Главная    Ex Libris    Книги    Журналы    Статьи    Серии    Каталог    Wanted    Загрузка    ХудЛит    Справка    Поиск по индексам    Поиск    Форум   
blank
Авторизация

       
blank
Поиск по указателям

blank
blank
blank
Красота
blank
Steel Ch., Nagappan R., Lai R. — Core Security Patterns: Best Practices and Strategies for J2EE, Web Services, and Identity Management
Steel Ch., Nagappan R., Lai R. — Core Security Patterns: Best Practices and Strategies for J2EE, Web Services, and Identity Management



Обсудите книгу на научном форуме



Нашли опечатку?
Выделите ее мышкой и нажмите Ctrl+Enter


Название: Core Security Patterns: Best Practices and Strategies for J2EE, Web Services, and Identity Management

Авторы: Steel Ch., Nagappan R., Lai R.

Аннотация:

For Web architects, developers, and project managers, this manual on internet applications and services security demonstrates security design for J2EE enterprise applications, Web services, identity management, service provisioning, and personal identification solutions. It provides 23 patterns and 101 practices relating to Java 2 platform security, Java extensible security and API framework, smart cards and biometrics, and includes security compliances and case studies. The authors are Java security architects.


Язык: en

Рубрика: Технология/

Статус предметного указателя: Готов указатель с номерами страниц

ed2k: ed2k stats

Год издания: 2005

Количество страниц: 1088

Добавлена в каталог: 19.08.2007

Операции: Положить на полку | Скопировать ссылку для форума | Скопировать ID
blank
Предметный указатель
source code scanners      
SourceBaseAction class      
SourceSite class      2nd
SOX (Sarbanes-Oxley Act)      
SOX (Sarbanes-Oxley Act) in security provisioning patterns      
SOX (Sarbanes-Oxley Act), identity protection in      2nd
SPIs (service provider interfaces)      
SPIs (service provider interfaces) in Credential Tokenizer patterns      
SPIs (service provider interfaces) in PAMs      
SPKI      
SPML (Service Provisioning Markup Language)      2nd 3rd
SPML, features      
SPML, implementation      
SPML, operations      
Spokes in Security Wheel      
Spoofing      
Spoofing and client-side validations      
Spoofing in Web services      
SQL      
SQL, embedded commands      
SQL, injection vulnerability      
SQLValidator      
SSL (Secure Socket Layer)      
SSL for RMI socket factories      
SSL in case study      
SSL, accelerators      2nd
SSL, issues      
SSL, J2EE      2nd 3rd
SSL, JSSE      
SSL, JSSE for secure socket connections      
SSL, JSSE, HTTP over SSL      
SSL, role of      
SSL, vs. TLS      
SSL, Web services      2nd
SSL, Web-server-based      
SSL, WS-Security      
SSL, XML encryption      
SSLEngine class      
SSLxxx classes      
SSL_NULL_WITH_NULL_NULL      
SSO      [See Single sign-on (SSO) mechanisms]
SSOContext class      2nd
SSOContextImpl class
SSODelegator class      2nd 3rd
SSODelegatorException class      
SSODelegatorFactory class      2nd 3rd
SSOServiceProvider class      2nd
Standard Operating Procedure (SOP) documents      
Standards      
Standards, Authentication Enforcer pattern
Standards, smart cards
Standards, Web services      2nd 3rd
Start method      
start method, PasswordSyncLedger
start method, PasswordSyncRequest      
State maintenance in Liberty Alliance sessions      
stateful firewalls      
Stateful transactions      
Stateless transactions      
Stateless/stateful Policy Delegate      
Static conformance requirements      
Static mappings
Stolen smart cards      
Storage, insecure      
Strategies in security patterns      2nd
Strategies in security patterns, Assertion Builder      
Strategies in security patterns, Audit Interceptor      
Strategies in security patterns, Authentication Enforcer      
Strategies in security patterns, Authorization Enforcer      
Strategies in security patterns, Container Managed Security      
Strategies in security patterns, Credential Tokenizer      
Strategies in security patterns, Dynamic Service Management      
Strategies in security patterns, Intercepting Validator      
Strategies in security patterns, Intercepting Web Agent      
