Praise for Core Security Patterns Java provides the application developer with essential security mechanisms and support in avoiding critical security bugs common in other languages. A language, however, can only go so far. The developer must understand the security requirements of the application and how to use the features Java provides in order to meet those requirements. Core Security Patterns addresses both aspects of security and will be a guide to developers everywhere in creating more secure applications. --Whitfield Diffie, inventor of Public-Key Cryptography A comprehensive book on Security Patterns, which are critical for secure programming. --Li Gong, former Chief Java Security Architect, Sun Microsystems, and coauthor of Inside Java 2 Platform Security As developers of existing applications, or future innovators that will drive the next generation of highly distributed applications, the patterns and best practices outlined in this book will be an important asset to your development efforts. --Joe Uniejewski, Chief Technology Officer and Senior Vice President, RSA Security, Inc.This book makes an important case for taking a proactive approach to security rather than relying on the reactive security approach common in the software industry. --Judy Lin, Executive Vice President, VeriSign, Inc. Core Security Patterns provides a comprehensive patterns-driven approach and methodology for effectively incorporating security into your applications. I recommend that every application developer keep a copy of this indispensable security reference by their side. --Bill Hamilton, author of ADO.NET Cookbook, ADO.NET in a Nutshell, and NUnit Pocket Reference As a trusted advisor, this book will serve as a Java developers security handbook, providing applied patterns and design strategies for securing Java applications. --Shaheen Nasirudheen, CISSP,Senior Technology Officer, JPMorgan Chase Like Core J2EE Patterns, this book delivers a proactive and patterns-driven approach for designing end-to-end security in your applications. Leveraging the authors strong security experience, they created a must-have book for any designer/developer looking to create secure applications.- -John Crupi, Distinguished Engineer, Sun Microsystems, coauthor of Core J2EE Patterns Core Security Patterns is the hands-on practitioners guide to building robust end-to-end security into J2EE enterprise applications, Web services, identity management, service provisioning, and personal identification solutions. Written by three leading Java security architects, the patterns-driven approach fully reflects todays best practices for security in large-scale, industrial-strength applications. The authors explain the fundamentals of Java application security from the ground up, then introduce a powerful, structured security methodology; a vendor-independent security framework; a detailed assessment checklist; and twenty-three proven security architectural patterns. They walk through several realistic scenarios, covering architecture and implementation and presenting detailed sample code.They demonstrate how to apply cryptographic techniques; obfuscate code; establish secure communication; secure J2ME applications; authenticate and authorize users; and fortify Web services, enabling single sign-on, effective identity management, and personal identification using Smart Cards and Biometrics. Core Security Patterns covers all of the following, and more: What works and what doesnt: J2EE application-security best practices, and common pitfalls to avoidImplementing key Java platform security features in real-world applicationsEstablishing Web Services security using XML Signature, XML Encryption, WS-Security, XKMS, and WS-I Basic security profileDesigning identity management and service provisioning systems using SAML, Liberty, XACML, and SPMLDesigning secure personal identification solutions using Smart Cards and BiometricsSecurity design methodology, patterns, best practices, reality checks, defensive strategies, and evaluation checklists*End-to-end security architecture case study: architecting, designing, and implementing an end-to-end security solution for large-scale applications
Core Security Patterns: Best Practices and Strategies for J2EE(TM), Web Services, and Identity Management (Sun Core Seri
- Authors
- Christopher Steel, Ramesh Nagappan, Ray Lai
- ISBN
- 0131463071
- Published
- 24 Oct 2005
- Purchase online
- amazon.com
Praise for Core Security Patterns Java provides the application developer with essential security mechanisms and support in avoiding critical security bugs common in other languages. A language, however, can only go so far. The developer must understand the security requirements of the application and how to use the features Java provides in order to meet those requirements.
- Editorial Reviews
- Customer Reviews
Editorial Reviews
You might also like...
Web Services books
-
Spring Roo 1.1 Cookbook
Over 60 recipes to help you speed up the development of your Java web applications using the Spring Roo development tool *Learn what goes on behind the scenes when using Spring Roo and how to migrate your existing Spring applications to use Spring R...
Web Services jobs
-
Build simple tools to solve complex problems at Red Gate
Red Gate Software in Cambridge, UK, United Kingdom
£35,000-55,000 GBP per year -
Java Developer - (Central London & Client Sites)
Fruitful Business Services in London (EC1V), United Kingdom
£27-45k (DOE) -
Content Developer - (Games Studio) - Cambridge
Jagex in Cambridge (CB1), United Kingdom
£Very Competitive +Excellent Benefits -
Senior C++ Developer/ Full-time Atlanta, GA for leader in Software Supply Chain Solutions
Manhattan Associates in Atlanta, United States
Competitive Salary + Bonus as well as Full Benefits (Medical, Dental, strong 401K, etc.)
Web Services podcasts
-
Java Posse: "Dickless"
Published 7 years ago, running time 0h0m
“Dickless”Fully formatted shownotes can always be found at http://javaposse.com *Interfaces, classes, and API design Blog: http://graphics-geek.blogspot.com/2013/03/for-api-nerds-interfaces-and-inner.html Default Methods: http://www.techempower.com/blog/2013/03/26/everythin.
Comments