Авторизация
Поиск по указателям
Steel Ch., Nagappan R., Lai R. — Core Security Patterns: Best Practices and Strategies for J2EE, Web Services, and Identity Management
Обсудите книгу на научном форуме Нашли опечатку?
Название: Core Security Patterns: Best Practices and Strategies for J2EE, Web Services, and Identity ManagementАвторы: Steel Ch., Nagappan R., Lai R.Аннотация: For Web architects, developers, and project managers, this manual on internet applications and services security demonstrates security design for J2EE enterprise applications, Web services, identity management, service provisioning, and personal identification solutions. It provides 23 patterns and 101 practices relating to Java 2 platform security, Java extensible security and API framework, smart cards and biometrics, and includes security compliances and case studies. The authors are Java security architects.
Язык: Рубрика: Технология /Статус предметного указателя: Готов указатель с номерами страниц ed2k: ed2k stats Год издания: 2005Количество страниц: 1088Добавлена в каталог: 19.08.2007Операции: Положить на полку |
Скопировать ссылку для форума | Скопировать ID
Предметный указатель
Login service in case study LoginContext class LoginContext class, JAAS authentication 2nd LoginContext class, JAAS Login Module strategy 2nd LoginModule class LoginModule class, Authentication Enforcer pattern LoginModule class, biometrics LoginModule class, implementing LoginModule class, providers for LoginModule class, smart cards LogManager class logout method logout method, LoginContext logout method, LoginModule Logout requests in SAML Loosely coupled architecture Loosely coupled architecture, Intercepting Web Agent pattern Loosely coupled architecture, Secure Service Proxy pattern Lost smart cards Low-level KVM security MAC (message authentication code) 2nd Mac class Magnus.conf file Maintainability in security patterns Maintainability in security patterns, Audit Interceptor Maintainability in security patterns, Intercepting Web Agent Maintainability in security patterns, Message Inspector Maintainability in security patterns, Message Interceptor Gateway Maintainability in security patterns, Secure Message Router Malicious code prevention [See Intercepting Validator pattern] Man-in-the-middle (MITM) attacks Man-in-the-middle (MITM) attacks in case study Man-in-the-middle (MITM) attacks in SAML Man-in-the-middle (MITM) attacks in Web services Manageability Manageability, J2EE network topology Manageability, Secure Base Action pattern Manageability, Secure Logger pattern manifest files Manipulation attacks Mapping Mapping in Container Managed Security pattern Mapping, SAML attributes Mapping, user account Masked list strategy Match-off-the-card strategy 2nd Match-on-the-card strategy 2nd 3rd Matrix, Effect MBean strategy MBeanFactory class MBeanFactory.java file MBeanManager.java file MBeanServer class MD5 cryptography MD5 cryptography, Cryptographic Service Providers MD5 cryptography, JCA message digests Media in security pattern factor analysis Memory memory cards Memory for Secure Session Object pattern Memory in smart cards Message authentication code (MAC) 2nd Message authentication encryption Message Configurators 2nd Message digests Message digests, encryption algorithms for Message digests, JCA Message injection attacks Message Inspector pattern 2nd Message Inspector pattern, consequences Message Inspector pattern, forces Message Inspector pattern, in case study 2nd 3rd 4th Message Inspector pattern, participants and responsibilities Message Inspector pattern, problem Message Inspector pattern, reality checks Message Inspector pattern, related patterns Message Inspector pattern, related patterns, Intercepting Validator Message Inspector pattern, related patterns, Message Interceptor Gateway Message Inspector pattern, related patterns, Secure Message Router Message Inspector pattern, security factors and risks Message Inspector pattern, solution Message Inspector pattern, strategies Message Inspector pattern, structure Message Interceptor Gateway pattern 2nd Message Interceptor Gateway pattern in case study 2nd 3rd Message Interceptor Gateway pattern, consequences Message Interceptor Gateway pattern, forces Message Interceptor Gateway pattern, participants and responsibilities Message Interceptor Gateway pattern, problem Message Interceptor Gateway pattern, reality check Message Interceptor Gateway pattern, related patterns Message Interceptor Gateway pattern, related patterns, Audit Interceptor Message Interceptor Gateway pattern, related patterns, Intercepting Web Agent Message Interceptor Gateway pattern, related patterns, Message Inspector 2nd Message Interceptor Gateway pattern, related patterns, Secure Message Router Message Interceptor Gateway pattern, security factors and risks Message Interceptor Gateway pattern, solution Message Interceptor Gateway pattern, strategies Message Interceptor Gateway pattern, structure Message replay Message replay, SAML Message replay, security provisioning patterns Message Routers Message-handler chain strategy MessageDigest class MessageDigest class, JCA MessageDigest class, Secure Logger pattern Messages and message-level security Messages and message-level security in case study 2nd Messages and message-level security in use cases Messages and message-level security, encryption Messages and message-level security, PasswordSyncListener Messages and message-level security, SAML Messages and message-level security, SAML for password authentication Messages and message-level security, SAML, protocols for Messages and message-level security, translation Messages and message-level security, validation abuses Messages and message-level security, Web services 2nd 3rd Meta-data and schemas 2nd Methodology choices in use cases Methods, Java Microprocessor cards MIDlets MIDlets, components of