Enterprise Web services security /
| Основен автор: | Hollar, Rickland, 1954- |
|---|---|
| Други автори: | Murphy, Richard, 1954- |
| Формат: | Електронна книга |
| Език: | English |
| Публикувано: |
Hingham, Mass. :
Charles River Media,
℗♭2006.
|
| Издание: | 1st ed. |
| Предмети: | |
| Онлайн достъп: |
http://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&AN=233217 |
| Подобни документи: |
Print version::
Enterprise Web services security. |
Съдържание:
- ""Contents""; ""Introduction""; ""1 Security in the Networked World""; ""Business on the Internet""; ""B2B""; ""B2C""; ""Evolving Business Models""; ""Information Protection""; ""Privacy""; ""Corporate Confidentiality""; ""Legal Obligations""; ""Web Services""; ""XML""; ""SOAP""; ""The Messaging Model""; ""Security Challenges""; ""Threats and Risks""; ""Policy""; ""Internet""; ""Intranet""; ""Extranet""; ""Wireless""; ""Countermeasures""; ""WS-* Family of Standards""; ""Virtual Domain Model for Web Services Security""; ""Security Domains""; ""Enclaves""; ""Trust Relationships""; ""The Model""
- ""Summary""""References""; ""2 Threats and Attacks""; ""Threats, Vulnerabilities, and Countermeasures""; ""Ensuring Reliability""; ""Vandalism and Sabotage""; ""Denial of Service""; ""Privacy and Confidentiality Breaches""; ""Data Integrity Violations""; ""Man-in-the-Middle Attacks""; ""Spoofing Attacks""; ""Mobile-Code Threats""; ""Fraud""; ""Special Considerations for Web Services Environments""; ""Summary""; ""References""; ""3 Security Goals""; ""Protecting Your Assets""; ""Common Security Terms""; ""Reducing Vulnerabilities""; ""Realistically Assessing Threats""
- ""Choosing the Right Countermeasures""""Recognizing and Accepting Residual Risk""; ""Classic Security Goals""; ""Confidentiality""; ""Integrity""; ""Availability""; ""Transaction Security Goals""; ""Authentication""; ""Scalability""; ""Nonrepudiation""; ""The Role of Security Policy in Web Services Security Enforcement""; ""Summary""; ""References""; ""4 The Internet and World Wide Web Infrastructure""; ""Internet 101""; ""TCP/IP""; ""HTTP""; ""Security Domains""; ""Client System Vulnerabilities""; ""Browser Vulnerabilities""; ""Java Virtual Machine Vulnerabilities""; ""Networks""
- ""TCP/IP Vulnerabilities""""HTTP Vulnerabilities""; ""SMTP Vulnerabilities""; ""Server Vulnerabilities""; ""Web Server Vulnerabilities""; ""Other Vulnerabilities""; ""Summary""; ""References""; ""5 Web Services""; ""Web Services Standards""; ""XML""; ""Elements and Attributes""; ""Namespaces""; ""Schemas""; ""Transformations""; ""SOAP""; ""Document Style Messages""; ""RPC Style Messages""; ""Binding""; ""WSDL""; ""UDDI""; ""Web Services Toolkits""; ""Summary""; ""References""; ""6 Security Policy Basics""; ""The Importance of Security Policy""; ""Steps in Developing a Security Policy""
- ""Identify the Assets You Are Trying to Protect""""Identify the Threats You Are Protecting Against""; ""Map Threats to Probability of Loss and Cost""; ""Implement Cost-Effective Measures""; ""Continuously Review and Improve Security Policies""; ""The Security Policy Document""; ""Summary""; ""References""; ""7 Communicating Policy""; ""Expressing Security Policy in Web Services""; ""WS-Policy""; ""Normal Form""; ""Compact Form""; ""Merging Policies and Resolving Conflicts""; ""WS-SecurityPolicy""; ""SecurityToken Assertion""; ""Confidentiality Assertion""; ""Integrity Assertion""