Авторизация
Поиск по указателям
Steel Ch., Nagappan R., Lai R. — Core Security Patterns: Best Practices and Strategies for J2EE, Web Services, and Identity Management
Обсудите книгу на научном форуме Нашли опечатку?
Название: Core Security Patterns: Best Practices and Strategies for J2EE, Web Services, and Identity ManagementАвторы: Steel Ch., Nagappan R., Lai R.Аннотация: For Web architects, developers, and project managers, this manual on internet applications and services security demonstrates security design for J2EE enterprise applications, Web services, identity management, service provisioning, and personal identification solutions. It provides 23 patterns and 101 practices relating to Java 2 platform security, Java extensible security and API framework, smart cards and biometrics, and includes security compliances and case studies. The authors are Java security architects.
Язык: Рубрика: Технология /Статус предметного указателя: Готов указатель с номерами страниц ed2k: ed2k stats Год издания: 2005Количество страниц: 1088Добавлена в каталог: 19.08.2007Операции: Положить на полку |
Скопировать ссылку для форума | Скопировать ID
Предметный указатель
-addcert option -addjarsig option -certreq option -export option -genkey option -import option -keyalg option -keypass option -keystore option -list option -printcert option -showcert option -storepass option -storepasswd option <<IssuesInstant> element <application-desc> element <AttributeValue> element <AuthenticationContextStatement> message <AuthnRequest> message 2nd <AuthnResponse> message 2nd <AuthorizationDecisionStatement> feature 2nd <CanonicalizationMethod> element <CipherData> element <CombinerParameters> element <condition> element <condition> element, EPAL <condition> element, XACML <Decision> element <DigestMethod> element <DigestValue> element <ds:KeyInfo> element <ds:Signature> element <EncryptedData> element <EncryptedKey> element <EncryptionMethod> element <EncryptionProperties> element <Environment> element <EnvironmentMatch> element <ExactlyOne> element <FederationTerminationNotification> message <information> element <KeyInfo> element <Manifest> element <NameIdentifierMappingRequest> message <Object> element <PolicySetIdReference> element <r:license> element <Reference> element <Request> element <resources> element <Result> element <rule> element <RuleCombinerparameters> element <saml:Assertion> element <security> element <Signature> element <SignatureMethod> element <SignatureProperties> element <Signaturevalue> element <SignedInfo> element <Status> element <Target> element <Transforms> element <VariableDefinition> element <VariableReference> element <Version> element <wsse:BinarySecurityToken> element <wsse:Security> element <wsse:SecurityTokenReference> element <wsse:UsernameToken> element <wsu:TimeStamp> element <xenc:EncryptedData> element <xenc:EncryptedKey> element Ability to verify (ATV) probability Abort method Abstract Factory pattern Abstract objects abstraction layers Access control 2nd Access control lists (ACLs) Access control lists (ACLs), J2EE Access control lists (ACLs), JMS Access control, Assertion Builder pattern Access control, broken Access control, Business tier patterns 2nd Access control, DMTF Access control, EPAL Access control, for smart cards Access control, IETF Policy Management Working Group Access control, J2EE Access control, management services 2nd Access control, Parlay Group Access control, physical and logical Access control, Web services 2nd Access points in case study AccessController class Accountability, checklist for accounts [See User account provisioning] Accuracy of biometric verification ACLs (access control lists) ACLs (access control lists), J2EE ACLs (access control lists), JMS Actions in Parlay Active RFID tags Activities in Secure UP Actors in use cases Add operation in SPML Add-on, security as addListener method AddResponse message Administration Administration in biometric systems Administration in Web tier patterns Administration, reality checks for Administrator privileges Advanced Encryption Standard (AES) 2nd 3rd Advice in SAML assertions Advisory policies Agent-based and agentless architecture for user account provisioning Agent-based authentication 2nd Agent-based policy enforcement Aggregation, service Alchemy of security design Alchemy of security design, conclusion Alchemy of security design, framework adoption Alchemy of security design, rationale Alchemy of security design, reality checks [See Reality checks] Alchemy of security design, refactoring Alchemy of security design, references Alchemy of security design, Secure UP Alchemy of security design, Secure UP, artifacts in Alchemy of security design, Secure UP, risk analysis Alchemy of security design, Secure UP, trade-off analysis Alchemy of security design, security patterns [See Security patterns] Alchemy of security design, service continuity and recovery Alchemy of security design, testing ALE (Annual Loss Expectancy) 2nd alerts Alerts, SSL Alerts, Web services patterns AlgorithmParameter class AlgorithmParameterGenerator class Alteration attacks Alteration attacks, SAML Alteration attacks, Secure Logger pattern 2nd Annual Loss Expectancy (ALE) 2nd Anonymous EJB resources AOP (Aspect Oriented Programming) techniques Apache Struts Apache Struts, in form validation XML Apache Struts, in Web data validation Apache Struts, with SecureBaseAction Apache Struts, with