Авторизация
Поиск по указателям
Steel Ch., Nagappan R., Lai R. — Core Security Patterns: Best Practices and Strategies for J2EE, Web Services, and Identity Management
Обсудите книгу на научном форуме Нашли опечатку?
Название: Core Security Patterns: Best Practices and Strategies for J2EE, Web Services, and Identity ManagementАвторы: Steel Ch., Nagappan R., Lai R.Аннотация: For Web architects, developers, and project managers, this manual on internet applications and services security demonstrates security design for J2EE enterprise applications, Web services, identity management, service provisioning, and personal identification solutions. It provides 23 patterns and 101 practices relating to Java 2 platform security, Java extensible security and API framework, smart cards and biometrics, and includes security compliances and case studies. The authors are Java security architects.
Язык: Рубрика: Технология /Статус предметного указателя: Готов указатель с номерами страниц ed2k: ed2k stats Год издания: 2005Количество страниц: 1088Добавлена в каталог: 19.08.2007Операции: Положить на полку |
Скопировать ссылку для форума | Скопировать ID
Предметный указатель
Container Managed Security pattern, security factors and risks Container Managed Security pattern, solution Container Managed Security pattern, strategies Container Managed Security pattern, structure Container-based security Container-based security, authentication Container-based security, authorization Container-based security, declarative Container-based security, JACC Container-based security, programmatic Container-based security, protection domains in Container-based security, sign-ons in Container-based security, TLS Content encryption in Web services patterns Content-specific policies context Context in J2EE Context in XACML 2nd Context Object related patterns Context Object related patterns, Authentication Enforcer Context Object related patterns, Authorization Enforcer Context Object related patterns, Secure Base Action Context, propagation of Continuity Continuity in case study Continuity in use cases Continuity, strategies Control transformations Converted Applet (CAP) files Cookies Cookies, HTTP session tracking Cookies, Liberty Alliance COPPA (Children's Online Privacy Protection Act) COPS (Common Open Policy Service) CORBA-based clients Core Web services standards Core Web services standards, SOAP Core Web services standards, UDDI Core Web services standards, WSDL Core Web services standards, XML Corporations, identity management in Correlation Correlation in fingerprint matching Correlation in Web services patterns countermeasures CRC (cyclic-redundancy check) algorithms 2nd Create method create method, AddUser create method, AuthenticationStatement Create, read, update, and delete (CRUD) form data createAssertionReply method createAssertionStatement method createAuthenticationStatement method 2nd createCondition method createMBean method createObjectName method createPasswordRequest method createRule method createServerSocket method createService createSocket method createSPMLRequest method 2nd createSSLEngine method createSSOConnection method createSSODConnection method createSSOToken method createSSOToken method, AssertionContextImpl createSSOToken method, SSODelegatorFactoryImpl createToken method Credential Collector Credential Tokenizer pattern 2nd Credential Tokenizer pattern, and Single Sign-on Delegator pattern Credential Tokenizer pattern, consequences Credential Tokenizer pattern, forces Credential Tokenizer pattern, participants and responsibilities Credential Tokenizer pattern, problem Credential Tokenizer pattern, reality check Credential Tokenizer pattern, related patterns Credential Tokenizer pattern, sample code Credential Tokenizer pattern, security factors and risks Credential Tokenizer pattern, solution Credential Tokenizer pattern, strategies Credential Tokenizer pattern, structure Credentials Credentials, delegation of Credentials, J2EE Credentials, Liberty Alliance CRLs (certificate revocation lists) 2nd Cross-domain federations Cross-domain SSO (CDSSO) Cross-domain SSO (CDSSO) in identity management Cross-domain SSO (CDSSO) in Liberty Alliance Cross-site scripting (XSS) Crossover Error Rate (CER) probability CRUD (create, read, update, and delete) form data Cryptographic Service Providers 2nd Cryptographic token interface standard Cryptography [See Encryption and cryptography] CSRs (Certificate Signing Requests) 2nd CUIDs (Card Unique Identifiers) Custom error handling Custom tag libraries for permissions Customer IT security requirements CVM (Compact Virtual Machine) Cyclic-redundancy check (CRC) algorithms 2nd DAP (Directory Access Protocol) Data Encryption Standard (DES) 2nd Data flow in XACML Data injection flaws Data Protection Directive Data Transfer HashMap pattern Data transformations Database communication DCE PAC Profile DDOS (distributed DOS) attacks 2nd Debuggers in white box testing Decentralized model in user account provisioning Declarative auditing Declarative authorization 2nd Declarative security Declarative security, Container Managed Security pattern 2nd Declarative security, EJBs Declarative security, J2EE 2nd Decompiling Java code Decoupling Decoupling in Audit Interceptor pattern Decoupling in Intercepting Web Agent pattern Decoupling, validations from presentation logic decryption [See Encryption and cryptography] Default settings in Identity management patterns Defensive strategies Delegates and delegations Delegates and delegations, administration Delegates and delegations, EJB tier Delegates and delegations, Policy Delegate pattern [See Policy Delegate pattern] Delegates and delegations, Web services Delete operation in SPML Deleted data detection DeleteRequest message