R | Core Security Patterns: Best Practices and Strategies for J2EE, Web Services, and Identity Management

Index

[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Y] [Z]

RA (risk analysis)
Radio Frequency Identification (RFID)
RAM
     for Secure Session Object pattern
     in smart cards
Random number generation
Rationale in security design
RBAC profiles
RC6 algorithm
Reactive security
Readers
     RFID
     smart card 2nd
Reality checks 2nd
     Business tier
     Client Device tier
     for administration
     for policies
     for quality of services
     in security pattern templates
         Assertion Builder
         Audit Interceptor
         Authentication Enforcer
         Authorization Enforcer
         Container Managed Security
         Credential Tokenizer
         Dynamic Service Management
         Intercepting Validator
         Intercepting Web Agent
         Message Inspector
         Message Interceptor Gateway
         Obfuscated Transfer Object
         Password Synchronizer
         Policy Delegate
         Secure Base Action
         Secure Logger
         Secure Message Router
         Secure Pipe
         Secure Service Facade
         Secure Service Proxy
         Secure Session Object
         Single Sign-on Delegator
     Integration tier
     Presentation tier
     Web tier
Realms
     for smart cards
     J2EE 2nd
     JAAS
Reconciliation in user account provisioning
Recovery 2nd
     in case study
     in use cases
     in XKMS
     key
     service
Redirection, web
Redundancy in Policy Delegate pattern
Refactoring security design
Reference templates for biometrics
registerObject method
Registration
     identity
     UDDI
Registries
     Dynamic Service Management pattern
     UDDI
     Web services
     XACML
RegistryMonitor class
Regulatory policies
Reissue service, key
REL (Rights Expression Language)
Related patterns in security pattern templates 2nd
     Assertion Builder
     Audit Interceptor
     Authentication Enforcer
     Authorization Enforcer
     Container Managed Security
     Credential Tokenizer
     Dynamic Service Management
     Intercepting Validator
     Intercepting Web Agent
     Message Inspector
     Message Interceptor Gateway
     Obfuscated Transfer Object
     Password Synchronizer
     Policy Delegate
     Secure Base Action
     Secure Logger
     Secure Message Router
     Secure Pipe
     Secure Service Facade
     Secure Service Proxy
     Secure Session Object
     Single Sign-on Delegator
Relationships in Liberty Alliance
Reliability
     Assertion Builder pattern
     Secure Message Router pattern
reloadMBeans method
Remote interface and services
     Secure Service Facade pattern
     Single Sign-on Delegator pattern
removeAssertionReply method
removeAssertionStatement method
removeCompRef method
removeSessionInfo method
removeSSOTokenMap method
Replay attacks
     Intercepting Web Agent pattern
     SAML
     Web services
     XKMS
Reporting practices
     Gramm-Leach-Bliley Act
     Sarbanes-Oxley Act
Reporting services in identity management
Repository
     for biometric information
     SAML
     XACML
Request messages
     Message Inspector pattern 2nd
     Secure Message Router pattern
Request-reply model
     SAML
         attribute assertion
         authentication assertions
     SPML
RequestContext class
     Authentication Enforcer pattern
     Authorization Enforcer pattern
     JAAS Login Module Strategy
Requesters for Web services
Requesting Authority
RequestMessage class
Requests, XACML
Required flag
Requirements
     in use cases
     Secure UP 2nd
     security basics
Requisite flag
Resource principals
Resource profiles
Resources tier
respond method
Response APDUs
Response Message
     Message Inspector pattern
     Message Interceptor Gateway pattern
Retinal analysis
Reusability
    in security patterns
         Authorization Enforcer
         Message Inspector
         Message Interceptor Gateway
         Secure Base Action
         Secure Message Router
     Java components
     password
Reverse engineering Java code
Revocation issues and services
     LDAP
     Single Sign-on Delegator pattern
     X-KRSS
Revoked smart cards
RFID (Radio Frequency Identification)
Rich-client authentication
Rights Expression Language (REL)
Rijndael algorithm
RIPEMD-160 encryption algorithms
Risk analysis (RA)
Risk Analyzer
Risks
     in case study 2nd
     in patterns-driven security design
    in security patterns
         Assertion Builder
         Audit Interceptor
         Authentication Enforcer
         Authorization Enforcer
         Container Managed Security
         Credential Tokenizer
         Dynamic Service Management
         Intercepting Validator
         Intercepting Web Agent
         Message Inspector
         Message Interceptor Gateway
         Obfuscated Transfer Object
         Password Synchronizer
         Policy Delegate
         Secure Base Action
         Secure Logger
         Secure Message Router
         Secure Pipe
         Secure Service Facade
         Secure Service Proxy
         Secure Session Object
         Single Sign-on Delegator
     in security provisioning patterns
     in trust model
     in use cases
     in Web services
RMI socket factories
     client
     server
RMI/IIOP-based clients
ROI study
Roles
     Business tier 2nd
     Container Managed Security pattern
     identity management
     J2EE 2nd
ROM in smart cards
Root certificates
Root nodes in attack trees
Rotate ciphers
Routers. [See Secure Message Router pattern]
RPC style web services
RSA BSAFE Secure-WS toolkit
RSA cipher
RSA-SHA1 algorithm
Rule Engine
Rule-based service integration and invocation
Rules
     EPAL
     in policy design
     XACML
run method
Run-as identity