Авторизация
Поиск по указателям
Steel Ch., Nagappan R., Lai R. — Core Security Patterns: Best Practices and Strategies for J2EE, Web Services, and Identity Management
Обсудите книгу на научном форуме
Нашли опечатку? Выделите ее мышкой и нажмите Ctrl+Enter
Название: Core Security Patterns: Best Practices and Strategies for J2EE, Web Services, and Identity Management
Авторы: Steel Ch., Nagappan R., Lai R.
Аннотация: For Web architects, developers, and project managers, this manual on internet applications and services security demonstrates security design for J2EE enterprise applications, Web services, identity management, service provisioning, and personal identification solutions. It provides 23 patterns and 101 practices relating to Java 2 platform security, Java extensible security and API framework, smart cards and biometrics, and includes security compliances and case studies. The authors are Java security architects.
Язык:
Рубрика: Технология /
Статус предметного указателя: Готов указатель с номерами страниц
ed2k: ed2k stats
Год издания: 2005
Количество страниц: 1088
Добавлена в каталог: 19.08.2007
Операции: Положить на полку |
Скопировать ссылку для форума | Скопировать ID
Предметный указатель
source code scanners
SourceBaseAction class
SourceSite class 2nd
SOX (Sarbanes-Oxley Act)
SOX (Sarbanes-Oxley Act) in security provisioning patterns
SOX (Sarbanes-Oxley Act), identity protection in 2nd
SPIs (service provider interfaces)
SPIs (service provider interfaces) in Credential Tokenizer patterns
SPIs (service provider interfaces) in PAMs
SPKI
SPML (Service Provisioning Markup Language) 2nd 3rd
SPML, features
SPML, implementation
SPML, operations
Spokes in Security Wheel
Spoofing
Spoofing and client-side validations
Spoofing in Web services
SQL
SQL, embedded commands
SQL, injection vulnerability
SQLValidator
SSL (Secure Socket Layer)
SSL for RMI socket factories
SSL in case study
SSL, accelerators 2nd
SSL, issues
SSL, J2EE 2nd 3rd
SSL, JSSE
SSL, JSSE for secure socket connections
SSL, JSSE, HTTP over SSL
SSL, role of
SSL, vs. TLS
SSL, Web services 2nd
SSL, Web-server-based
SSL, WS-Security
SSL, XML encryption
SSLEngine class
SSLxxx classes
SSL_NULL_WITH_NULL_NULL
SSO [See Single sign-on (SSO) mechanisms]
SSOContext class 2nd
SSOContextImpl class
SSODelegator class 2nd 3rd
SSODelegatorException class
SSODelegatorFactory class 2nd 3rd
SSOServiceProvider class 2nd
Standard Operating Procedure (SOP) documents
Standards
Standards, Authentication Enforcer pattern
Standards, smart cards
Standards, Web services 2nd 3rd
Start method
start method, PasswordSyncLedger
start method, PasswordSyncRequest
State maintenance in Liberty Alliance sessions
stateful firewalls
Stateful transactions
Stateless transactions
Stateless/stateful Policy Delegate
Static conformance requirements
Static mappings
Stolen smart cards
Storage, insecure
Strategies in security patterns 2nd
Strategies in security patterns, Assertion Builder
Strategies in security patterns, Audit Interceptor
Strategies in security patterns, Authentication Enforcer
Strategies in security patterns, Authorization Enforcer
Strategies in security patterns, Container Managed Security
Strategies in security patterns, Credential Tokenizer
Strategies in security patterns, Dynamic Service Management
Strategies in security patterns, Intercepting Validator
Strategies in security patterns, Intercepting Web Agent
Strategies in security patterns, Message Inspector
Strategies in security patterns, Message Interceptor Gateway
Strategies in security patterns, Obfuscated Transfer Object
Strategies in security patterns, Password Synchronizer
Strategies in security patterns, Policy Delegate
Strategies in security patterns, Secure Base Action
Strategies in security patterns, Secure Logger
Strategies in security patterns, Secure Message Router
Strategies in security patterns, Secure Pipe
Strategies in security patterns, Secure Service Facade
Strategies in security patterns, Secure Service Proxy
Strategies in security patterns, Secure Session Object
Strategies in security patterns, Single Sign-on Delegator
Stream ciphers
Stress testing
String encryption
Strong cryptography
Structural transformations
Structure in security patterns
Structure in security patterns, Assertion Builder
Structure in security patterns, Audit Interceptor
Structure in security patterns, Authentication Enforcer
Structure in security patterns, Authorization Enforcer
Structure in security patterns, Container Managed Security
Structure in security patterns, Credential Tokenizer
Structure in security patterns, Dynamic Service Management
Structure in security patterns, Intercepting Validator
Structure in security patterns, Intercepting Web Agent
Structure in security patterns, Message Inspector
Structure in security patterns, Message Interceptor Gateway
Structure in security patterns, Obfuscated Transfer Object
Structure in security patterns, Password Synchronizer
Structure in security patterns, Policy Delegate
Structure in security patterns, Secure Base Action
Structure in security patterns, Secure Logger
Structure in security patterns, Secure Message Router
Structure in security patterns, Secure Pipe
Structure in security patterns, Secure Service Facade
Structure in security patterns, Secure Service Proxy
Structure in security patterns, Secure Session Object