MIDlets, signed MIDlets, trusted MIDP (Mobile Information Device Profile) Migration Migration in Message Interceptor Gateway pattern Migration, SAML 1.1 to SAML 2.0 Mimic scanner attacks Minimization and hardening in Web services patterns Minutiae-based fingerprint matching MITM (man-in-the-middle) attacks MITM (man-in-the-middle) attacks in case study MITM (man-in-the-middle) attacks in SAML MITM (man-in-the-middle) attacks in Web services Mobile Information Device Profile (MIDP) Model MBean strategy Model-View-Controller (MVC) architecture Model-View-Controller (MVC) architecture, Authentication Enforcer pattern Model-View-Controller (MVC) architecture, Intercepting Validator pattern Model-View-Controller (MVC) architecture, Secure Base Action pattern Models Models, biometrics Models, conceptual Models, data Models, domain Models, JWS security Models, smart cards Models, threat Models, trust 2nd 3rd Models, user account provisioning 2nd Models, Web services Modification attacks Modification attacks, SAML Modification attacks, Secure Logger pattern 2nd Modify operations in SPML ModifyResponse message Modularity Modularity, Message Inspector pattern Modularity, Message Interceptor Gateway pattern Modularity, Secure Message Router pattern Monitoring Monitoring in case study Monitoring, biometrics Monitoring, Business tier patterns Monitoring, Secure UP 2nd Monitoring, Security Services Monitoring, user account provisioning Monitoring, Web services patterns Monitoring, Web tier patterns Multi service controller Multi-factor and multi-tiered authentication Multi-factor and multi-tiered authentication, Liberty Alliance sessions Multi-factor and multi-tiered authentication, using smart cards and biometrics Multiple circles of trust Multiple login attempts Multiple resource profiles Multiple sign-ons 2nd Multithreading strategy Mutual authentication Mutual authentication, J2EE Mutual authentication, JSSE Mutual authentication, Web tier patterns MVC (Model-View-Controller) architecture MVC (Model-View-Controller) architecture, Authentication Enforcer pattern MVC (Model-View-Controller) architecture, Intercepting Validator pattern MVC (Model-View-Controller) architecture, Secure Base Action pattern MyJAASAux.policy file MyPrivilegedAction.java file MySSLClient.java program MySSLServer.java program MyTestAction.java program MyTestLoginModule class Name Identifier Management Profile Name-value (NV) pairs Names [See Identity management] Namespaces in WS-Security Naming service restrictions Native code, Java Negotiations in WS-Policy Network appliance strategy Network identity Network perimeter security Network perimeter security in case study 2nd Network perimeter security, Web Services 2nd Network policies Network responsiveness network services Network topology in J2EE Network topology in J2EE, horizontal scalability Network topology in J2EE, vertical scalability Network-Layer security Nodes, attack tree Non-blocking I/O Non-HTTP packets in Web tier patterns non-repudiation 2nd Notice of security breach requirements Notification messages NV (name-value) pairs OASIS standards OASIS standards in identity management OASIS standards, OASIS Web services [See WS-Security] OASIS standards, XCBF Obfuscated Transfer Object pattern Obfuscated Transfer Object pattern in case study 2nd 3rd 4th Obfuscated Transfer Object pattern, consequences Obfuscated Transfer Object pattern, forces Obfuscated Transfer Object pattern, participants and responsibilities Obfuscated Transfer Object pattern, problem Obfuscated Transfer Object pattern, reality check Obfuscated Transfer Object pattern, related patterns Obfuscated Transfer Object pattern, sample code Obfuscated Transfer Object pattern, security factors and risks Obfuscated Transfer Object pattern, solution Obfuscated Transfer Object pattern, strategies Obfuscated Transfer Object pattern, structure Obfuscation Obfuscation in case study 2nd Obfuscation, Business tier patterns Obfuscation, Java code Obfuscation, Web tier patterns Obj.conf file Object Name Service (ONS) Objects in case study OCF (OpenCard Framework) OCSP (Online Certificate Status Protocol) 2nd 3rd ODRL (Open Digital Rights Language) One-to-many/one-to-one Policy Delegate One-way hash function algorithms Oneshot MIDlets onFault method Online Certificate Status Protocol (OCSP) 2nd 3rd Online portals 2nd onMessage method onMessage method, AuditRequestMessageBean onMessage method, PasswordSyncLedger onMessage method, PasswordSyncListener ONS (Object Name Service) Open Content model Open Digital Rights Language (ODRL) OpenCard Framework (OCF) OpenSC framework Operating systems 2nd Operational models Operational models, biometrics Operational models, smart cards Operational models, Web services Operational practices Operations Operations, Secure UP Operations, SPML Optical scanners Optimization Optional flag Orders in case study Orders in case study, fulfillment 2nd Orders in case study, management Orders in case study, placement Origin host verification OS (operating systems) 2nd Output sanitation Over-The-Air (OTA) provisioning techniques Overflow, buffer Padding in JCE block ciphers paint method PAM (Pluggable Authentication Module) 2nd PAM (Pluggable Authentication Module) for biometrics PAM (Pluggable Authentication Module) for smart cards PAPs (Policy Administration Points) 2nd ParamValidator class Parlay Group 2nd Partial content of XML documents, accessing Participants and responsibilities in security patterns Participants and responsibilities in security patterns, Assertion Builder Participants and responsibilities in security patterns, Audit Interceptor Participants and responsibilities in security patterns, Authentication Enforcer Participants and responsibilities in security patterns, Authorization Enforcer Participants and responsibilities in security patterns, Container Managed Security
Реклама
|
|
О проекте