| Chapter 1: Security Basics - Figure 1-1: The four basic pillars of security
Chapter 2: Hackers and Their Tools - Figure 2-1: Passive hack attacks
- Figure 2-2: Active hack attacks
- Figure 2-3: Network sniffing
- Figure 2-4: Attacks from a nearby local machine
- Figure 2-5: Host impersonation
- Figure 2-6: IP spoofing
Chapter 3: Java Security Components - Figure 3-1: The association of the API and SPI
- Figure 3-2: Authentication principal and credential mapping
- Figure 3-3: Authorization principal
- Figure 3-4: The secret key
- Figure 3-5: The key pair
- Figure 3-6: The hash
- Figure 3-7: The JAAS interface
- Figure 3-8: Security Manager
- Figure 3-9: The message digest security level
- Figure 3-10: An overview of the Java components
Chapter 4: Key Management Algorithms - Figure 4-1: Secret key exchange by number
- Figure 4-2: Cipher without the key
- Figure 4-3: The key for decryption
- Figure 4-4: The secret key
- Figure 4-5: The key pair
- Figure 4-6: The logarithmic function
- Figure 4-7: The man-in-the-middle attack
Chapter 5: Elliptic Curve Cryptography - Figure 5-1: Curvier
- Figure 5-2: Less curvy
Chapter 6: Key Management Through the Internet Protocol - Figure 6-1: The IPSec protocol relationships
- Figure 6-2: An example of a tunnel
- Figure 6-3: The SA example
Chapter 7: Implementing Keys with Java - Figure 7-1: The engine class
- Figure 7-2: The KeyPairGenerator sequence diagram
- Figure 7-3: SecureRandom operation
- Figure 7-4: DSAPublicKeySpec
- Figure 7-5: The UML of generating a DES secret key
Chapter 8: Java Implementation of Key Management - Figure 8-1: Policy tool loaded
- Figure 8-2: The principal entry
- Figure 8-3: The Permission class
- Figure 8-4: The Keystore entry
Chapter 9: Ensuring Data Integrity - Figure 9-1: Different classifications of hash algorithms
- Figure 9-2: The message digest process
Chapter 11: Signature Integrity - Figure 11-1: The FIPS approved digital signatures
- Figure 11-2: Digital signature steps
- Figure 11-3: Signature generation variables
- Figure 11-4: Verification generation variables
Chapter 12: Understanding Ciphers - Figure 12-1: The key stream
- Figure 12-2: The S-box substitution
- Figure 12-3: The ECB mode
- Figure 12-4: A CBC overview
- Figure 12-5: Overview of the CBC8
- Figure 12-6: The OFB mode
- Figure 12-7: Padding in ciphers
Chapter 13: Extending New Ciphers with the JDK - Figure 13-1: The Provider and CipherSpi mapping
- Figure 13-2: An XORed byte stream
Chapter 14: Applying Ciphers - Figure 14-1: The PBE key for DES and Triple-DES
- Figure 14-2: Blowfish encryption
- Figure 14-3: Blowfish decryption
- Figure 14-4: A native network cipher example
- Figure 14-5: A secure network file system example
- Figure 14-6: The smart card
- Figure 14-7: The Java smart card development environment
- Figure 14-8: The Java smart card interface
Chapter 15: Securing Enterprise Resources - Figure 15-1: Understanding your security needs
Chapter 16: Java Authentication and Authorization Through Kerberos - Figure 16-1: Kerberos messaging
- Figure 16-2: The v5 flags
Chapter 17: Securing Messages with the Java GSS-API - Figure 17-1: GSS-API overview
- Figure 17-2: The JAAS implementation
Chapter 18: Java Access: The Security Manager - Figure 18-1: The basic class flow
- Figure 18-2: Some ClassLoader extension classes
- Figure 18-3: The Protection Domain
- Figure 18-4: Immediate java.security.Permission derived classes
Chapter 19: Java Authentication and Authorization Service - Figure 19-1: The Pluggable Authentication Module
- Figure 19-2: Java Authentication Class interaction
- Figure 19-3: Java Authorization Class interaction
- Figure 19-4: The Java subject
- Figure 19-5: The Java subject extended
- Figure 19-6: The Java group
- Figure 19-7: ACL and AclEntry objects
- Figure 19-8: The Java ACL table
Chapter 20: Working with Database Security - Figure 20-1: Different JDBC driver types
- Figure 20-2: The Common Client Interface
Chapter 21: Network Security Architecture - Figure 21-1: Two LANs by address
- Figure 21-2: Two LANs by domain name
- Figure 21-3: IP packet
- Figure 21-4: UDP packet
- Figure 21-5: TCP packet
- Figure 21-6: The OSI model
- Figure 21-7: The routing OSI model
- Figure 21-8: ICMP packet
- Figure 21-9: The ICMP packet with type and code
- Figure 21-10: The RR IP address header
- Figure 21-11: A organization's LAN example
- Figure 21-12: Firewall
- Figure 21-13: Firewall configurations
- Figure 21-14: DMZ
- Figure 21-15: Distributed objects
- Figure 21-16: The GIOP proxy
- Figure 21-17: The SOAP proxy
- Figure 21-18: HTTP tunneling
- Figure 21-19: The Sockets in the OSI model
- Figure 21-20: Streaming implementation
Chapter 22: SSL and TLS - Figure 22-1: SSL layering
- Figure 22-2: Key derivation process
- Figure 22-3: Basic SSL Handshake Protocol
- Figure 22-4: SSL record
- Figure 22-5: SSL Handshake with client authentication
- Figure 22-6: WAP protocol stack
Chapter 23: Java Secure Socket Extension - Figure 23-1: JSSE encapsulates sockets and TCP/IP layers
- Figure 23-2: Client/server communication using the JSSE API
- Figure 23-3: The SSLContext interface
- Figure 23-4: SSLServer, SSLContext, KeyManager,and KeyStore UML sequence
Chapter 24: Java Digital Certificates - Figure 24-1: The organization of X.500
- Figure 24-2: Certificate basic structure
- Figure 24-3: Version 3 extensions
- Figure 24-4: The X509CRL and X509CRLEntry classes
Chapter 25: PKI Management - Figure 25-1: Basic certificate path
- Figure 25-2: Certificate chaining
- Figure 25-3: An X.500 DIB
- Figure 25-4: OU removal
- Figure 25-5: DUA
- Figure 25-6: Netscape Directory Server 5.1 Users and Groups console
- Figure 25-7: User console for the Netscape Directory Server 5.1
- Figure 25-8: Basic path validation algorithm
Chapter 26: Java Enterprise Security and Web Services Security - Figure 26-1: The original sandbox model
- Figure 26-2: Web Service overview
Chapter 27: Securing Client-Side Components - Figure 27-1: The J2EE containers
- Figure 27-2: The JNDI architecture
- Figure 27-3: Project Info App components and their corresponding containers
- Figure 27-4: The login page for the Project Info App
- Figure 27-5: The welcome page for the Project Info App
- Figure 27-6: The Project List page for the Project Info App
- Figure 27-7: The Project Detail page for the Project Info App
Chapter 28: Securing Server-Side Components - Figure 28-1: Generic ORB architecture
- Figure 28-2: Parts of a distributed object using RMI
|