Авторизация
Поиск по указателям
Steel Ch., Nagappan R., Lai R. — Core Security Patterns: Best Practices and Strategies for J2EE, Web Services, and Identity Management
Обсудите книгу на научном форуме Нашли опечатку?
Название: Core Security Patterns: Best Practices and Strategies for J2EE, Web Services, and Identity ManagementАвторы: Steel Ch., Nagappan R., Lai R.Аннотация: For Web architects, developers, and project managers, this manual on internet applications and services security demonstrates security design for J2EE enterprise applications, Web services, identity management, service provisioning, and personal identification solutions. It provides 23 patterns and 101 practices relating to Java 2 platform security, Java extensible security and API framework, smart cards and biometrics, and includes security compliances and case studies. The authors are Java security architects.
Язык: Рубрика: Технология /Статус предметного указателя: Готов указатель с номерами страниц ed2k: ed2k stats Год издания: 2005Количество страниц: 1088Добавлена в каталог: 19.08.2007Операции: Положить на полку |
Скопировать ссылку для форума | Скопировать ID
Предметный указатель
source code scanners SourceBaseAction class SourceSite class 2nd SOX (Sarbanes-Oxley Act) SOX (Sarbanes-Oxley Act) in security provisioning patterns SOX (Sarbanes-Oxley Act), identity protection in 2nd SPIs (service provider interfaces) SPIs (service provider interfaces) in Credential Tokenizer patterns SPIs (service provider interfaces) in PAMs SPKI SPML (Service Provisioning Markup Language) 2nd 3rd SPML, features SPML, implementation SPML, operations Spokes in Security Wheel Spoofing Spoofing and client-side validations Spoofing in Web services SQL SQL, embedded commands SQL, injection vulnerability SQLValidator SSL (Secure Socket Layer) SSL for RMI socket factories SSL in case study SSL, accelerators 2nd SSL, issues SSL, J2EE 2nd 3rd SSL, JSSE SSL, JSSE for secure socket connections SSL, JSSE, HTTP over SSL SSL, role of SSL, vs. TLS SSL, Web services 2nd SSL, Web-server-based SSL, WS-Security SSL, XML encryption SSLEngine class SSLxxx classes SSL_NULL_WITH_NULL_NULL SSO [See Single sign-on (SSO) mechanisms] SSOContext class 2nd SSOContextImpl class SSODelegator class 2nd 3rd SSODelegatorException class SSODelegatorFactory class 2nd 3rd SSOServiceProvider class 2nd Standard Operating Procedure (SOP) documents Standards Standards, Authentication Enforcer pattern Standards, smart cards Standards, Web services 2nd 3rd Start method start method, PasswordSyncLedger start method, PasswordSyncRequest State maintenance in Liberty Alliance sessions stateful firewalls Stateful transactions Stateless transactions Stateless/stateful Policy Delegate Static conformance requirements Static mappings Stolen smart cards Storage, insecure Strategies in security patterns 2nd Strategies in security patterns, Assertion Builder Strategies in security patterns, Audit Interceptor Strategies in security patterns, Authentication Enforcer Strategies in security patterns, Authorization Enforcer Strategies in security patterns, Container Managed Security Strategies in security patterns, Credential Tokenizer Strategies in security patterns, Dynamic Service Management Strategies in security patterns, Intercepting Validator Strategies in security patterns, Intercepting Web Agent Strategies in security patterns, Message Inspector Strategies in security patterns, Message Interceptor Gateway Strategies in security patterns, Obfuscated Transfer Object Strategies in security patterns, Password Synchronizer Strategies in security patterns, Policy Delegate Strategies in security patterns, Secure Base Action Strategies in security patterns, Secure Logger Strategies in security patterns, Secure Message Router Strategies in security patterns, Secure Pipe Strategies in security patterns, Secure Service Facade Strategies in security patterns, Secure Service Proxy Strategies in security patterns, Secure Session Object Strategies in security patterns, Single Sign-on Delegator Stream ciphers Stress testing String encryption Strong cryptography Structural transformations Structure in security patterns Structure in security patterns, Assertion Builder Structure in security patterns, Audit Interceptor Structure in security patterns, Authentication Enforcer Structure in security patterns, Authorization Enforcer Structure in security patterns, Container Managed Security Structure in security patterns, Credential Tokenizer Structure in security patterns, Dynamic Service Management Structure in security patterns, Intercepting Validator Structure in security patterns, Intercepting Web Agent Structure in security patterns, Message Inspector Structure in security patterns, Message Interceptor Gateway Structure in security patterns, Obfuscated Transfer Object Structure in security patterns, Password Synchronizer Structure in security patterns, Policy Delegate Structure in security patterns, Secure Base Action Structure in security patterns, Secure Logger Structure in security patterns, Secure Message Router Structure in security patterns, Secure Pipe Structure in security patterns, Secure Service Facade Structure in security patterns, Secure Service Proxy Structure in security patterns, Secure Session Object Structure in security patterns, Single