References

Previous page
Table of content
Next page

[1798] California Office of Privacy Protection. "Notice of Security BreachCivil Code Sections 1798-29, 1798-82 and 1798-84." http://www.privacy.ca.gov/code/cc1798.291798.82.htm

[ACLFailure] Open Web Application Security Project. "A2. Broken Access Control." http://www.owasp.org/documentation/topten/a2.html

[AMNews] Security Breach: Hacker Gets Medical Records http://www.ama-assn.org/amednews/2001/01/29/tesa0129.htm

[BrokenAuth] The Open Web Application Security Project. "A3. Broken Authentication and Session Management." http://www.owasp.org/documentation/topten/a3.html

[CanadaPrivacy] Department of Justice, Canada. "Privacy ActChapter P-21." http://laws.justice.gc.ca/en/P-21/94799.html

[Caslon] Caslon Analytics. Caslon Analytics Privacy Guide. http://www.caslon.com.au/privacyguide6.htm

[CBEFF] Common Biometric Exchange File Format. http://www.itl.nist.gov/div895/isis/bc/cbeff/.

[CNET] Matt Hines. "Gartner: Phishing on the Rise." http://news.com.com/2100-7349_3-5234155.html

[ComputerWeek134554] "IBM Offers Companies Monthly Security Report." http://www.computerweekly.com/Article134554.htm

[COPPA] Children Online Privacy Protection Act. http://www.ftc.gov/os/1999/10/64fr59888.htm

[CSI2003] Robert Richardson. 2003 CSI / FBI Computer Crime and Security Survey. Computer Security Institute, 2003. http://www.gocsi.cpactourom/forms/fbi/pdf.jhtml

[CSI2004] Lawrence A. Gordon, Martin P. Loeb, William Lucyshyn, and Robert Richardson. "2004 CSI / FBI Computer Crime and Security Survey." Computer Security Institute, 2004. http://www.gocsi.com

[CSO Online] Richard Mogul. "Danger WithinProtecting Your Company from Internal Security Attacks (Gartner Report)." http://www.csoonline.com/analyst/report400.html

[DataMon2003] Datamonitor. "Financial Sector Opts for J2EE." The Register, June 4, 2003. http://theregister.com/content/53/31021.html

[DOS] The Open Web Application Security Project. "A9. Denial of Service." http://www.owasp.org/documentation/topten/a9.html

[EU95] European Parliament. Data Protection Directive 95/46/EC. October 24, 1995. http://europa.eu.int/comm/internal_market/privacy/index_en.htm

[ExpressComputer] Identity Management Market at Crossroads. April 19, 2004. http://www.expresscomputeronline.com/20040419/securespace01.shtml

[FTC] Gramm-Leach-Bliley Act. Federal Trade Commission. http://www.ftc.gov/privacy/glbact/glbsub1.htm

[FTC findings] FTC Releases Survey of Identity Theft. http://www.ftc.gov/opa/2003/09/idtheft.htm

[Gartner Reports] Security reports from Gartner at: http://www.gartner.com/security

[GrammLeach1] Federal Trade Commission. "Gramm-Leach-Bliley Act." 1999. http://www.ftc.gov/privacy/glbact/glbsub1.htm

[GrammLeach2] US Senate Committee on Banking, Housing, and Urban Affairs. "Information Regarding the Gramm-Leach-Bliley Act of 1999." http://banking.senate.gov/conf/

[Hewitt] Tim Hilgenberg and John A. Hansen. "Building a Highly Robust, Secure Web Services Conference Architecture to Process 4 Million Transactions per Day." IBM developerWorks Live! 2002.

