Core Security Patterns: Best Practices and Strategies for J2EE, Web Services, and Identity Management (Sun Core Series)

4 avg rating
( 1 ratings by Goodreads )
 
9780133119763: Core Security Patterns: Best Practices and Strategies for J2EE, Web Services, and Identity Management (Sun Core Series)

Praise for Core Security Patterns

Java provides the application developer with essential security mechanisms and support in avoiding critical security bugs common in other languages. A language, however, can only go so far. The developer must understand the security requirements of the application and how to use the features Java provides in order to meet those requirements. Core Security Patterns addresses both aspects of security and will be a guide to developers everywhere in creating more secure applications.

--Whitfield Diffie, inventor of Public-Key Cryptography

A comprehensive book on Security Patterns, which are critical for secure programming.

--Li Gong, former Chief Java Security Architect, Sun Microsystems, and coauthor of Inside Java 2 Platform Security

As developers of existing applications, or future innovators that will drive the next generation of highly distributed applications, the patterns and best practices outlined in this book will be an important asset to your development efforts.

--Joe Uniejewski, Chief Technology Officer and Senior Vice President, RSA Security, Inc.

This book makes an important case for taking a proactive approach to security rather than relying on the reactive security approach common in the software industry.

--Judy Lin, Executive Vice President, VeriSign, Inc.

Core Security Patterns provides a comprehensive patterns-driven approach and methodology for effectively incorporating security into your applications. I recommend that every application developer keep a copy of this indispensable security reference by their side.

--Bill Hamilton, author of ADO.NET Cookbook, ADO.NET in a Nutshell, and NUnit Pocket Reference

As a trusted advisor, this book will serve as a Java developer s security handbook, providing applied patterns and design strategies for securing Java applications.

--Shaheen Nasirudheen, CISSP,Senior Technology Officer, JPMorgan Chase

Like Core J2EE Patterns, this book delivers a proactive and patterns-driven approach for designing end-to-end security in your applications. Leveraging the authors strong security experience, they created a must-have book for any designer/developer looking to create secure applications.

--John Crupi, Distinguished Engineer, Sun Microsystems, coauthor of Core J2EE Patterns

Core Security Patterns is the hands-on practitioner s guide to building robust end-to-end security into J2EE™ enterprise applications, Web services, identity management, service provisioning, and personal identification solutions. Written by three leading Java security architects, the patterns-driven approach fully reflects today s best practices for security in large-scale, industrial-strength applications.

The authors explain the fundamentals of Java application security from the ground up, then introduce a powerful, structured security methodology; a vendor-independent security framework; a detailed assessment checklist; and twenty-three proven security architectural patterns. They walk through several realistic scenarios, covering architecture and implementation and presenting detailed sample code. They demonstrate how to apply cryptographic techniques; obfuscate code; establish secure communication; secure J2ME™ applications; authenticate and authorize users; and fortify Web services, enabling single sign-on, effective identity management, and personal identification using Smart Cards and Biometrics.

Core Security Patterns covers all of the following, and more:

  • What works and what doesn t: J2EE application-security best practices, and common pitfalls to avoid
  • Implementing key Java platform security features in real-world applications
  • Establishing Web Services security using XML Signature, XML Encryption, WS-Security, XKMS, and WS-I Basic security profile
  • Designing identity management and service provisioning systems using SAML, Liberty, XACML, and SPML
  • Designing secure personal identification solutions using Smart Cards and Biometrics
  • Security design methodology, patterns, best practices, reality checks, defensive strategies, and evaluation checklists
  • End-to-end security architecture case study: architecting, designing, and implementing an end-to-end security solution for large-scale applications


"synopsis" may belong to another edition of this title.

About the Author:

Christopher Steel, CISSP, ISSAP, is the President and CEO of FortMoon Consulting and was recently the Chief Architect on the U.S. Treasury's Pay.gov project. He has over fifteen years experience in distributed enterprise computing with a strong focus on application security, patterns, and methodologies. He presents regularly at local and industry conferences on security-related topics.

Ramesh Nagappan is a Java Technology Architect at Sun Microsystems. With extensive industry experience, he specializes in Java distributed computing and security architectures for mission-critical applications. Previously he coauthored three best-selling books on J2EE, EAI, and Web Services. He is an active contributor to open source applications and industry-standard initiatives, and frequently speaks at industry conferences related to Java, XML, and Security.

