Author : Jamie Jaworski
Publisher : Sams Publishing
Page : 558 pages
File Size : 13,78 MB
Release : 2000
Category : Computers
ISBN :
Jaworski, a professional Java developer, gives readers a practical, hands-on book that contains concise descriptions of security theory, complete secure applications, and thousands of lines of proven, real-world, commercial-quality code. Web site features security documentation and sample security policies, as well as code from the book.
Author : Scott Oaks
Publisher : "O'Reilly Media, Inc."
Page : 630 pages
File Size : 20,1 MB
Release : 2001
Category : Computers
ISBN : 9780596001575
One of Java's most striking claims is that it provides a secure programming environment. Yet despite endless discussion, few people understand precisely what Java's claims mean and how it backs up those claims. If you're a developer, network administrator or anyone else who must understand or work with Java's security mechanisms, Java Security is the in-depth exploration you need.Java Security, 2nd Edition, focuses on the basic platform features of Java that provide security--the class loader, the bytecode verifier, and the security manager--and recent additions to Java that enhance this security model: digital signatures, security providers, and the access controller. The book covers the security model of Java 2, Version 1.3, which is significantly different from that of Java 1.1. It has extensive coverage of the two new important security APIs: JAAS (Java Authentication and Authorization Service) and JSSE (Java Secure Sockets Extension). Java Security, 2nd Edition, will give you a clear understanding of the architecture of Java's security model and how to use that model in both programming and administration.The book is intended primarily for programmers who want to write secure Java applications. However, it is also an excellent resource for system and network administrators who are interested in Java security, particularly those who are interested in assessing the risk of using Java and need to understand how the security model works in order to assess whether or not Java meets their security needs.
Author : Marco Pistoia
Publisher : Addison-Wesley Professional
Page : 618 pages
File Size : 36,3 MB
Release : 2004
Category : Computers
ISBN : 9780321118899
This is a practical guide to building a secure enterprise infrastructure with J2SE and J2EE technologies. This text explains how J2SE and J2EE security architectures relate to each other, and also covers the security aspects of servlets, JSP and EJB.
Author : Gary McGraw
Publisher :
Page : 216 pages
File Size : 49,2 MB
Release : 1997
Category : Computers
ISBN :
Do you know where browser is pointing?. The Java security model. Serious holes in the security model. Malicious applets. Antidotes and guidelines for Java users. Tomorrow's Java security. Java security. Cert alerts. References. Index.
Author : Mourad Debbabi
Publisher : Springer Science & Business Media
Page : 254 pages
File Size : 38,58 MB
Release : 2007-03-20
Category : Computers
ISBN : 1846287111
This book is a comprehensive presentation of embedded Java security. It is compared with the security model of the Java 2 Standard Edition in order to view the impact of limited resources on security. No other book specifically addresses the topic of embedded Java security. Furthermore, the book provides hints and suggestions as ways for hardening security, and offers researchers and practitioners alike a broader and deeper understanding of the issues involved in embedded Java security, and – as a larger view - mobile devices security. The author is a well-known authority and expert in mobile computing and embedded devices.
Author : Jason R. Weiss
Publisher : Morgan Kaufmann
Page : 177 pages
File Size : 36,86 MB
Release : 2004-05-18
Category : Computers
ISBN : 0080535240
For a long time, there has been a need for a practical, down-to-earth developers book for the Java Cryptography Extension. I am very happy to see there is now a book that can answer many of the technical questions that developers, managers, and researchers have about such a critical topic. I am sure that this book will contribute greatly to the success of securing Java applications and deployments for e-business. --Anthony Nadalin, Java Security Lead Architect, IBMFor many Java developers and software engineers, cryptography is an "on-demand" programming exercise, where cryptographic concepts are shelved until the next project requires renewed focus. But considerations for cryptography must be made early on in the design process and it's imperative that developers know what kinds of solutions exist. One of Java's solutions to help bridge the gap between academic research and real-world problem solving comes in the form of a well-defined architecture for implementing cryptographic solutions. However, to use the architecture and its extensions, it is important to recognize the pros and cons of different cryptographic algorithms and to know how to implement various devices like key agreements, digital signatures, and message digests, to name a few.In Java Cryptography Extensions (JCE), cryptography is discussed at the level that developers need to know to work with the JCE and with their own applications but that doesn't overwhelm by packing in details unimportant to the busy professional. The JCE is explored using numerous code examples and instructional detail, with clearly presented sections on each aspect of the Java library. An online open-source cryptography toolkit and the code for all of the examples further reinforces the concepts covered within the book. No other resource presents so concisely or effectively the exact material needed to begin utilizing the JCE. - Written by a seasoned veteran of both cryptography and server-side programming - Covers the architecture of the JCE, symmetric ciphers, asymmetric ciphers, message digests, message authentication codes, digital signatures, and managing keys and certificates
Author : GARMS
Publisher : Wrox Press
Page : 550 pages
File Size : 34,95 MB
Release : 2001-05-24
Category : Computers
ISBN :
As Java emerges as the standard platform for Internet programming, the ability to securely move its code around is imperative for application security in large-scale e-commerce and e-business sites - many of which have suffered a recent spate of hacker attacks. Security is one of the key features of the Java language architecture, giving its users confidence in downloading code across networks.
Author : Laurentiu Spilca
Publisher : Manning Publications
Page : 558 pages
File Size : 35,32 MB
Release : 2020-11-03
Category : Computers
ISBN : 1617297739
Spring Security in Action shows you how to prevent cross-site scripting and request forgery attacks before they do damage. You’ll start with the basics, simulating password upgrades and adding multiple types of authorization. As your skills grow, you'll adapt Spring Security to new architectures and create advanced OAuth2 configurations. By the time you're done, you'll have a customized Spring Security configuration that protects against threats both common and extraordinary. Summary While creating secure applications is critically important, it can also be tedious and time-consuming to stitch together the required collection of tools. For Java developers, the powerful Spring Security framework makes it easy for you to bake security into your software from the very beginning. Filled with code samples and practical examples, Spring Security in Action teaches you how to secure your apps from the most common threats, ranging from injection attacks to lackluster monitoring. In it, you'll learn how to manage system users, configure secure endpoints, and use OAuth2 and OpenID Connect for authentication and authorization. Purchase of the print book includes a free eBook in PDF, Kindle, and ePub formats from Manning Publications. About the technology Security is non-negotiable. You rely on Spring applications to transmit data, verify credentials, and prevent attacks. Adopting "secure by design" principles will protect your network from data theft and unauthorized intrusions. About the book Spring Security in Action shows you how to prevent cross-site scripting and request forgery attacks before they do damage. You’ll start with the basics, simulating password upgrades and adding multiple types of authorization. As your skills grow, you'll adapt Spring Security to new architectures and create advanced OAuth2 configurations. By the time you're done, you'll have a customized Spring Security configuration that protects against threats both common and extraordinary. What's inside Encoding passwords and authenticating users Securing endpoints Automating security testing Setting up a standalone authorization server About the reader For experienced Java and Spring developers. About the author Laurentiu Spilca is a dedicated development lead and trainer at Endava, with over ten years of Java experience. Table of Contents PART 1 - FIRST STEPS 1 Security Today 2 Hello Spring Security PART 2 - IMPLEMENTATION 3 Managing users 4 Dealing with passwords 5 Implementing authentication 6 Hands-on: A small secured web application 7 Configuring authorization: Restricting access 8 Configuring authorization: Applying restrictions 9 Implementing filters 10 Applying CSRF protection and CORS 11 Hands-on: A separation of responsibilities 12 How does OAuth 2 work? 13 OAuth 2: Implementing the authorization server 14 OAuth 2: Implementing the resource server 15 OAuth 2: Using JWT and cryptographic signatures 16 Global method security: Pre- and postauthorizations 17 Global method security: Pre- and postfiltering 18 Hands-on: An OAuth 2 application 19 Spring Security for reactive apps 20 Spring Security testing
Author : Carlo Scarioni
Publisher : Apress
Page : 424 pages
File Size : 48,31 MB
Release : 2019-11-21
Category : Computers
ISBN : 1484250524
Build and deploy secure Spring Framework and Spring Boot-based enterprise Java applications with the Spring Security Framework. This book explores a comprehensive set of functionalities to implement industry-standard authentication and authorization mechanisms for Java applications. Pro Spring Security, Second Edition has been updated to incorporate the changes in Spring Framework 5 and Spring Boot 2. It is an advanced tutorial and reference that guides you through the implementation of the security features for a Java web application by presenting consistent examples built from the ground up. This book also provides you with a broader look into Spring security by including up-to-date use cases such as building a security layer for RESTful web services and Grails applications. What You Will LearnExplore the scope of security and how to use the Spring Security FrameworkMaster Spring security architecture and design Secure the web tier in Spring Work with alternative authentication providersTake advantage of business objects and logic securityExtend Spring security with other frameworks and languagesSecure the service layer Who This Book Is ForExperienced Spring and Java developers with prior experience in building Spring Framework or Boot-based applications.
Author : Arjan Tijms
Publisher :
Page : 0 pages
File Size : 20,27 MB
Release : 2022
Category :
ISBN : 9781484279465
Refer to this definitive and authoritative book to understand the Jakarta EE Security Spec, with Jakarta Authentication & Authorization as its underlying official foundation. Jakarta EE Security implementations are discussed, such as Soteria and Open Liberty, along with the build-in modules and Jakarta EE Security third-party modules, such as Payara Yubikey & OIDC, and OmniFaces JWT-Auth. The book discusses Jakarta EE Security in relation to SE underpinnings and provides a detailed explanation of how client-cert authentication over HTTPS takes place, how certifications work, and how LDAP-like names are mapped to caller/user names. General (web) security best practices are presented, such as not storing passwords in plaintext, using HTTPS, sanitizing inputs to DB queries, encoding output, and explanations of various (web) attacks and common vulnerabilities are included. Practical examples of securing applications discuss common needs such as letting users explicitly log in, sign up, verify email safely, explicitly log in to access protected pages, and go direct to the log in page. Common issues are covered such as abandoning an authentication dialog halfway and later accessing protected pages again. What You Will Learn Know what Jakarta/Java EE security includes and how to get started learning and using this technology for today's and tomorrow's enterprise Java applications Secure applications: traditional server-side web apps built with JSF (Faces) as well as applications based on client-side frameworks (such as Angular) and JAX-RS Work with the daunting number of security APIs in Jakarta EE Understand how EE security evolved.
