The following code segment was provided in Chapter 1 of Java Coding Guidelines: void readData() throws IOException{ BufferedReader br = new BufferedReader(new InputStreamReader( new...

1 answer below »

The following code segment was provided in Chapter 1 of Java Coding Guidelines:


void readData() throws IOException{
BufferedReader br = new BufferedReader(new InputStreamReader(
new FileInputStream("file")));
// Read from the file
String data = br.readLine();
}


The code is presented as a noncompliant code example. A compliant solution is presented for this example. For this assignment, identify two additional compliant solutions that can be utilized to ensure the protection of sensitive data. Provide a detailed explanation of factors that influence noncompliant code and specifically how your solutions are now compliant. Your explanation should be 2-3 pages in length.


Submit the following components:



  • Word document with appropriate program analysis for your compliant solutions and source code in the Word file.

  • Submit your .java source code file(s). If more than 1 file, submit a zip file.

Answered Same DayMar 19, 2021

Answer To: The following code segment was provided in Chapter 1 of Java Coding Guidelines: void readData()...

Neha answered on Mar 22 2021
140 Votes
Java Coding Guidelines for Reading a file
Non-Compliant Code
void readData() throws IOException{
BufferedReader br = new BufferedReader(new InputStreamReader(
new FileInputStream("file")));
// Read from the file
String data = br.readLine();
}
The issue with this non-complaint code is that the data can persist for longer period of time which is not required. The BufferedReader.readLine () returns the sensitive data in the form of a String Object. There is a method in this code, BufferedReader.read(char [], int, int). This method can read and populate the char array. But this code requires the programmer to manually clean the sensitive data from the array after use.
Compliant Code
void readData() {
  int bufferSize = 16 * 1024;
  byte zeroes = new byte[bufferSize];
  ByteBuffer buffer = ByteBuffer.allocateDirect(bufferSize);
  try (FileChannel rdr = (new FileInputStream("file")).getChannel()) {
    while (rdr.read(buffer) > 0) {
 
      // Do something with the buffer
 
      buffer.clear();
      buffer.put(zeroes); // overwrite buffer with zeroes
      buffer.clear();
    }
  } catch (Throwable e) {
    // Handle error
  }
}
The complaint solution to read a file uses directly allocated NIO or commonly known as new input output...
SOLUTION.PDF
SOLUTION.PDF

Answer To This Question Is Available To Download

Related Questions & Answers

More Questions »

Submit New Assignment

Copy and Paste Your Assignment Here
Have files?