2

I want to know the difference between Encapsulating a class and making a class more Secure. Encapsulating provides an abstract layer of interface for communicating with the class and hides the inner working of the class from the outer world, and at the same time security has the similar properties too. Can we say that every encapsulated class is secure but a secure class doesn't need to be necessarily encapsulated well? Please help me understand the difference between these two.

Arslan Ali
  • 16,294
  • 7
  • 51
  • 65
  • 1
    What are you understanding under "making a class more Secure" ? – bsiamionau Apr 02 '13 at 10:15
  • Simply no one could hack my class - making more and more things private, that's what I understand about the security of the class. – Arslan Ali Apr 02 '13 at 10:17
  • "no one could hack my class" - what are you trying to say? Encapsulation does not guarantee, that nobody could change object's statement, it just hides class inner realization and forms class interface. You can make you class immutable if you want to be sure, that class will not change statement after creation. – bsiamionau Apr 02 '13 at 10:19
  • 1
    Even if every field is private and you have no getters/setters, everybody can `hack` your class using reflection api – popfalushi Apr 02 '13 at 10:20
  • Security is very broad term, we can say abstraction is way of securing class information. – xyz Apr 02 '13 at 10:20
  • 1
    So both these terms have nothing common between? Being a secure class doesn't affect the other thing and vice versa? – Arslan Ali Apr 02 '13 at 10:24

3 Answers3

3

Can we say that every encapsulated class is secure?

No, but encapsulation is a baby step towards security.

Imagine your class as a building with dozens of windows.

enter image description here

To fully secure the building, you'd have to cover all openings: not only windows, but doors, rooftop and back entrances. By encapsulation, you would have protected your implementation from direct access and thereby closed one of the windows, but... there are dozens to go.

As mentioned in many of the comments, security is a very broad term. You have to work on a number of things to declare your class (and/or application) secure. You can start with these:

Does a secure class need to be necessarily encapsulated?

No. But it's very difficult to do as there will be some degree of encapsulation in most design patterns. You'd probably be implementing security outside of Java in this case (e.g. with the help of the OS, or other third party tools).

Community
  • 1
  • 1
Jops
  • 21,340
  • 13
  • 43
  • 59
1

Classes should be small and simple. This is what I mean by a class being secure.

To improve class reliability, access to its members and algorithms should be limited for other developers. To do that in the OOP world, developers use a mechanism called encapsulation. By restricting the access to class elements by setting the visibility to private, we hide the details of how the code deals with a task. This improves the security, as other developers can not modify the data during code execution.

From my point of view, there is no distinction between encapsulation and "making a class more secure". By using encapsulation, your classes are more secure by definition. You can extend that security by introducing concepts such as immutable and making your class close to inheritance mechanism by using key word 'final'.

But this is more a wiki answer and question so there is not good answer.

Any comment is strongly appreciated.

Lundin
  • 155,020
  • 33
  • 213
  • 341
Damian Leszczyński - Vash
  • 28,711
  • 9
  • 53
  • 93
0

Encapsulating is to encapsulate your logic into a different class and call it in your code.

We do this when we work in a team -one member will say call my this method your work will be done . . caller have not to worry about implementation.

"In simple take your logic out of your class and call it by a method".

But to implement it securely

use access modifiers

and final variable. as per you need.

Nirbhay Mishra
  • 1,469
  • 3
  • 17
  • 33