Home Page Icon
Home Page
Table of Contents for
The Background
Close
The Background
by Pankaj Kumar
J2EE™ Security for Servlets, EJBs and Web Services: Applying Theory and Standards to Practice
Copyright
Praise for J2EE Security for Servlets, EJBs and Web Services
Hewlett-Packard® Professional Books
Preface
The Background
A Security Primer
The Security Problem
Computers, Networks and the Internet
Security Concepts
Security Attacks
System Vulnerabilities
Toward the Solution
Summary
Further Reading
A Quick Tour of the Java Platform
Packaging of Java Platform
Evolution of Java
Java Security Model
J2SE Platform
J2EE Platform
Summary
Further Reading
The Technology
Cryptography with Java
Example Programs and crypttool
Cryptographic Services and Providers
Cryptographic Keys
Encryption and Decryption
Message Digest
Message Authentication Code
Digital Signature
Key Agreement
Summary of Cryptographic Operations
Cryptography with crypttool
Limited versus Unlimited Cryptography
Performance of Cryptographic Operations
Practical Applications
Legal Issues with Cryptography
Summary
Further Reading
PKI with Java
Digital Certificates
Managing Certificates
Certification Authority
PKI Architectures
Java API for PKI
Applications of PKI
PKI Use-Cases
Summary
Further Reading
Access Control
A Quick Tour of Java Access Control Features
Access Control Requirements for the Java Platform
User Identification and Authentication
Policy-Based Authorization
Developing a Login Module
Applying JASS to a Sample Application
Performance Issues
Summary
Further Reading
Securing the Wire
Brief Overview of SSL
Java API for SSL
KeyManager and TrustManager APIs
Understanding SSL Protocol
HTTP over SSL
RMI Over SSL
Performance Issues
Trouble Shooting
Summary
Further Reading
Securing the Message
Message Security Standards
A Brief Note on Handling XML
XML Signature
Java API for XML Signature
XML Encryption
Java API for XML Encryption
XML Signature and Encryption Combinations
Summary
Further Reading
The Application
RMI Security
Sample Application Using RMI
Security from Downloaded Code
SSL for Transport Security
RMI and Access Control
Summary
Further Reading
Web Application Security
Java Web Applications
Apache Tomcat
A Simple Web Application: RMB
Security Requirements
User Authentication Schemes
Web Container Security Features
HTTPS with Apache Tomcat
Common Vulnerabilities
Summary
Further Reading
EJB Security
A Brief Overview of EJBs
Working with WebLogic Server 7.0
EJB Security Mechanisms
Declarative Security for EJBs
Declarative Security Example
EJB Security and J2SE Access Control
Summary
Further Reading
Web Service Security
Web Services Standards
Web Services in Java
Apache Axis
Servlet Security for Web Services
SSL Security for Web Services
WS Security
WS Security with Apache Axis
Summary
Further Reading
Conclusions
Technology Stack
Authentication and Authorization
Distributed Application Security
Comprehensive Security
Public Key Cryptography Standards
Standard Names—Java Cryptographic Services
JSTK Tools
crypttool
certtool
sslsetup
ssltool
asn1parse – Parser for DER or PEM encoded content
Example Programs
Products Used For Examples
Java 2 Platform, Standard Edition
Apache Tomcat
Apache Axis
BEA WebLogic Server
VeriSign's Trust Services Integration Kit (TSIK)
Infomosaic's Secure XML
Standardization Bodies
Internet Engineering Task Force (IETF)
The World Wide Web Consortium (W3C)
OASIS
JCP (Java Community Process)
References
Index
Search in book...
Toggle Font Controls
Playlists
Add To
Create new playlist
Name your new playlist
Playlist description (optional)
Cancel
Create playlist
Sign In
Email address
Password
Forgot Password?
Create account
Login
or
Continue with Facebook
Continue with Google
Sign Up
Full Name
Email address
Confirm Email Address
Password
Login
Create account
or
Continue with Facebook
Continue with Google
Prev
Previous Chapter
Preface
Next
Next Chapter
A Security Primer
Part 1: The Background
A Security Primer
A Quick Tour of the Java Platform
Add Highlight
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click
here
login for view all page.
Day Mode
Cloud Mode
Night Mode
Reset