Core Security Patterns: Best Practices and Strategies for J2EE, Web Services, and Identity Management

Index

[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Y] [Z]

Labeling

     in security patterns

     in Security Wheel

Layered Security pattern

LDAP (Lightweight Directory Access Protocol)

     certificate revocation issues

     cryptography challenges

     J2EE

     key management

     random number generation

     SASL 2nd

     trust models

Leaf nodes in attack trees

Ledger 2nd

Legacy systems

     Intercepting Web Agent pattern 2nd

     Password Synchronizer pattern

     Secure Service Proxy pattern

Lessons learned in case study

Liberty Alliance consortium

Liberty Alliance Project

     architecture

     for SAML

     Liberty Phase 1

     Liberty Phase 2

     meta-data and schemas

     relationships

     security mechanisms

     SSO strategy

     usage scenarios

         communication security

         credentials

         federation management

         global logouts

         identity registration and termination

         Java System Access Manager

         multi-tiered authentication

         provider session state maintenance

         single sign-on 2nd

     Web redirection in

     Web services in

Liberty-enabled clients

Liberty-enabled proxies

Libraries

     DLL

     tag

Licenses in WS-Security

Lightweight Directory Access Protocol. [See LDAP (Lightweight Directory Access Protocol)]

Limited View pattern

Load Balancing PEP pattern

Load-balancing in case study

loadRegistry method

Locate service in X-KISS

LogFactory class

Logging

     alteration detection for 2nd

     failures

     in biometrics

     in case study

    in security patterns

         Identity management

         Password Synchronizer

         Policy Delegate

         Secure Base Action

        Secure Logger. [See Secure Logger pattern]

         Single Sign-on Delegator

         Web services

     in Security Wheel

Logging out in JAAS

LoggingHandler.java file

Logical access control

Logical architecture

     biometric systems

     smart cards

     user account provisioning

Logical tiers in J2EE

Logical views in use cases

Login attempts in biometrics

login method

     Authentication Enforcer

     LoginContext 2nd 3rd

     LoginModule

Login service in case study

LoginContext class

     JAAS authentication 2nd

     JAAS Login Module strategy 2nd

LoginModule class

     Authentication Enforcer pattern

     biometrics

     implementing

     providers for

     smart cards

LogManager class

logout method

     LoginContext

     LoginModule

Logout requests in SAML

Loosely coupled architecture

     Intercepting Web Agent pattern

     Secure Service Proxy pattern

Lost smart cards

Low-level KVM security