Developers: As of 7u51, (January, 2014), your Rich Internet Applications (RIAs, also known as Applets and Web Start applications) must be updated. The updates required are on the packaging and distribution; no API code changes should be required. The impetus for these changes relates to potential re-purposing of sandboxed applications, whereby placing permissions within a signed JAR prevents modification of your specified permission level.
RIAs must contain two things:
See the Java Platform Group Product Management blog for more information.Java 7 Update 45 (7u45), October 2013: LiveConnect calls will ask permission before interacting with Rich Internet Applications
Java - Help (Java.com)
Security level settings in the Java Control Panel
Java SE Security Secure Coding Guidelines for the Java Programming Language
JAR File Manifest Attributes for Security
Java SE 7 Security Documentation
technical information about the signed code change
Oracle Java SE Support provides 24x7 email and phone support for mission-critical applications
Oracle Java SE Advanced and Oracle Java SE Suite products provide enterprise features that minimize the costs of deployment, monitoring, and maintenance of Java-based IT environments.
Deployment Rule Sets for whitelisting applications
Deployment Best Practices
Java Plug-in Guide for System Administrators
Tutorial: Security Features in Java SE