Core Security Patterns: Best Practices and Strategies for J2EE, Web Services, and Identity Management

Index

[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Y] [Z]

Watermarking Java code

Weakest links

Web

     application load-balancing

     authentication

     redirection

    servers

         in SSL

         in use cases

         Web tier patterns

    services. [See Web services tier]

     validation

    Web tier patterns. [See Web tier]

    Web-based transactions. [See Secure Pipe pattern]

Web browser SSO Profile

Web of trust models

Web Services Definition Language (WSDL) 2nd 3rd 4th

Web Services Interoperability Organization (WS-I)

Web Services Policy Framework (WS-Policy)

Web services policy language (WSPL)

Web services tier 2nd 3rd

     architecture and building blocks

     communication styles

     core issues

     in case study 2nd 3rd 4th

     in J2EE

     in Liberty Alliance 2nd

     infrastructure

     Java-based providers

     message-layer security

     network-layer security

     operational model

     policies 2nd 3rd

     protocols stack

     references

     requirements

     SAML in

     security patterns 2nd 3rd

         best practices

         factor analysis

         Message Inspector

         Message Interceptor Gateway

         pitfalls

         references

         Secure Message Router

     standards 2nd

        WS-Security. [See WS-Security]

        XML. [See XML (Extensible Markup Language)]

     summary

     Transport-Layer Security

     WS-I security profile

Web tier

     container managed security strategy

     in case study 2nd 3rd

     in J2EE 2nd

         authentication

         authorization

         context propagation from

         HTTP session tracking

     reality checks for

     security patterns 2nd 3rd

         Authentication Enforcer

         Authorization Enforcer

         best practices

         factor analysis

         Intercepting Validator

         Intercepting Web Agent

         references

         Secure Base Action

         Secure Logger

         Secure Pipe

         Secure Service Proxy

Web.xml file

     basic HTTP authentication entry

     client certificate based authentication entry

     deployment descriptor

     form based authentication entry

WebAgent class

     in case study

     Single Sign-on Delegator pattern 2nd

Wheel edge in Security Wheel

Where in security

Which in security

White box testing

     in case study

     Secure UP 2nd 3rd

Who in security

Why in security

Wireless Toolkit (WTK) 2nd

Wireless Transport Layer Security (WTLS)

Workflow Engine

WorkflowRecipient class

wrap method 2nd

WriteAppletPolicy.policy file

WriteFileApplet.html file

WriteFileApplet.java file 2nd

WS-I (Web Services Interoperability Organization)

WS-I Security profiles

WS-Policy (Web Services Policy Framework)

WS-Security

     definitions

     encryption 2nd

     in JWSDP

     motivation

     namespaces

     SAML and REL in

     signatures

     SOAP messages

     tokens

WSDL (Web Services Definition Language) 2nd 3rd 4th

WSPL (Web services policy language)

WTK (Wireless Toolkit) 2nd

WTLS (Wireless Transport Layer Security)