買這商品的人也買了...
-
C++ Primer, 3/e 中文版$980$774 -
$998Operating System Concepts, 6/e (Windows XP Update) -
$1,140Database Management Systems, 3/e (IE-Paperback) -
ASP.NET 程式設計徹底研究$590$466 -
C# Primer Plus 中文版 (C# Primer Plus)$680$537 -
鳥哥的 Linux 私房菜-伺服器架設篇$750$675 -
鳥哥的 Linux 私房菜─基礎學習篇增訂版$560$504 -
CCNA Self-Study: Interconnecting Cisco Network Devices (ICND) 640-811, 640-801, 2/e$2,340$2,223 -
SCJP‧SCJD 專業認證指南 (Sun Certified Programmer & Developer for Java 2 #310-305 與310-027)$850$723 -
專案管理實務入門-引導專案成功的52條準則$280$218 -
人月神話:軟體專案管理之道 (20 週年紀念版)(The Mythical Man-Month: Essays on Software Engineering, Anniversary Edition, 2/e)$480$379 -
JSP 2.0 技術手冊$750$593 -
建構嵌入式 Linux 系統$780$616 -
CCNA 認證教戰手冊 Exam 640-801 (CCNA Cisco Certified Network Associate Study Guide, 4/e)$780$663 -
JSP 與 Servlet 500 個應用範例技巧大全集$590$460 -
Windows CE 嵌入式系統理論與實務$680$537 -
最新 JavaScript 完整語法參考辭典 第三版$490$382 -
C++ 程式設計藝術 (C++ How to Program, 4/e)$820$738 -
Excel VBA 徹底研究 - Excel 2003 Power Progamming with VBA$620$484 -
$1,140Computer Organization and Design: The Hardware/Software Interface, 3/e(IE) (美國版ISBN:1558606041) -
RFID 技術與應用$480$408 -
Windows CE.NET 程式設計 (Programming Microsoft Windows CE .Net, 3/e)$890$703 -
ASP.NET 徹底研究進階技巧─高階技巧與控制項實作$650$507 -
聖殿祭司的 ASP.NET 2.0 專家技術手冊─使用 C#$720$569 -
OpenOffice.org 成功導入寶典$400$340
商品描述
The most up to date, comprehensive, and practical guide to Web services security, and the first to cover the final release of new standards SAML 1.1 and WS-Security.
- Comprehensive coverage and practical examples of the industry standards XML Signature and XML Encryption, and the first book to cover the final WS-Security and SAML 1.1 specifications.
- Authors Jothy Rosenberg and David Remy are security experts who co-founded GeoTrust, the #2 Web site certificate authority and currently work for Service Integrity and BEA Systems, respectively.
- According to IBM, American Express, Sun Microsystems, and other industry leaders, well-defined security standards and procedures are a crucial element to the adoption of web services in industry
-
Table of Contents
Forewords.
-
Introduction.
Who This Book Is For. About This Book. How This Book Is Organized.1. Basic Concepts of Web Services Security.
Web Services Basics: XML, SOAP, and WSDL. Application Integration. Security Basics. Web Services Security Basics. Summary.2. The Foundations of Web Services.
The Gestalt of Web Services. XML: Meta-Language for Data-Oriented Interchange. SOAP: XML Messaging and Remote Application Access. WSDL: Schema for XML/SOAP Objects and Interfaces. UDDI: Publishing and Discovering Web Services. ebXML and RosettaNet: Alternative Technologies for Web Services. The Web Services Security Specifications. Summary.3. The Foundations of Distributed Message-Level Security.
The Challenges of Information Security for Web Services. Shared Key Technologies. Public Key Technologies. Summary.4. Safeguarding the Identity and Integrity of XML Messages.
Introduction To and Motivation for XML Signature. XML Signature Fundamentals. XML Signature Structure. XML Signature Processing. The XML Signature Elements. Security Strategies for XML Signature. Summary.5. Ensuring Confidentiality of XML Messages.
Introduction to and Motivation for XML Encryption. XML Encryption Fundamentals. XML Encryption Structure. XML Encryption Processing. Using XML Encryption and XML Signature Together. Summary.6. Portable Identity, Authentication, and Authorization.
Introduction to and Motivation for SAML. How SAML Works. Using SAML with WS-Security. Applying SAML: Project Liberty. Summary.7. Building Security into SOAP.
Introduction to and Motivation for WS-Security. Extending SOAP with Security. Security Tokens in WS-Security. Providing Confidentiality: XML Encryption in WS-Security. Providing Integrity: XML Signature in WS-Security. Message Time Stamps. Summary.8. Communicating Security Policy.
WS-Policy. The WS-Policy Framework. WS-SecurityPolicy. Summary.9. Trust, Access Control, and Rights for Web Services.
The WS-* Family of Security Specifications. XML Key Management Specification (XKMS). eXtensible Access Control Markup Language (XACML) Specification. eXtensible Rights Markup Language (XrML) Management Specification. Summary.10. Building a Secure Web Service Using BEA's WebLogic Workshop.
Security Layer Walkthrough. WebLogic Workshop Web Service Walkthrough. Summary.Appendix A. Security, Cryptography, and Protocol Background Material.
The SSL Protocol. Testing for Primality. RSA Cryptography. DSA Digital Signature Algorithms. Block Cipher Processing. DES Encryption Algorithm. AES Encryption Algorithm. Hashing Details and Requirements. SHA1. Silvio Micali's Fast Validation/Revocation. Canonicalization of Messages for Digital Signature Manifests. Base-64 Encoding. PGP.Glossary.
Index
商品描述(中文翻譯)
這是一本最新、全面且實用的網路服務安全指南,也是第一本涵蓋最終版本的新標準SAML 1.1和WS-Security的書籍。
- 全面涵蓋並提供實際範例,介紹了行業標準XML Signature和XML Encryption,並且是第一本涵蓋最終版本的WS-Security和SAML 1.1規範的書籍。
- 作者Jothy Rosenberg和David Remy是安全專家,共同創辦了GeoTrust,全球第二大網站憑證授權機構,目前分別在Service Integrity和BEA Systems工作。
- 根據IBM、美國運通、Sun Microsystems和其他行業領導者的說法,明確的安全標準和程序是在行業中採用網路服務的關鍵因素。
-
目錄
前言。
-
引言。
本書適合對象。關於本書。本書的組織方式。
1. 網路服務安全的基本概念。
網路服務基礎知識:XML、SOAP和WSDL。應用程式整合。安全基礎知識。網路服務安全基礎知識。摘要。
2. 網路服務的基礎。
網路服務的整體概念。XML:資料導向交換的元語言。SOAP:XML訊息和遠端應用程式存取。WSDL:XML/SOAP物件和介面的架構。UDDI:發佈和發現網路服務。ebXML和RosettaNet:網路服務的替代技術。網路服務安全規範。摘要。
3. 分散式訊息層安全的基礎。
網路服務資訊安全的挑戰。共享金鑰技術。公開金鑰技術。摘要。
4. 保護XML訊息的身份和完整性。
XML簽章的介紹和動機。XML簽章基礎知識。XML簽章結構。XML簽章處理。XML簽章元素。XML簽章的安全策略。摘要。
5. 確保XML訊息的機密性。
XML加密的介紹和動機。XML加密基礎知識。XML加密結構。XML加密處理。使用XML加密和XML簽章。摘要。
6. 可攜式身份、驗證和授權。
SAML的介紹和動機。SAML的運作方式。使用SAML和WS-Security。應用SAML:Project Liberty。摘要。
7. 在SOAP中建立安全性。
WS-Security的介紹和動機。使用安全性擴充SOAP。WS-Security中的安全性標記。提供機密性:WS-Security中的XML加密。提供完整性:WS-Security中的XML簽章。訊息時間戳記。摘要。
8. 傳遞安全策略。
WS-Policy。WS-Policy框架。WS-SecurityPolicy。摘要。
9. 網路服務的信任、存取控制和權限。
WS-*系列安全規範。XML金鑰管理規範(XKMS)。可擴展存取控制標記語言(XACML)規範。可擴展權限標記語言(XrML)管理規範。摘要。
10. 使用BEA的WebLogic Workshop建立安全的網路服務。