SimpleFormAction APDUs (Application Protocol Data Units) Apis APIs, BioAPI APIs, CertPath APIs, JAAS APIs, Java APIs, Java Card APIs, JCA APIs, JCE APIs, JSSE APIs, SAAJ 2nd 3rd APIs, SASL APIs, Vendor-specific Applets Applets for smart cards Applets, Java Card Applets, signed Appletviewers Appliances Appliances, firewall Appliances, strategies for Appliances, XML-aware Application Controller Application data messages in SSL Application Protocol Data Units (APDUs) Application Requests Application security assessment model Application Security Providers Application-based authentication Applications and application security Applications and application security, access control Applications and application security, as weakest links Applications and application security, audit and logging Applications and application security, authentication Applications and application security, buffer overflow Applications and application security, CLDC Applications and application security, coding problems Applications and application security, configuration data Applications and application security, cross-site scripting Applications and application security, data injection flaws Applications and application security, data transit and storage Applications and application security, deployment problems Applications and application security, DOS and DDOS attacks Applications and application security, encryption Applications and application security, error handling Applications and application security, in case study Applications and application security, input validation failures Applications and application security, Intercepting Web Agent pattern Applications and application security, J2EE Applications and application security, JSSE Applications and application security, man-in-the-middle attacks Applications and application security, multiple sign-ons Applications and application security, output sanitation Applications and application security, password exploits Applications and application security, policies Applications and application security, Secure Pipe pattern Applications and application security, security provisioning patterns Applications and application security, security tokens Applications and application security, servers Applications and application security, servers for biometrics Applications and application security, servers for smart cards Applications and application security, servers in use cases Applications and application security, session identifiers Applications and application security, session theft Applications and application security, Web tier patterns Applying security patterns Architecture Architecture in case study 2nd Architecture in security patterns Architecture in security patterns, Authentication Enforcer Architecture in security patterns, Business tier Architecture in security patterns, Intercepting Validator Architecture in security patterns, Intercepting Web Agent Architecture in security patterns, Secure Base Action Architecture in security patterns, Secure Service Proxy Architecture, inefficiencies architecture, J2EE Architecture, J2ME Architecture, Java Architecture, Liberty Alliance Architecture, patterns-driven security design Architecture, personal identification systems Architecture, personal identification systems, biometrics Architecture, personal identification systems, smart cards Architecture, risk analysis architecture, SAML 2nd Architecture, Secure UP 2nd Architecture, user account provisioning Architecture, user account provisioning, centralized model vs. decentralized Architecture, user account provisioning, components of Architecture, user account provisioning, logical Architecture, Web services Architecture, XACML Artifact Resolution Profile Artifacts in Secure UP Aspect Oriented Programming (AOP) techniques Assemblers, J2EE Assertion Builder pattern 2nd Assertion Builder pattern in service provisioning Assertion Builder pattern in single sign-on Assertion Builder pattern, and Single Sign-on Delegator pattern 2nd Assertion Builder pattern, consequences Assertion Builder pattern, forces Assertion Builder pattern, participants and responsibilities Assertion Builder pattern, problem Assertion Builder pattern, reality check Assertion Builder pattern, related patterns Assertion Builder pattern, sample code Assertion Builder pattern, security factors and risks Assertion Builder pattern, solution Assertion Builder pattern, strategies Assertion Builder pattern, structure Assertion class Assertion Query/Request profile AssertionContext class AssertionContextImpl class 2nd assertions Assertions, Java System Access Manager assertions, SAML Assertions, SAML, attribute Assertions, SAML, authentication 2nd Assertions, SAML, authorization Assertions, WS-Policy Assertions, WS-Security assertRequest method Assessment checklists Asset valuation Asymmetric ciphers Attachments in SOAP messages Attack trees AttributeQuery class Attributes Attributes, J2EE Attributes, SAML Attributes, SAML, assertion 2nd Attributes, SAML, authority 2nd Attributes, SAML, mapping Attributes, SAML, profile Attributes, SAML, repository Attributes, Secure Service Facade pattern Attributes, XACML 2nd AttributeStatement class 2nd ATV (ability to verify) probability Audit Interceptor pattern 2nd 3rd Audit Interceptor pattern, and Message Inspector pattern Audit Interceptor pattern, consequences Audit Interceptor pattern, forces
Реклама
|
|
О проекте