Structure in security patterns, Single Sign-on Delegator
Subject class
Subject class, Authentication Enforcer pattern
Subject class, Authorization Enforcer pattern
Subject class, JAAS authorization 2nd
Subject Descriptor pattern
Subjects in JAAS
Subjects in JAAS, authorization 2nd
Subjects in JAAS, Login Module strategy
Sufficient flag
Summaries of security factors
SunJCE provider
SunJSSE provider
SunPKS11 provider
Super encryption
Support strategy in security provisioning patterns
symmetric ciphers
Symmetric keys
Symmetric keys, Obfuscated Transfer Object pattern
Symmetric keys, Secure Logger pattern
Symmetric keys, XML
Synchronization
Synchronization, identity management
synchronization, passwords
Synchronization, passwords, Password Synchronizer pattern [See Password Synchronizer pattern]
Synchronization, passwords, user account provisioning 2nd
System constraints
System Entry Point
System environment in use cases
Tags
Tags, libraries for
Tags, RFID
TakeAction class
Tamper-proofing transformations
Targets
Targets in case study
Targets in security patterns
Targets in security patterns, Audit Interceptor
Targets in security patterns, Intercepting Validator
Targets in security patterns, Obfuscated Transfer Object 2nd
Targets in security patterns, Password Synchronizer
Targets in security patterns, Secure Session Object
Targets, SPML
Targets, XACML
Technology differentiators
Technology elements in case study 2nd
Templates
Templates, biometrics
Templates, Java System Access Manager
Templates, security pattern [See Security patterns]
Termination
Termination, biometrics
Termination, identity
Termination, smart card
Testability
Testability, Message Interceptor Gateway pattern
Testability, Secure Message Router pattern
Testing
Testing in case study
Testing, black box
Testing, Web services patterns
Testing, white box
theft
Theft in Web services
Theft, identity
Theft, session
Third-party authentication and authorization
Third-Party Communication pattern
threat modeling
Threat profiling
Threat profiling for security patterns
Threat profiling in case study
Threats to Web services
Three-factor authentication
Tier matrices
Tiers
Tiers in case study
Tiers in J2EE
Tiers in risk analysis
Tiers in security patterns
Time checking strategy
timeouts
Timeouts, HTTP sessions
Timeouts, URLConnections
Timeouts, Web tier patterns
Timestamps
Timestamps, Web services patterns
Timestamps, WS-Security
TLS [See Transport Layer Security (TLS)]
TOA (trade-off analysis)
TOA (trade-off analysis) in case study
TOA (trade-off analysis) in Secure UP
TokenContext class 2nd
TokenContextImpl class
Tokens
Tokens, biometrics
Tokens, Credential Tokenizer [See Credential Tokenizer pattern]
Tokens, HTTP-POST
Tokens, Identity management patterns
Tokens, policy
Tokens, RSA cryptographic
Tokens, smart card
Tokens, SSO 2nd
Tokens, unified credential token solution
Tokens, weak
Tokens, WS-Policy
Tokens, WS-Security 2nd 3rd
Tolerance level of potential security threats
Top Secret data
Traceability in Web services
Trade-off analysis (TOA)
Trade-off analysis (TOA) in case study
Trade-off analysis (TOA) in Secure UP
Trading partners in use cases
Training
Transactions
Transactions in case study
Transactions in use cases
Transactions, J2EE network topology
Transactions, Liberty Alliance
Transactions, Secure Pipe pattern [See Secure Pipe pattern]
Transactions, Secure Service Facade pattern
transfer method
Transfer object member strategy 2nd
Transfer Object pattern
Transfer Object pattern and Obfuscated Transfer Object pattern 2nd
Transfer Object pattern and Secure Session Object pattern
Transform algorithms
Transformation, code
Transparency
Transparency, Assertion Builder pattern
Transparency, Credential Tokenizer patterns
Transport Layer Security (TLS)
Transport Layer Security (TLS), issues in
Transport Layer Security (TLS), J2EE 2nd 3rd
Transport Layer Security (TLS), JMS
Transport Layer Security (TLS), JSSE
Transport Layer Security (TLS), Web services
Transport Layer Security (TLS), WS-Security
Transport Layer Security (TLS), XML encryption
TRIPLEDES encryption algorithm
Trust models
Trust models for security patterns
Trust models in case study
Trust models, LDAP
TrustAnchor class
Trusted certificates
Trusted certificates for applets
Trusted certificates, importing
Trusted MIDlets
TrustManager class
TrustManagerFactory class
Trusts in WS-Security
TrustStore property
TSIK services
Tunneling, proxy
Twofish algorithm
Types, Java
UDDI (Universal Description, Discovery, and Integration)
UDDI and Secure Logger pattern
UDDI for Web services 2nd
UDDI, attacks on
UIDGenerator class
Unclassified data
Unified credential tokens 2nd
Unified Process (UP)
Unified Process (UP), references for
Unified Process (UP), secure [See Secure UP]
Unit testing
Universal description, discovery, and integration (UDDI)
Universal Description, Discovery, and Integration (UDDI) and Secure Logger pattern
Universal Description, Discovery, and Integration (UDDI) for Web services 2nd
Universal Description, Discovery, and Integration (UDDI), attacks on
Unlimited strength cryptography
unloadMBeans method
Unprotected resources
unregisterObject method
unseal method
Untrusted services
unwrap method
UP (Unified Process)
UP (Unified Process), references for
UP (Unified Process), secure [See Secure UP]
Update method 2nd
upgrades
URL rewriting
Реклама