Enterprise Javaв„ў Security: Building Secure J2EEв„ў Applications
Enterprise Javaв„ў Security: Building Secure J2EEв„ў Applications
ISBN: 0321118898
EAN: 2147483647
EAN: 2147483647
Year: 2004
Pages: 164
Pages: 164
- Enterprise Java Security: Building Secure J2EE Applications
- Table of Contents
- Copyright
- Foreword
- Preface
- About the Authors
- Part I: Enterprise Security and Java
- Chapter 1. An Overview of Java Technology and Security
- 1.1 Why Java Technology for Enterprise Applications?
- 1.2 Enterprise Java Technology
- 1.3 Java Technology as Part of Security
- 1.4 An Overview of Enterprise Security Integration
- 1.5 Time to Market
- Chapter 2. Enterprise Network Security and Java Technology
- 2.1 Networked Architectures
- 2.2 Network Security
- 2.3 Server-Side Java Technology
- 2.4 Java and Firewalls
- 2.5 Summary
- Part II: Enterprise Java Components Security
- Chapter 3. Enterprise Java Security Fundamentals
- 3.1 Enterprise Systems
- 3.2 J2EE Applications
- 3.3 Secure Interoperability between ORBs
- 3.4 Connectors
- 3.5 JMS
- 3.6 Simple E-Business Request Flow
- 3.7 J2EE Platform Roles
- 3.8 J2EE Security Roles
- 3.9 Declarative Security Policies
- 3.10 Programmatic Security
- 3.11 Secure Communication within a WAS Environment
- 3.12 Secure E-Business Request Flow
- Chapter 4. Servlet and JSP Security
- 4.1 Introduction
- 4.2 Advantages of Servlets
- 4.3 Servlet Life Cycle
- 4.4 The Deployment Descriptor of a Web Module
- 4.5 Authentication
- 4.6 Authorization
- 4.7 Principal Delegation
- 4.8 Programmatic Security
- 4.9 Runtime Restrictions for Web Components
- 4.10 Usage Patterns
- 4.11 Partitioning Web Applications
- Chapter 5. EJB Security
- 5.1 Introduction
- 5.2 EJB Roles and Security
- 5.3 Authentication
- 5.4 Authorization
- 5.5 Delegation
- 5.6 Security Considerations
- Chapter 6. Enterprise Java Security Deployment Scenarios
- 6.1 Planning a Secure-Component System
- 6.2 Deployment Topologies
- 6.3 Secure Communication Channel
- 6.4 Security Considerations
- Part III: The Foundations of Java 2 Security
- Chapter 7. J2SE Security Fundamentals
- 7.1 Access to Classes, Interfaces, Fields, and Methods
- 7.2 Class Loaders
- 7.3 The Class File Verifier
- 7.4 The Security Manager
- 7.5 Interdependence of the Three Java Security Legs
- 7.6 Summary
- Chapter 8. The Java 2 Permission Model
- 8.1 Overview of the Java 2 Access-Control Model
- 8.2 Java Permissions
- 8.3 Java Security Policy
- 8.4 The Concept of CodeSource
- 8.5 ProtectionDomains
- 8.6 The Basic Java 2 Access-Control Model
- 8.7 Privileged Java 2 Code
- 8.8 ProtectionDomain Inheritance
- 8.9 Performance Issues in the Java 2 Access-Control Model
- 8.10 Summary
- Chapter 9. Authentication and Authorization with JAAS
- 9.1 Overview of JAAS and JAAS Terminology
- 9.2 Authentication
- 9.3 Authorization Overview
- 9.4 JAAS and J2EE
- 9.5 Additional Support for Pluggable Authentication
- Part IV: Enterprise Java and Cryptography
- Chapter 10. The Theory of Cryptography
- 10.1 The Purpose of Cryptography
- 10.2 Secret-Key Cryptography
- 10.3 Public-Key Cryptography
- Chapter 11. The Java 2 Platform and Cryptography
- 11.1 The JCA and JCE Frameworks
- 11.2 The JCA API
- 11.3 The JCE API
- 11.4 JCE in Practice
- 11.5 Security Considerations
- Chapter 12. PKCS and SMIME in J2EE
- 12.1 PKCS Overview
- 12.2 SMIME Overview
- 12.3 Signing and Verifying Transactions with PKCS and SMIME
- 12.4 Encrypting Transactions with PKCS and SMIME
- 12.5 Security Considerations
- 12.6 Future Directions
- Chapter 13. The SSL and TLS Protocols in a J2EE Environment
- 13.1 The SSL and TLS Protocols
- 13.2 HTTPS
- 13.3 Using the SSL Support Built into J2EE Products
- 13.4 Using SSL from within J2EE Programs
- 13.5 Examples
- 13.6 Summary
- Part V: Advanced Topics
- Chapter 14. Enterprise Security for Web Services
- 14.1 XML
- 14.2 SOAP
- 14.3 WSDL
- 14.4 Security for Web Services: Motivations
- 14.5 Security Technologies
- 14.6 Web Services Security Model Principles
- 14.7 Application Patterns
- 14.8 Use Scenario
- 14.9 Web Services Provider Security
- 14.10 Security Considerations
- 14.11 Futures
- Chapter 15. Security Considerations for Container Providers
- 15.1 Understanding the Environment
- 15.2 Authentication
- 15.3 Authorization
- 15.4 Secure Communication
- 15.5 Secure Association
- 15.6 Access to System Resources
- 15.7 Mapping Identities at Connector Boundaries
- Chapter 16. Epilogue
- Part VI: Appendixes
- Appendix A. Security of Distributed Object Architectures
- A.1 RMI
- A.2 Stubs and Skeletons
- A.3 RMI Registry
- A.4 The Security of RMI
- Appendix B. X.509 Digital Certificates
- B.1 X.509 Certificate Versions
- Appendix C. Technical Acronyms Used in This Book
- A
- B
- C
- D
- E
- F
- G
- H
- I
- J
- K
- L
- M
- N
- O
- P
- Q
- R
- S
- T
- U
- V
- W
- X
- Appendix D. Sources Used in This Book
Enterprise Javaв„ў Security: Building Secure J2EEв„ў Applications
ISBN: 0321118898
EAN: 2147483647
EAN: 2147483647
Year: 2004
Pages: 164
Pages: 164