Enterprise Java Security: Building Secure J2EE Applications

An Overview of Java Technology and Security As e-business matures, companies require enterprise-scalable functionality for their corporate Internet and intranet environments. To support the...

Enterprise Network Security and Java Technology Computer security must be holistic, as attackers concentrate on the weakest links. Therefore, the security of a system...

Enterprise Java Security Fundamentals The J2EE platform has achieved remarkable success in meeting enterprise needs, resulting in its widespread adoption. The security infrastructure plays...

Servlet and JSP Security An enterprise solution has come to be considered incomplete if the applications it enables cannot be accessed over the Web....

EJB Security No enterprise solution is complete without the ability to model business processes and perform transactions. These transactions may use existing, or legacy,...

Enterprise Java Security Deployment Scenarios The J2EE security model forms a fundamental building block for secure enterprise systems. Such a specification needs to be...

J2SE Security Fundamentals Java technology is not just for applets any more. Developers now use Java technology to build stand-alone, enterprise-class applications to enable...

The Java 2 Permission Model The Java programming language has been one of the fastest-growing technologies in use on the Internet. The Java advantage...

Authentication and Authorization with JAAS Enterprise authentication and authorization requirements can be fairly complex. To make matters worse, all applications or solutions in a...

The Theory of Cryptography One of the essential ingredients of e-business and enterprise computing is cryptography. Cryptography plays a critical role in J2SE and...

The Java 2 Platform and Cryptography From JDK V1.1 onward, Java provides general-purpose APIs and service provider interfaces (SPIs) for cryptographic functions, collectively known...

PKCS and S/MIME in J2EE Public-Key cryptography is seeing wide application and acceptance in e-business applications. One thing is increasingly clear: If public-key cryptography...

The SSL and TLS Protocols in a J2EE Environment In on page 377, we discussed the capabilities for invoking cryptographic functions from within Java...

Enterprise Security for Web Services The eXtensible Markup Language (XML), because of its simplicity and flexibility, is expected to facilitate Internet business-to-business (B2B) messaging....

Security Considerations for Container Providers Any sound specification should be backed by a solid implementation that adheres to the specification; is secure, reliable, and...

Epilogue In this book, we have described the security of the Java 2 Enterprise Edition platform. After introducing the general concepts of Java and...