Synopses & Reviews
Your definitive Web Services security resource
Minimize security risks in your system by successfully rolling out secure Web Services with help from this exceptional guide. Web Services Security covers everything network security professionals need to know, including details on Web Services architecture, SOAP, UDDI, WSDL, XML Signature, XML Encryption, SAML, XACML, XKMS, and more. You'll also get implementation techniques as well as case studies featuring global service-provision initiatives such as the Liberty Alliance Project. Practical, comprehensive, and up-to-date, this is a must-have reference for every administrator interested in conquering real-life security challenges through the effective use of Web Services.
- Learn the high-level principles of security and how they apply to Web Services
- Deploy Web Services technology following practical and clear examples
- Use XKMS for validation and accountability
- Ensure data integrity by using XML Signature and XML Encryption with SOAP
- Use SAML and XACML for authentication and authorization
- Learn the major components of the evolving ebXML standard
- Gain valuable insight into the legal aspects of Web Services security--including digital signature laws, privacy issues, and application-to-application transactions
Synopsis
Publisher's Note: Products purchased from Third Party sellers are not guaranteed by the publisher for quality, authenticity, or access to any online entitlements included with the product.
Your definitive Web Services security resource
Minimize security risks in your system by successfully rolling out secure Web Services with help from this exceptional guide. Web Services Security covers everything network security professionals need to know, including details on Web Services architecture, SOAP, UDDI, WSDL, XML Signature, XML Encryption, SAML, XACML, XKMS, and more. You'll also get implementation techniques as well as case studies featuring global service-provision initiatives such as the Liberty Alliance Project. Practical, comprehensive, and up-to-date, this is a must-have reference for every administrator interested in conquering real-life security challenges through the effective use of Web Services.
- Learn the high-level principles of security and how they apply to Web Services
- Deploy Web Services technology following practical and clear examples
- Use XKMS for validation and accountability
- Ensure data integrity by using XML Signature and XML Encryption with SOAP
- Use SAML and XACML for authentication and authorization
- Learn the major components of the evolving ebXML standard
- Gain valuable insight into the legal aspects of Web Services security--including digital signature laws, privacy issues, and application-to-application transactions
Synopsis
Explains how to implement secure Web services and includes coverage of trust, confidentiality, cryptography, authentication, authorization, and Kerberos. Youll also find details on Security Assertion Markup Language (SAML), XML Key Management Specification (XKMS), XML Encryption, Hypertext Transfer Protocol-Reliability (HTTP-R) and more.
About the Author
Mark ONeill is the principal author of Web Services Security (McGraw-Hill/Osborne, 2003). Mark has written on the topic of XML and web services security in magazines such as Web Services Journal, XML Journal, Java Pro, Enterprise Architect, Infoconomy, and Technology for Finance. As Chief Technical Officer at Vordel, a pioneering vendor of XML security products, Mark has met many early adopters of XML, gathering and synthesizing their security requirements. Mark regularly presents training courses on web services security in London, California, and on the U.S. East Coast. For the past four years, he has been chosen as a speaker on the topic of XML security at the RSA Conference, the infosec industrys largest annual conference. Mark lives in an old house in Bostons up-and-coming Roslindale neighborhood, with Kristen and their two-year-old son Ben.
Table of Contents
Part I: Establishing Security and Web Services
Ch. 1: Core Security Concepts
Ch. 2: Components of Web Services
Part II: Building and Implementing Web Services Security
Ch. 3: Securing Web Services
Ch. 4: XML Encryption
Ch. 5: XML Digital Signature
Ch. 6: HTTP
Ch. 7: Transport Level Security vs. Message Based Security
Ch. 8: Authentication
Ch. 9: Kerberos
Ch. 10: Programming Toolkits
Ch. 11: Security Programming Models and Implementation Considerations
Ch. 12: Design Considerations for Securing Web Services
Part III: Emerging Web Services Security Standards
Ch. 13: Security Assertion Markup Language (SAML)
Ch. 14: XML Key Management Specification (XKMS)
Ch. 15: Hypertext Transfer Protocol-Reliability (HTTP-R)
Ch. 16: J2EE Security and Web Services
Appendix A: List of Emerging Work and Resources