Secure coding practices are becoming increasingly important in a highly security-critical and highly distributed application landscape. This talk focuses on the secure login process and cryptographically secured storage strategies. We will look at advanced hashing methods and public key approaches, as well as, for example, the use of virtual threads in conjunction with access control concepts and zero-trust approaches.

We will then examine the secure handling of sensitive data using strategies such as zeroing, ephemeral references, and memory fencing. We will also examine memory-based obfuscation, on-demand enclave creation, dynamic key derivation, and ephemeral key generation.

Everything will be illustrated with practical examples in Core Java.