Layers of Security:

The first line of defense against untrusted programs in a Java application is a category of the basic design of the language: Java is a safe language. Whenever programming language theorists use the word safety, they aren't talking about protection against malicious programs. Relatively, they mean protection against incorrect programs. A Java achieves this in various ways:

1. Array references are checked at runtime to ensure in which they are inside the bounds of the array. This check avoids incorrect programs from running off the end of an array into storage which doesn't belong to the program or which holds values of the wrong type.

2. Casts are carefully controlled so in which they can't be used to violate the language's rules, and implicit kind conversions are kept to a minimum.

3. Memory management is automatic. This arrangement avoids "memory leaks" (when unused storage is never reclaimed) and "dangling pointers" (when valid storage is freed prematurely).

4. The language does not permits programmers to manipulate pointers straightly (although they are used extensively behind the scenes). This characteristic prevents several invalid uses of pointers, a few of that could be used to circumvent the preceding restrictions.