Enterprise Java Security: Building Secure J2EE Applications

The eXtensible Markup Language (XML), because of its simplicity and flexibility, is expected to facilitate Internet business-to-business (B2B) messaging. One big concern that enterprises have...

One of the appeals of is its structured semantics and schema-driven nature, which allows creating an abstraction from computer-based security terms to more human-readable...

[5] is a simple, lightweight, and extendable XML-based mechanism for exchanging structured data between network applications on top of widely used Internet standards, such as...

[7] is essentially an XML interface definition language (IDL) that provides a way to describe the function and the interface of a service. An IDL...

The Web Services model proposes to use the widely available public Internet for conducting business transactions. The notion of conducting business on a public network...

When existing applications evolve into Web services, some of the security constraints and trust models of those applications will need to be carried forward and...

Web services can be accessed by sending SOAP messages to service end points identified by URIs, requesting specific actions, and receiving SOAP-message responses, including fault...

This section examines two patterns of evolving Web services from existing Web applications. One pattern is the browser-to-server pattern, which wraps an existing application as a...

Let us take a very simple scenario whereby a travel agency system contacts an airlines reservation system in order to complete a travel transaction request....

In the previous section, we showed how loosely coupled applications can be integrated to provide a Web Services-based e-business solution. Users can invoke Web services...

Security Considerations A Web Services security model should address security issues starting from an end client to a target service, including the intermediary services that route...

Futures As work to secure Web services continues, we can also consider this an opportunity to evaluate Web Services offerings through the lens of risk assessment....