Sign-on Delegator Subject class Subject class, Authentication Enforcer pattern Subject class, Authorization Enforcer pattern Subject class, JAAS authorization 2nd Subject Descriptor pattern Subjects in JAAS Subjects in JAAS, authorization 2nd Subjects in JAAS, Login Module strategy Sufficient flag Summaries of security factors SunJCE provider SunJSSE provider SunPKS11 provider Super encryption Support strategy in security provisioning patterns symmetric ciphers Symmetric keys Symmetric keys, Obfuscated Transfer Object pattern Symmetric keys, Secure Logger pattern Symmetric keys, XML Synchronization Synchronization, identity management synchronization, passwords Synchronization, passwords, Password Synchronizer pattern [See Password Synchronizer pattern] Synchronization, passwords, user account provisioning 2nd System constraints System Entry Point System environment in use cases Tags Tags, libraries for Tags, RFID TakeAction class Tamper-proofing transformations Targets Targets in case study Targets in security patterns Targets in security patterns, Audit Interceptor Targets in security patterns, Intercepting Validator Targets in security patterns, Obfuscated Transfer Object 2nd Targets in security patterns, Password Synchronizer Targets in security patterns, Secure Session Object Targets, SPML Targets, XACML Technology differentiators Technology elements in case study 2nd Templates Templates, biometrics Templates, Java System Access Manager Templates, security pattern [See Security patterns] Termination Termination, biometrics Termination, identity Termination, smart card Testability Testability, Message Interceptor Gateway pattern Testability, Secure Message Router pattern Testing Testing in case study Testing, black box Testing, Web services patterns Testing, white box theft Theft in Web services Theft, identity Theft, session Third-party authentication and authorization Third-Party Communication pattern threat modeling Threat profiling Threat profiling for security patterns Threat profiling in case study Threats to Web services Three-factor authentication Tier matrices Tiers Tiers in case study Tiers in J2EE Tiers in risk analysis Tiers in security patterns Time checking strategy timeouts Timeouts, HTTP sessions Timeouts, URLConnections Timeouts, Web tier patterns Timestamps Timestamps, Web services patterns Timestamps, WS-Security TLS [See Transport Layer Security (TLS)] TOA (trade-off analysis) TOA (trade-off analysis) in case study TOA (trade-off analysis) in Secure UP TokenContext class 2nd TokenContextImpl class Tokens Tokens, biometrics Tokens, Credential Tokenizer [See Credential Tokenizer pattern] Tokens, HTTP-POST Tokens, Identity management patterns Tokens, policy Tokens, RSA cryptographic Tokens, smart card Tokens, SSO 2nd Tokens, unified credential token solution Tokens, weak Tokens, WS-Policy Tokens, WS-Security 2nd 3rd Tolerance level of potential security threats Top Secret data Traceability in Web services Trade-off analysis (TOA) Trade-off analysis (TOA) in case study Trade-off analysis (TOA) in Secure UP Trading partners in use cases Training Transactions Transactions in case study Transactions in use cases Transactions, J2EE network topology Transactions, Liberty Alliance Transactions, Secure Pipe pattern [See Secure Pipe pattern] Transactions, Secure Service Facade pattern transfer method Transfer object member strategy 2nd Transfer Object pattern Transfer Object pattern and Obfuscated Transfer Object pattern 2nd Transfer Object pattern and Secure Session Object pattern Transform algorithms Transformation, code Transparency Transparency, Assertion Builder pattern Transparency, Credential Tokenizer patterns Transport Layer Security (TLS) Transport Layer Security (TLS), issues in Transport Layer Security (TLS), J2EE 2nd 3rd Transport Layer Security (TLS), JMS Transport Layer Security (TLS), JSSE Transport Layer Security (TLS), Web services Transport Layer Security (TLS), WS-Security Transport Layer Security (TLS), XML encryption TRIPLEDES encryption algorithm Trust models Trust models for security patterns Trust models in case study Trust models, LDAP TrustAnchor class Trusted certificates Trusted certificates for applets Trusted certificates, importing Trusted MIDlets TrustManager class TrustManagerFactory class Trusts in WS-Security TrustStore property TSIK services Tunneling, proxy Twofish algorithm Types, Java UDDI (Universal Description, Discovery, and Integration) UDDI and Secure Logger pattern UDDI for Web services 2nd UDDI, attacks on UIDGenerator class Unclassified data Unified credential tokens 2nd Unified Process (UP) Unified Process (UP), references for Unified Process (UP), secure [See Secure UP] Unit testing Universal description, discovery, and integration (UDDI) Universal Description, Discovery, and Integration (UDDI) and Secure Logger pattern Universal Description, Discovery, and Integration (UDDI) for Web services 2nd Universal Description, Discovery, and Integration (UDDI), attacks on Unlimited strength cryptography unloadMBeans method Unprotected resources unregisterObject method unseal method Untrusted services unwrap method UP (Unified Process) UP (Unified Process), references for UP (Unified Process), secure [See Secure UP] Update method 2nd upgrades URL rewriting
Реклама
|
|
О проекте