Strategies in security patterns, Message Inspector      
Strategies in security patterns, Message Interceptor Gateway      
Strategies in security patterns, Obfuscated Transfer Object      
Strategies in security patterns, Password Synchronizer      
Strategies in security patterns, Policy Delegate      
Strategies in security patterns, Secure Base Action      
Strategies in security patterns, Secure Logger      
Strategies in security patterns, Secure Message Router      
Strategies in security patterns, Secure Pipe      
Strategies in security patterns, Secure Service Facade      
Strategies in security patterns, Secure Service Proxy      
Strategies in security patterns, Secure Session Object      
Strategies in security patterns, Single Sign-on Delegator      
Stream ciphers      
Stress testing      
String encryption      
Strong cryptography      
Structural transformations      
Structure in security patterns      
Structure in security patterns, Assertion Builder      
Structure in security patterns, Audit Interceptor      
Structure in security patterns, Authentication Enforcer      
Structure in security patterns, Authorization Enforcer      
Structure in security patterns, Container Managed Security      
Structure in security patterns, Credential Tokenizer      
Structure in security patterns, Dynamic Service Management      
Structure in security patterns, Intercepting Validator      
Structure in security patterns, Intercepting Web Agent
Structure in security patterns, Message Inspector
Structure in security patterns, Message Interceptor Gateway      
Structure in security patterns, Obfuscated Transfer Object      
Structure in security patterns, Password Synchronizer      
Structure in security patterns, Policy Delegate      
Structure in security patterns, Secure Base Action      
Structure in security patterns, Secure Logger      
Structure in security patterns, Secure Message Router
Structure in security patterns, Secure Pipe      
Structure in security patterns, Secure Service Facade      
Structure in security patterns, Secure Service Proxy      
Structure in security patterns, Secure Session Object      
Structure in security patterns, Single Sign-on Delegator      
Subject class      
Subject class, Authentication Enforcer pattern      
Subject class, Authorization Enforcer pattern      
Subject class, JAAS authorization      2nd
Subject Descriptor pattern
Subjects in JAAS      
Subjects in JAAS, authorization      2nd
Subjects in JAAS, Login Module strategy      
Sufficient flag
Summaries of security factors
SunJCE provider      
SunJSSE provider
SunPKS11 provider      
Super encryption      
Support strategy in security provisioning patterns
symmetric ciphers
Symmetric keys      
Symmetric keys, Obfuscated Transfer Object pattern
Symmetric keys, Secure Logger pattern
Symmetric keys, XML
Synchronization
Synchronization, identity management
synchronization, passwords
Synchronization, passwords, Password Synchronizer pattern      [See Password Synchronizer pattern]
Synchronization, passwords, user account provisioning      2nd
System constraints
System Entry Point      
System environment in use cases
Tags
Tags, libraries for
Tags, RFID
TakeAction class      
Tamper-proofing transformations      
Targets      
Targets in case study
Targets in security patterns
Targets in security patterns, Audit Interceptor
Targets in security patterns, Intercepting Validator      
Targets in security patterns, Obfuscated Transfer Object      2nd
Targets in security patterns, Password Synchronizer
Targets in security patterns, Secure Session Object
Targets, SPML
Targets, XACML
Technology differentiators
Technology elements in case study      2nd
Templates
Templates, biometrics
Templates, Java System Access Manager      
Templates, security pattern      [See Security patterns]
Termination
Termination, biometrics
Termination, identity
Termination, smart card
Testability
Testability, Message Interceptor Gateway pattern
Testability, Secure Message Router pattern
Testing
Testing in case study
Testing, black box
Testing, Web services patterns