Deleting keystores Demilitarized Zones (DMZs) 2nd denial of service (DoS) attacks Denial of Service (DOS) attacks in case study Denial of Service (DOS) attacks, Intercepting Web Agent pattern Denial of Service (DOS) attacks, SAML Denial of Service (DOS) attacks, Web services Denial of Service (DOS) attacks, Web tier patterns Denial of Service (DOS) attacks, XKMS Dependencies in WS-Policy Deployed component restrictions Deployment and deployment descriptors Deployment and deployment descriptors, in case study Deployment and deployment descriptors, J2EE 2nd 3rd 4th 5th 6th Deployment and deployment descriptors, patterns-driven security design Deployment and deployment descriptors, problems in Deployment and deployment descriptors, Web services patterns DES (Data Encryption Standard) 2nd DescriptorStore class Design Design in case study [See Case study] Design patterns Design, alchemy of [See Alchemy of security design] Design, policy Destinations in JMS DestinationSite class 2nd destroy method Detached signatures 2nd Detecting data deletion Developers in J2EE Development in case study devices Devices in case study Devices in security pattern factor analysis Differentiators Diffie-Hellman (DH) key agreement 2nd Digest authentication digest method 2nd Digester class Digests Digests, JCA Digests, XML signatures Digital certificates [See Certificates and certificate keys] Digital Signature Algorithm (DSA) Digital Signature Algorithm (DSA), Cryptographic Service Providers Digital Signature Algorithm (DSA), XML signatures Digital signatures [See Signatures] Direct access in Web tier patterns Directive, Data Protection Directories in LDAP Directory Access Protocol (DAP) Directory Services 2nd Directory Services Markup Language (DSML) Disassembling Java code Discovery Discovery in user account provisioning Discovery, service Distributed DOS (DDOS) attacks 2nd Distributed Management Task Force (DMTF) Distributed policy stores Distributed security DLLs (dynamically linked libraries) DMTF (Distributed Management Task Force) DMZs (demilitarized zones) 2nd doAs method doAsPrivileged method Document style web services doFinal method Domain models domains, protection domains, protection, J2EE domains, protection, Java 2 doPost method doPost method for new sessions doPost method, SingleProxyEndpoint DoS attacks [See Denial of Service (DOS) attacks] Drivers, JDBC DSA (Digital Signature Algorithm) DSA, Cryptographic Service Providers DSA, XML signatures DSIG profiles DSML (Directory Services Markup Language) dumpHeaderContents method Duplication in Secure Service Facade pattern Dynamic Service Framework Dynamic Service Management pattern 2nd 3rd Dynamic Service Management pattern, consequences Dynamic Service Management pattern, forces Dynamic Service Management pattern, participants and responsibilities 2nd Dynamic Service Management pattern, problem Dynamic Service Management pattern, reality check Dynamic Service Management pattern, related patterns Dynamic Service Management pattern, sample code Dynamic Service Management pattern, security factors and risks Dynamic Service Management pattern, solution Dynamic Service Management pattern, strategies Dynamic Service Management pattern, structure Dynamically linked libraries (DLLs) EBJContext interface EbXML registry ECP (Enhanced Client and Proxy) profile EEPROM in smart cards EER (Equal Error Rate) probability Effect Matrix EIS (Enterprise-information system) tier 2nd EIS, connector architecture in EIS, JDBC in EIS, JMS in EJB tier in J2EE EJB tier in J2EE, anonymous and unprotected resources EJB tier in J2EE, context propagation from web-tier to EJB tier in J2EE, declarative authorization EJB tier in J2EE, principal delegations EJB tier in J2EE, programmatic authorization EJB tier in J2EE, run-as identity Ejb-jar.xml deployment descriptor ejbCreate method ejbCreate method, AuditRequestMessageBean ejbCreate method, SecureSessionFacadeSessionBean ejbRemove method EJBs [See Enterprise Java Beans (EJBs)] Electronic Product Codes (EPCs) Element-level encryption Elgamal cipher Embedded SQL commands Enabling technologies for personal identification Enabling technologies for personal identification, BioAPI Enabling technologies for personal identification, GINA Enabling technologies for personal identification, Global Platform Enabling technologies for personal identification, JAAS Enabling technologies for personal identification, Java Card API Enabling technologies for personal identification, OpenCard Framework Enabling technologies for personal identification, OpenSC framework Enabling technologies for personal identification, PAM Enabling technologies for personal identification, PC/SC framework Encapsulation Encapsulation, Assertion Builder pattern Encapsulation, Credential Tokenizer pattern 2nd Encapsulation, Java Encapsulation, Secure Base Action pattern encrypt method EncryptDecryptionWithAES class EncryptDecryptWithBlowfish.java program Encryption and cryptography Encryption and cryptography in authentication Encryption and cryptography in case study Encryption and cryptography, asymmetric ciphers Encryption and cryptography, certificates in [See Certificates and certificate keys] Encryption and cryptography, challenges Encryption and cryptography, hardware-based Encryption and cryptography, HTTP-POST Encryption and cryptography, Java 2nd Encryption and cryptography, JCA Encryption and cryptography, JCE 2nd Encryption and cryptography, JCE, AES Encryption and cryptography, JCE, PBE Encryption and cryptography, JGSS Encryption and cryptography, Obfuscated Transfer Object pattern Encryption and cryptography, one-way hash function algorithms Encryption and cryptography, Secure Logger pattern Encryption and cryptography, Secure Pipe pattern
Реклама
|
|
О проекте