Ray Lai, Principal Engineer at Sun Microsystems, has developed and architected enterprise applications and Web services solutions for leading multinational companies ranging from HSBC and Visa to American Express and DHL. He is author of J2EE Platform Web Services (Prentice Hall, 2004).



"About this title" may belong to another edition of this title.

Top Search Results from the AbeBooks Marketplace

1.

Steel, ChristopherNagappan, RameshLai, Ray
Published by Prentice Hall
ISBN 10: 0133119769 ISBN 13: 9780133119763
New Quantity Available: > 20
Seller
INDOO
(Avenel, NJ, U.S.A.)
Rating
[?]

Book Description Prentice Hall. Book Condition: New. Brand New. Bookseller Inventory # 0133119769

More Information About This Seller | Ask Bookseller a Question

Buy New
29.57
Convert Currency

Add to Basket

Shipping: 2.69
Within U.S.A.
Destination, Rates & Speeds

2.

Christopher Steel, Ramesh Nagappan, Ray Lai
Published by Pearson Education (US), United States (2012)
ISBN 10: 0133119769 ISBN 13: 9780133119763
New Paperback Quantity Available: 1
Seller
The Book Depository
(London, United Kingdom)
Rating
[?]

Book Description Pearson Education (US), United States, 2012. Paperback. Book Condition: New. Language: English . Brand New Book. Praise for Core Security Patterns Java provides the application developer with essential security mechanisms and support in avoiding critical security bugs common in other languages. A language, however, can only go so far. The developer must understand the security requirements of the application and how to use the features Java provides in order to meet those requirements. Core Security Patterns addresses both aspects of security and will be a guide to developers everywhere in creating more secure applications. --Whitfield Diffie, inventor of Public-Key Cryptography A comprehensive book on Security Patterns, which are critical for secure programming. --Li Gong, former Chief Java Security Architect, Sun Microsystems, and coauthor of Inside Java 2 Platform Security As developers of existing applications, or future innovators that will drive the next generation of highly distributed applications, the patterns and best practices outlined in this book will be an important asset to your development efforts. --Joe Uniejewski, Chief Technology Officer and Senior Vice President, RSA Security, Inc.This book makes an important case for taking a proactive approach to security rather than relying on the reactive security approach common in the software industry. --Judy Lin, Executive Vice President, VeriSign, Inc. Core Security Patterns provides a comprehensive patterns-driven approach and methodology for effectively incorporating security into your applications. I recommend that every application developer keep a copy of this indispensable security reference by their side. --Bill Hamilton, author of Cookbook, in a Nutshell, and NUnit Pocket Reference As a trusted advisor, this book will serve as a Java developer s security handbook, providing applied patterns and design strategies for securing Java applications. --Shaheen Nasirudheen, CISSP,Senior Technology Officer, JPMorgan Chase Like Core J2EE Patterns, this book delivers a proactive and patterns-driven approach for designing end-to-end security in your applications. Leveraging the authors strong security experience, they created a must-have book for any designer/developer looking to create secure applications.--John Crupi, Distinguished Engineer, Sun Microsystems, coauthor of Core J2EE Patterns Core Security Patterns is the hands-on practitioner s guide to building robust end-to-end security into J2EE(TM) enterprise applications, Web services, identity management, service provisioning, and personal identification solutions. Written by three leading Java security architects, the patterns-driven approach fully reflects today s best practices for security in large-scale, industrial-strength applications. The authors explain the fundamentals of Java application security from the ground up, then introduce a powerful, structured security methodology; a vendor-independent security framework; a detailed assessment checklist; and twenty-three proven security architectural patterns. They walk through several realistic scenarios, covering architecture and implementation and presenting detailed sample code.They demonstrate how to apply cryptographic techniques; obfuscate code; establish secure communication; secure J2ME(TM) applications; authenticate and authorize users; and fortify Web services, enabling single sign-on, effective identity management, and personal identification using Smart Cards and Biometrics. Core Security Patterns covers all of the following, and more: * What works and what doesn t: J2EE application-security best practices, and common pitfalls to avoid* Implementing key Java platform security features in real-world applications* Establishing Web Services security using XML Signature, XML Encryption, WS-Security, XKMS, and WS-I Basic security profile* Designing identity management and service provisioning systems using SAML, Liberty, XACML, and SPML* Designing secure personal identification solutions using Smart Cards and Biometrics* Secur. Bookseller Inventory # AAC9780133119763

More Information About This Seller | Ask Bookseller a Question

Buy New
36.92
Convert Currency

Add to Basket

Shipping: FREE
From United Kingdom to U.S.A.
Destination, Rates & Speeds

3.

Christopher Steel, Ramesh Nagappan, Ray Lai
Published by Pearson Education (US), United States (2012)
ISBN 10: 0133119769 ISBN 13: 9780133119763
New Paperback Quantity Available: 10
Seller
Book Depository hard to find
(London, United Kingdom)
Rating
[?]

Book Description Pearson Education (US), United States, 2012. Paperback. Book Condition: New. Language: English . This book usually ship within 10-15 business days and we will endeavor to dispatch orders quicker than this where possible. Brand New Book. Praise for Core Security Patterns Java provides the application developer with essential security mechanisms and support in avoiding critical security bugs common in other languages. A language, however, can only go so far. The developer must understand the security requirements of the application and how to use the features Java provides in order to meet those requirements. Core Security Patterns addresses both aspects of security and will be a guide to developers everywhere in creating more secure applications. --Whitfield Diffie, inventor of Public-Key Cryptography A comprehensive book on Security Patterns, which are critical for secure programming. --Li Gong, former Chief Java Security Architect, Sun Microsystems, and coauthor of Inside Java 2 Platform Security As developers of existing applications, or future innovators that will drive the next generation of highly distributed applications, the patterns and best practices outlined in this book will be an important asset to your development efforts. --Joe Uniejewski, Chief Technology Officer and Senior Vice President, RSA Security, Inc.This book makes an important case for taking a proactive approach to security rather than relying on the reactive security approach common in the software industry. --Judy Lin, Executive Vice President, VeriSign, Inc. Core Security Patterns provides a comprehensive patterns-driven approach and methodology for effectively incorporating security into your applications. I recommend that every application developer keep a copy of this indispensable security reference by their side. --Bill Hamilton, author of Cookbook, in a Nutshell, and NUnit Pocket Reference As a trusted advisor, this book will serve as a Java developer s security handbook, providing applied patterns and design strategies for securing Java applications. --Shaheen Nasirudheen, CISSP,Senior Technology Officer, JPMorgan Chase Like Core J2EE Patterns, this book delivers a proactive and patterns-driven approach for designing end-to-end security in your applications. Leveraging the authors strong security experience, they created a must-have book for any designer/developer looking to create secure applications.--John Crupi, Distinguished Engineer, Sun Microsystems, coauthor of Core J2EE Patterns Core Security Patterns is the hands-on practitioner s guide to building robust end-to-end security into J2EE(TM) enterprise applications, Web services, identity management, service provisioning, and personal identification solutions. Written by three leading Java security architects, the patterns-driven approach fully reflects today s best practices for security in large-scale, industrial-strength applications. The authors explain the fundamentals of Java application security from the ground up, then introduce a powerful, structured security methodology; a vendor-independent security framework; a detailed assessment checklist; and twenty-three proven security architectural patterns. They walk through several realistic scenarios, covering architecture and implementation and presenting detailed sample code.They demonstrate how to apply cryptographic techniques; obfuscate code; establish secure communication; secure J2ME(TM) applications; authenticate and authorize users; and fortify Web services, enabling single sign-on, effective identity management, and personal identification using Smart Cards and Biometrics. Core Security Patterns covers all of the following, and more: * What works and what doesn t: J2EE application-security best practices, and common pitfalls to avoid* Implementing key Java platform security features in real-world applications* Establishing Web Services security using XML Signature, XML Encryption, WS-Security, XKMS, and WS-I Basic security profile* Designing identity management and service provisioning systems usin. Bookseller Inventory # BTE9780133119763

More Information About This Seller | Ask Bookseller a Question

Buy New
42.91
Convert Currency

Add to Basket

Shipping: FREE
From United Kingdom to U.S.A.
Destination, Rates & Speeds

4.

Christopher Steel, Ramesh Nagappan, Ray Lai
ISBN 10: 0133119769 ISBN 13: 9780133119763
New Quantity Available: 1
Seller
firstbookstore
(New Delhi, India)
Rating
[?]

Book Description Book Condition: Brand New. Brand New Original US Edition, Perfect Condition. Printed in English. Excellent Quality, Service and customer satisfaction guaranteed!. Bookseller Inventory # AIND-116325

More Information About This Seller | Ask Bookseller a Question

Buy New
43.10
Convert Currency

Add to Basket

Shipping: FREE
From India to U.S.A.
Destination, Rates & Speeds

5.

Christopher Steel, Ramesh Nagappan, Ray Lai
ISBN 10: 0133119769 ISBN 13: 9780133119763
New Quantity Available: 1
Seller
Bookshub
(Karol Bagh, India)
Rating
[?]

Book Description Book Condition: New. New. US edition. Perfect condition. Customer satisfaction our priority. Bookseller Inventory # ABE-FEB-19676

More Information About This Seller | Ask Bookseller a Question

Buy New
43.57
Convert Currency

Add to Basket

Shipping: FREE
From India to U.S.A.
Destination, Rates & Speeds

6.

Christopher Steel, Ramesh Nagappan, Ray Lai
ISBN 10: 0133119769 ISBN 13: 9780133119763
New Quantity Available: 1
Seller
EBOOKSTORE2010
(New Delhi, ND, India)
Rating
[?]

Book Description Book Condition: Brand New. New. US edition. Customer Satisfaction guaranteed!!. Bookseller Inventory # SHUB19676

More Information About This Seller | Ask Bookseller a Question

Buy New
43.61
Convert Currency

Add to Basket

Shipping: FREE
From India to U.S.A.
Destination, Rates & Speeds

7.

Christopher Steel, Ramesh Nagappan, Ray Lai
ISBN 10: 0133119769 ISBN 13: 9780133119763
New Quantity Available: 1
Seller
Romtrade Corp.
(STERLING HEIGHTS, MI, U.S.A.)
Rating
[?]

Book Description Book Condition: New. Brand New Original US Edition.We Ship to PO BOX Address also. EXPEDITED shipping option also available for faster delivery. Bookseller Inventory # AUSBNEW-116325

More Information About This Seller | Ask Bookseller a Question

Buy New
45.86
Convert Currency

Add to Basket

Shipping: FREE
Within U.S.A.
Destination, Rates & Speeds

8.

Christopher Steel, Ramesh Nagappan, Ray Lai
ISBN 10: 0133119769 ISBN 13: 9780133119763
New Quantity Available: 1
Seller
Basi6 International
(Irving, TX, U.S.A.)
Rating
[?]

Book Description Book Condition: Brand New. New, US edition. Excellent Customer Service. Bookseller Inventory # ABEUSA-19676

More Information About This Seller | Ask Bookseller a Question

Buy New
45.87
Convert Currency

Add to Basket

Shipping: FREE
Within U.S.A.
Destination, Rates & Speeds

9.

Steel, Christopher; Nagappan, Ramesh; Lai, Ray
Published by Prentice Hall (2012)
ISBN 10: 0133119769 ISBN 13: 9780133119763
New Paperback Quantity Available: 1
Seller
Ergodebooks
(RICHMOND, TX, U.S.A.)
Rating
[?]

Book Description Prentice Hall, 2012. Paperback. Book Condition: New. Bookseller Inventory # DADAX0133119769

More Information About This Seller | Ask Bookseller a Question

Buy New
46.63
Convert Currency

Add to Basket

Shipping: 3.06
Within U.S.A.
Destination, Rates & Speeds

10.

Christopher Steel; Ramesh Nagappan; Ray Lai
Published by Prentice Hall (2005)
ISBN 10: 0133119769 ISBN 13: 9780133119763
New Softcover Quantity Available: > 20
Seller
Palexbooks
(Sanford, NC, U.S.A.)
Rating
[?]

Book Description Prentice Hall, 2005. Book Condition: New. Brand new! Please provide a physical shipping address. Bookseller Inventory # 9780133119763

More Information About This Seller | Ask Bookseller a Question

Buy New
51.77
Convert Currency

Add to Basket

Shipping: 2.30
Within U.S.A.
Destination, Rates & Speeds

There are more copies of this book

View all search results for this book