Index[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Y] [Z] I/O, non-blocking ID-FF (Identity Federated Framework) version 1.2 ID-SIS (Identity Service Interface Specification) version ID-WSF (Identity Web Services Framework) version IDEA symmetric cipher Identification processes Identity Federated Framework (ID-FF) version 1.2 Identity federation 2nd 3rd cross-domain Liberty Alliance SAML Identity management 2nd 3rd 4th access control. [See Access control] access management services auditing 2nd 3rd core issues data synchronization services directory services importance in case study 2nd in use cases justifying Liberty Alliance Project. [See Liberty Alliance Project] network identity personal identification. [See Personal identification] point-to-point interfaces for policies provisioning services references 2nd reporting services SAML. [See SAML (Security Assertion Markup Language)] security patterns for 2nd 3rd Assertion Builder best practices Credential Tokenizer factor analysis Password Synchronizer pitfalls references Single Sign-on Delegator Web services service provisioning relationship services for single sign-on. [See Single sign-on (SSO) mechanisms] summary 2nd XACML. [See XACML (Extensible Access Control Markup Language)] Identity Provider Agent strategy Identity Provider Discovery Profile Identity providers in case study Liberty Alliance Liberty specifications Message Inspector pattern Message Interceptor Gateway pattern Secure Message Router pattern Single Sign-on Delegator pattern 2nd user account provisioning Web services Identity Service Interface Specification (ID-SIS) version Identity termination strategy Identity theft and spoofing Assertion Builder pattern Web services Identity Web Services Framework (ID-WSF) version IDSs (Intrusion Detection Systems) IETF Policy Management Working Group IMAP (Internet Message Access protocol) Impact risk factor Implementation Assertion Builder pattern AssertionContextImpl class biometrics JAAS authorization LoginModule class Policy Delegate pattern Secure UP 2nd smart cards SPML UserNameTokem class implies method Importing certificates 2nd Inclusive canonicalization encryption Information aggregators Informative policies Infrastructure Application Security Provider in case study 2nd 3rd in security patterns Business tier factor analysis Intercepting Web Agent Password Synchronizer Secure Pipe Web services 2nd Web tier J2EE policies Security Services init method AuditClient Cipher HTTPProxy MBeanFactory MBeanManager PasswordSyncLedger PasswordSyncListener Policy Delegate pattern SimpleSOAPServiceSecurePolicy TakeAction WriteFileApplet initConfig method ServiceConfig SSODelegatorFactoryImpl initialize method KeyPairGenerator LoginModule initSign method initVerify method Injection flaws Input validation failures Insider attacks Integration and Integration tier in case study in identity management in patterns-driven design in security patterns Assertion Builder Intercepting Web Agent 2nd Password Synchronizer Secure Service Facade Secure Service Proxy J2EE reality checks rule-based user account provisioning Integrity as security goal in Security Wheel Secure Pipe pattern 2nd Web services Intellectual property Intercepting Filter pattern and Audit Interceptor pattern and Authentication Enforcer pattern and Intercepting Validator pattern Intercepting Validator pattern and Secure Base Action pattern 2nd consequences forces in case study 2nd 3rd 4th 5th participants and responsibilities 2nd problem reality check related patterns security factors and risks solution strategies structure Intercepting Web Agent pattern consequences forces in case study participants and responsibilities problem reality check related patterns Container Managed Security Secure Service Proxy sample code security factors and risks solution strategies structure Intercepting Web Agent strategy Interceptor strategy Interfaces CertPath JAAS JCA JCE JSSE Password Synchronizer pattern PKCS#11 and PKCS#15 standards Policy Delegate pattern Secure Service Facade pattern Intermediary infrastructure Internet Message Access protocol (IMAP) Internet Scanner testing tool Interoperability Liberty Phase 1 Secure Message Router pattern Secure Pipe pattern security provisioning patterns user account provisioning Web services Intrusion Detection Systems (IDSs) Invalid data. [See Intercepting Validator pattern] Invalidating HTTP sessions Invocation, rule-based invoke method IP address capture IP filtering Iris verification isAuthorized method isCallerInRole method EJBContext J2EE authorization Issuing authority in SAML isUserInRole method 2nd 3rd isValidStatement method Iterative development in Secure UP ITS4 testing tool |