Data over Socket Java BigQuery和客户端库之间的数据传输是否安全? - Is the data transfer between BigQuery and client lib secured? Java,套接字和传输文本 - Java, Socket and transfer text Java-套接字数据传输是否可能因内存不足而被阻止? - Java - Possible that socket data transfer is blocked by too little memory? 无法将数据从我的“sender.java”发送到我的“receiver.java”。 (Java 套接字编程) - Cant send the data from my “sender.java” to my “receiver.java”. (Java Socket Programming) 套接字文件传输:接收器卡在缓冲区/写入存储区中 - Socket file transfer: Receiver stuck in reading from buffer/writing to storage 通过Java中的Socket进行文件传输 - File transfer through Socket in java Java套接字多线程文件传输 - Java Socket MultiThread File Transfer Java Server Socket 将字符串传输到 Web 套接字 - Java Server Socket transfer String to web socket
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM