Enterprise Web Services Security
Charles River Media
978-1-58450-413-9 (ISBN)
- Titel ist leider vergriffen;
keine Neuauflage - Artikel merken
The use of Web Services for Business-to-Business (B2B) and Business-to-Consumer (B2C) transactions has created risks that expose critical assets to increasingly greater threats. Enterprise Web Services Security provides the information developers, application architects, and security professionals need to build security policies and strategies from the ground up in a Web Services environment. Most security books focus on computer or network security in isolation, relegating the other areas to overview chapters or appendices. A single-system view of security, however, is not adequate to describe a distributed Web Services-based environment as it causes the developer to have to piece together material from several resources in order to create secure Web sites and services. This book takes a holistic approach that mirrors the perspective developers need to take regardless of whether they are planning and implementing the security mechanisms for a Web Service, a Web site, or an enterprise.
It details how to secure critical components such as workstations, servers, and networks, the goals behind an enterprise's security policies, the policies an organization should have in place, and how to communicate those policies using WS-Policy Framework and WS-Security Policy. Various threats and attacks are also covered, as well as the identity management, authentication, authorization, access control, confidentiality, and integrity mechanisms needed to protect messages and transactions. Enterprise Web Services Security is the one book developers need to make all their security mechanisms work successfully to thwart attacks and protect assets.
Rickland Hollar (McLean, VA) is a Senior Applications Architect with the Central Intelligence Agency and has over 30 years experience in the industry. Prior to joining the CIA, he was President of a Virginia based software development firm. He has written articles for various publications, including Web Services Journal. Rick Murphy (Annandale, VA) is a Senior Principal INFOSEC Scientist at Mitretek Systems, a public interest research and development firm. He has over 25 years of experience in the information security field and is an adjunct professor in the University of Virginia's Information Security Management program. Recent publications include papers on open systems security, network firewall configuration, and on access control systems.
Introduction Chapter 1 Security in the Networked World Chapter 2 Threats and Attacks Chapter 3 Security Goals Chapter 4 The Internet and World Wide Web Infrastructure Chapter 5 Web Services Chapter 6 Security Policy Basics Chapter 7 Communicating Policy Chapter 8 Protecting the System Components Chapter 9 Protecting Messages, Transactions, and Data Chapter 10 Implementing the Information Security Triad Chapter 11 Communicating Security Credentials Chapter 12 Audit Chapter 13 Virtual Domain Model for Web Services Security Chapter 14 Establishing and Communicating Trust Chapter 15 Pulling It All Together: Using Virtual Trust Domains to Secure Enterprise Web Services Chapter 16 FutureScape Appendix A The Security Policy Document Appendix B About the CD-ROM Index
| Erscheint lt. Verlag | 27.10.2005 |
|---|---|
| Zusatzinfo | Illustrations |
| Verlagsort | Hingham |
| Sprache | englisch |
| Maße | 188 x 231 mm |
| Gewicht | 863 g |
| Themenwelt | Informatik ► Netzwerke ► Sicherheit / Firewall |
| Informatik ► Theorie / Studium ► Kryptologie | |
| ISBN-10 | 1-58450-413-7 / 1584504137 |
| ISBN-13 | 978-1-58450-413-9 / 9781584504139 |
| Zustand | Neuware |
| Haben Sie eine Frage zum Produkt? |
aus dem Bereich