[HIPPA] Achieving HIPPA Compliance with Identity Management from Sun. http://www.sun.com/software/products/identity/wp_HIPPA_identity_mgmt.pdf

[ImproperDataHandling] The Open Web Application Security Project. "A7. Improper Data Handling." http://www.owasp.org/documentation/topten/a7.html

[InputValidation] Security Tracker. "Lotus Notes/Domino Square Bracket Encoding failure Lets Remote Users Conduct Cross-site Scripting Attacks." http://securitytracker.com/alerts/2004/Oct/1011779.html

[InjectionFlaw] Secunia. "Multiple Browsers Window Injection Vulnerability Test." http://secunia.com/multiple_browsers_window_injection_vulnerability_test/

[InsecureConfig] The Open Web Application Security Project. "A10. Insecure Configuration Management." http://www.owasp.org/documentation/topten/a10.html

[KMPG] KMPG. "Comparison of U.S. and Canadian Regulatory Changes." http://www.kpmg.ca/en/services/audit/documents/USCDNRegulatory.pdf

[Krawczyk] Pawel Krawczyk. "Practical Demonstration of the MSIE6 Certificate Path Vulnerability." IPSec.pl http://www.ipsec.pl/msiemitm/msiemitm.en.php

[Lai] Ray Lai. J2EE™ Platform Web Services. Prentice Hall, 2003.

[LiGong] Li Gong. "Java Security Architecture." in "Java™ 2 SDK, Standard Edition Documentation Version 1.4.2." Sun Microsystems, 2003. http://java.sun.com/j2se/1.4.2/docs/guide/security/spec/security-spec.doc1.html and http://java.sun.com/j2se/1.4.2/docs/guide/security/spec/security-spec.doc2.html.

[McLeanBrown] Greg McLean and Jason Brown. "Determining the ROI in IT Security." April 2003. http://www.cica.ca/index.cfm/ci_id/14138/la_id/1.htm

[Online-Kasino] Online Kasinos Info. http://www.onlinekasinos.info/

[PasswordExploit] Esther Shein, editor. "Worm Targets Network Shares with Weak Passwords." eSecurityPlanet.com. http://www.esecurityplanet.com/alerts/article.php/3298791

[PHP3_errorLog] Security Advisory. "FreeBSD: 'PHP' Ports Vulnerability." LinuxSecurity.com. November 20, 2000. http://www.linuxsecurity.com/content/view/102698/103/

[PICC] IDC. "People's Insurance Company of China: eBusiness Portal Attracts New Customers and Reduces Costs." IDC eBusiness Case Study. http://www.sun.com/service/about/success/recent/PICC_English_IDC.pdf

[SDTimes057] Alan Zeichick. ".NET Advancing Quickly on J2EE, but Research Shows Java Maintains Strong Position." SD Times. July 1, 2002. http://www.sdtimes.com/news/057/story7.htm

[SessionHijack] Kevin Lam, David LeBlanc, and Ben Smith. "Theft on the Web: Prevent Session Hijacking." Microsoft TechNet Magazine. Winter 2005. http://www.microsoft.com/technet/technetmag/issues/2005/01/sessionhijacking/default.aspx

[SOX1] U.S. Congress. Sarbanes-Oxley Act. H.R. 3763. July 30, 2002. http://www.law.uc.edu/CCL/SOact/soact.pdf

[SOX2] "The Role of Identity Management in Sarbanes-Oxley Compliance." http://www.sun.com/software/products/identity/wp_identity_mgmt_sarbanes_oxley.pdf

[SQLInjection] Shawna McAlearney. "Automated SQL Injection: What Your Enterprise Needs to Know." SearchSecurity.com. July 26, 2004. http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci995325,00.html

[XCBF] OASIS XCBF Technical Committee Web Site. http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=xcbf

[XSiteScript] The Open Web Application Security Project. "A4. Cross-Site (XSS) Flaws." http://www.owasp.org/documentation/topten/a4.html



Previous page
Table of content
Next page
Core Security Patterns. Best Practices and Strategies for J2EE, Web Services, and Identity Management
Core Security Patterns: Best Practices and Strategies for J2EE, Web Services, and Identity Management
ISBN: 0131463071
EAN: 2147483647
Year: 2005
Pages: 204
Authors: Christopher Steel, Ramesh Nagappan, Ray Lai
BUY ON AMAZON
VBScript Programmers Reference
Developing Tablet PC Applications (Charles River Media Programming)
Twisted Network Programming Essentials
PMP Practice Questions Exam Cram 2
Sap Bw: a Step By Step Guide for Bw 2.0
Understanding Digital Signal Processing (2nd Edition)
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy