Core Security Patterns: Best Practices and Strategies for J2EE, Web Services, and Identity Management
Index[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Y] [Z] J2EE (Java 2 Enterprise Edition) platform architecture and logical tiers authorization 2nd 3rd declarative programmatic web-tier clients 2nd 3rd component security. [See Component security] container-based security. [See Container-based security] definitions in EIS tier 2nd connector architecture in JDBC in JMS in EJB tier. [See EJB tier in J2EE] for biometrics 2nd for smart cards for Web services 2nd infrastructure LDAP in network topology horizontal scalability vertical scalability references SAML in security patterns for summary J2ME (Java 2 Micro Edition) architecture configurations MIDlets in profiles J2SE (Java 2 Standard Edition) in Obfuscated Transfer Object pattern J2SE 5.0 JAAS (Java Authentication and Authorization Service) authentication in clients LoginModule 2nd 3rd Web tier authorization implementing strategy classes and interfaces client-side callbacks for biometrics vs. JGSS JAAS Authorization policy file JAAS Module JACC (Java Authorization Contract for Containers) 2nd JAD (Java application descriptor) files JADTool utility JAR (Java archive format) files for signed applets in Web tier patterns signing verifying Jarsigner tool for signed applets for smart cards Java 2 Enterprise Edition) platform. [See J2EE (Java 2 Enterprise Edition) platform] Java 2 Micro Edition (J2ME) architecture configurations MIDlets in profiles Java 2 platform security 2nd applet security for smart cards Java Card signed biometrics CertPath code obfuscation reverse engineering extensible importance J2EE. [See J2EE (Java 2 Enterprise Edition) platform] J2ME. [See Java 2 Micro Edition (J2ME)] JAAS. [See JAAS (Java Authentication and Authorization Service)] Java Card technology 2nd API framework applets in development kit model for smart cards JCA. [See JCA (Java Cryptography Architecture)] JCE. [See JCE (Java Cryptographic Extensions)] JGSS JSSE. [See JSSE (Java Secure Socket Extension)] JVM JWS language MIDlets components of signed trusted references reusable components SASL clients 2nd installing servers security model AccessController bytecode verifiers ClassLoader codebase CodeSource permissions policies protection domains SecurityManager summary tools jarsigner keystores 2nd keytool policytool Web services Java 2 Standard Edition (J2SE) in Obfuscated Transfer Object pattern J2SE 5.0 Java Access Manager Java API for XML Registry (JAXR) Java application descriptor (JAD) files Java archive format (JAR) files for signed applets in Web tier patterns signing verifying Java Authentication and Authorization Service. [See JAAS (Java Authentication and Authorization Service)] Java Authorization Contract for Containers (JACC) 2nd Java Card runtime environment (JCRE) Java Card technology 2nd API framework applets in development kit model for smart cards Java Card Workstation Development Environment (JCWDE) Java Certification Path Java Cryptographic Extension Keystores (JCEKS) Java Cryptographic Extensions. [See JCE (Java Cryptographic Extensions)] Java Cryptography Architecture. [See JCA (Java Cryptography Architecture)] Java Data Objects (JDO) 2nd Java Database Connectivity (JDBC) 2nd Java Development Kit (JDK) Java Generic Secure Services (JGSS) Java GSS-API Java Management Extension (JMX) technology Java Message Service (JMS) Audit Interceptor pattern EIS tier 2nd Java Naming and Directory Interface (JNDI) Java native code (JNI) Java Network Launch protocol (JNLP) Java Secure Socket Extension (JSSE). [See JSSE (Java Secure Socket Extension)] Java System Access Manager 2nd Java system web server Java Virtual Machine (JVM) Java Web Services Developer Pack (JWSDP) Java Web Start (JWS) security Java.security file Javac command Javax.net.* package Javax.net.ssl.* package Javax.security.auth package Javax.security.cert.* package JAX-RPC API for Web services in case study in Message Inspector pattern JAXR (Java API for XML Registry) JCA (Java Cryptography Architecture) API classes and interfaces cryptographic services digital signature generation key pair generation message digests JCE (Java Cryptographic Extensions) Advanced Encryption Standard API classes and interfaces Cryptographic Service Providers encryption and decryption 2nd hardware acceleration key agreement protocols MAC objects Password-Based Encryption sealed objects smart card support strong vs. unlimited strength cryptography JCEKS (Java Cryptographic Extension Keystores) JCRE (Java Card runtime environment) JCWDE (Java Card Workstation Development Environment) JDBC (Java Database Connectivity) 2nd JDK (Java Development Kit) JDO (Java Data Objects) 2nd JGSS (Java Generic Secure Services) JiffyXACML JKS (Java keystores) JMS (Java Message Service) in Audit Interceptor pattern in EIS tier 2nd JMX (Java Management Extension) technology JNDI (Java Naming and Directory Interface) JNI (Java native code) JNLP (Java Network Launch protocol) Journaled Component pattern JSPs JSSE (Java Secure Socket Extension) API programming in application layer using classes and interfaces client-side communication host name verification HTTP over SSL mutual authentication providers secure socket connections using SSL server-side communication SSLEngine and non-blocking I/O vs. JGSS Justifications compliance identity and access management proactive security approaches JVM (Java Virtual Machine) JVMDI debugger JVMPI profiling code JWS (Java Web Start) security JWSDP (Java Web Services Developer Pack) |
Категории