Testing, white box
theft
Theft in Web services
Theft, identity      
Theft, session
Third-party authentication and authorization
Third-Party Communication pattern
threat modeling
Threat profiling
Threat profiling for security patterns      
Threat profiling in case study
Threats to Web services      
Three-factor authentication
Tier matrices
Tiers
Tiers in case study
Tiers in J2EE
Tiers in risk analysis
Tiers in security patterns      
Time checking strategy
timeouts
Timeouts, HTTP sessions
Timeouts, URLConnections
Timeouts, Web tier patterns
Timestamps
Timestamps, Web services patterns
Timestamps, WS-Security      
TLS      [See Transport Layer Security (TLS)]
TOA (trade-off analysis)      
TOA (trade-off analysis) in case study
TOA (trade-off analysis) in Secure UP
TokenContext class      2nd
TokenContextImpl class      
Tokens
Tokens, biometrics
Tokens, Credential Tokenizer      [See Credential Tokenizer pattern]
Tokens, HTTP-POST
Tokens, Identity management patterns
Tokens, policy
Tokens, RSA cryptographic
Tokens, smart card
Tokens, SSO      2nd
Tokens, unified credential token solution
Tokens, weak      
Tokens, WS-Policy      
Tokens, WS-Security      2nd 3rd
Tolerance level of potential security threats
Top Secret data      
Traceability in Web services
Trade-off analysis (TOA)      
Trade-off analysis (TOA) in case study      
Trade-off analysis (TOA) in Secure UP      
Trading partners in use cases      
Training      
Transactions      
Transactions in case study      
Transactions in use cases      
Transactions, J2EE network topology      
Transactions, Liberty Alliance      
Transactions, Secure Pipe pattern      [See Secure Pipe pattern]
Transactions, Secure Service Facade pattern      
transfer method      
Transfer object member strategy      2nd
Transfer Object pattern
Transfer Object pattern and Obfuscated Transfer Object pattern      2nd
Transfer Object pattern and Secure Session Object pattern      
Transform algorithms
Transformation, code
Transparency
Transparency, Assertion Builder pattern      
Transparency, Credential Tokenizer patterns      
Transport Layer Security (TLS)
Transport Layer Security (TLS), issues in
Transport Layer Security (TLS), J2EE      2nd 3rd
Transport Layer Security (TLS), JMS      
Transport Layer Security (TLS), JSSE
Transport Layer Security (TLS), Web services      
Transport Layer Security (TLS), WS-Security      
Transport Layer Security (TLS), XML encryption      
TRIPLEDES encryption algorithm      
Trust models      
Trust models for security patterns      
Trust models in case study      
Trust models, LDAP      
TrustAnchor class      
Trusted certificates      
Trusted certificates for applets      
Trusted certificates, importing      
Trusted MIDlets      
TrustManager class      
TrustManagerFactory class      
Trusts in WS-Security      
TrustStore property      
TSIK services      
Tunneling, proxy      
Twofish algorithm      
Types, Java      
UDDI (Universal Description, Discovery, and Integration)      
UDDI and Secure Logger pattern      
UDDI for Web services      2nd
UDDI, attacks on      
UIDGenerator class      
Unclassified data      
Unified credential tokens      2nd
Unified Process (UP)      
Unified Process (UP), references for
Unified Process (UP), secure      [See Secure UP]
Unit testing
Universal description, discovery, and integration (UDDI)
Universal Description, Discovery, and Integration (UDDI) and Secure Logger pattern      
Universal Description, Discovery, and Integration (UDDI) for Web services      2nd
Universal Description, Discovery, and Integration (UDDI), attacks on
Unlimited strength cryptography
unloadMBeans method      
Unprotected resources
unregisterObject method
unseal method
Untrusted services
unwrap method
UP (Unified Process)
UP (Unified Process), references for
UP (Unified Process), secure      [See Secure UP]
Update method      2nd
upgrades
URL rewriting
1 2 3 4 5 6 7 8 9 10 11 12 13 14
blank
Реклама
blank
blank
HR
@Mail.ru
       © Электронная библиотека попечительского совета мехмата МГУ, 2004-2025
Электронная библиотека мехмата МГУ | Valid HTML 4.01! | Valid CSS! О проекте