Security for service oriented architectures. (2014)
- Record Type:
- Book
- Title:
- Security for service oriented architectures. (2014)
- Main Title:
- Security for service oriented architectures
- Further Information:
- Note: Walter Williams.
- Authors:
- (Telecommunications engineer), Williams, Walter
- Contents:
- Introduction; ; Four Kinds of Architectures ; Architecture; Infrastructure; Software Architectures; 2.3.1 Key Principles; 2.3.2 Presentation Layer; 2.3.3 Business Layer; 2.3.4 Data Layer; 2.3.5 Workflow; 2.3.6 Communications and Messaging; 2.3.7 Service Layer; Service-Oriented Architecture; 2.4.1 Distributed Computing and Services; 2.4.2 Process-Oriented SOA; 2.4.3 Web Services or an Externally Focused SOA; 2.4.4 Enterprise Service Bus; Security Architecture; 2.5.1 Construction of a Security Architecture; 2.5.2 Risk Management; 2.5.3 Organization and Management; 2.5.4 Third Parties; 2.5.5 Asset Management; 2.5.6 Information Classification; 2.5.7 Identity Management; 2.5.8 Security Awareness and Training; 2.5.9 Physical Security; 2.5.10 Communications and Operations Management; 2.5.11 Perimeters and Partitioning; 2.5.12 Access Control; 2.5.13 Authentication; 2.5.14 Authorization; 2.5.15 Separation of Duties; 2.5.16 Principles of Least Privilege and Least Authority; 2.5.17 Systems Acquisition, Development, and Maintenance; 2.5.18 Confidentiality Models; 2.5.18.1 Lattice Models; 2.5.19 Nonrepudiation; 2.5.20 Integrity Models; 2.5.21 Service Clark–Wilson Integrity Model; 2.5.22 Security Assessments and Audits; 2.5.23 Incident Management; 2.5.24 Business Continuity; 2.5.25 Compliance; Data Architectures; ; Implementing and Securing SOA; Web Services; Extensible Markup Language; 3.2.1 Signing XML; 3.2.1.1 X ML Digital Signature; 3.2.2 X ML Encryption; 3.2.3 Key Management; 3.2.3.1Introduction; ; Four Kinds of Architectures ; Architecture; Infrastructure; Software Architectures; 2.3.1 Key Principles; 2.3.2 Presentation Layer; 2.3.3 Business Layer; 2.3.4 Data Layer; 2.3.5 Workflow; 2.3.6 Communications and Messaging; 2.3.7 Service Layer; Service-Oriented Architecture; 2.4.1 Distributed Computing and Services; 2.4.2 Process-Oriented SOA; 2.4.3 Web Services or an Externally Focused SOA; 2.4.4 Enterprise Service Bus; Security Architecture; 2.5.1 Construction of a Security Architecture; 2.5.2 Risk Management; 2.5.3 Organization and Management; 2.5.4 Third Parties; 2.5.5 Asset Management; 2.5.6 Information Classification; 2.5.7 Identity Management; 2.5.8 Security Awareness and Training; 2.5.9 Physical Security; 2.5.10 Communications and Operations Management; 2.5.11 Perimeters and Partitioning; 2.5.12 Access Control; 2.5.13 Authentication; 2.5.14 Authorization; 2.5.15 Separation of Duties; 2.5.16 Principles of Least Privilege and Least Authority; 2.5.17 Systems Acquisition, Development, and Maintenance; 2.5.18 Confidentiality Models; 2.5.18.1 Lattice Models; 2.5.19 Nonrepudiation; 2.5.20 Integrity Models; 2.5.21 Service Clark–Wilson Integrity Model; 2.5.22 Security Assessments and Audits; 2.5.23 Incident Management; 2.5.24 Business Continuity; 2.5.25 Compliance; Data Architectures; ; Implementing and Securing SOA; Web Services; Extensible Markup Language; 3.2.1 Signing XML; 3.2.1.1 X ML Digital Signature; 3.2.2 X ML Encryption; 3.2.3 Key Management; 3.2.3.1 Key Information; 3.2.3.2 Location; 3.2.3.3 Validation; 3.2.3.4 Binding; 3.2.3.5 Key Registration; 3.2.4 X ML and Databases; 3.2.4.1 A Database Query Language for XML; 3.2.4.2 X ML Databases; 3.2.5 UDDI; 3.2.6 WSDL; SOAP; 3.3.1 SOAP Roles and Nodes; 3.3.2 SOAP Header Blocks; 3.3.3 SOAP Fault; 3.3.4 SOAP Data Model 9; 3.3.5 SOAP Encoding; 3.3.6 Bindings; 3.3.7 Documents and RPC; 3.3.8 Messaging ; WS-Security; 3.4.1 WS-Trust; 3.4.2 WS-Policy; 3.4.3 WS-SecureConversation; 3.4.4 WS-Privacy and the P3P Framework; 3.4.4.1 POLICIES; 3.4.5 WS-Federation; 3.4.5.1 Pseudonyms; 3.4.5.2 Authorization; 3.4.6 Authorization without WS-Federation; 3.4.7 WS-Addressing; 3.4.8 WS-ReliableMessaging; 3.4.9 WS-Coordination; 3.4.10 WS-Transaction; SAML; 3.5.1 Assertions; 3.5.2 Protocol; 3.5.2.1 Assertion Query and Request Protocol; 3.5.2.2 Authentication Request Protocol; 3.5.2.3 Artifact Resolution Protocol; 3.5.2.4 Name Identifier; Management Protocol; 3.5.2.5 Single-Logout Protocol; 3.5.2.6 Name Identifier Mapping Protocol; 3.5.3 Authentication Context; 3.5.4 Bindings; 3.5.5 Profiles; 3.5.6 Metadata; 3.5.7 Versions; 3.5.8 Security and Privacy Considerations; Kerberos; x509v3 Certificates; OpenID; ; Web 2.0 ; HTTP; REST; WebSockets; ; Other SOA Platforms ; DCOM; CORBA; DDS; WCF; .Net Passport, Windows LiveID; WS-BPEL; ; Auditing Service-Oriented Architectures; Penetration Testing; 6.1.1 Reconnaissance; 6.1.2 I njection Attacks; 6.1.3 Attacking Authentication; 6.1.4 Attacking Authorization; 6.1.5 Denial-of-Service Attacks; 6.1.6 Data Integrity; 6.1.7 Malicious Use of Service or Logic Attacks; 6.1.8 Poisoning XML Schemas; ; Defending and Detecting Attacks ; SSL/TLS; Firewalls, IDS, and IPS; ; Architecture ; Example 1; Example 2; Example 3; Example 4; ; Bibliography; ; Index ; … (more)
- Edition:
- 1st
- Publisher Details:
- Boca Raton : Auerbach
- Publication Date:
- 2014
- Extent:
- 1 online resource, illustrations (black and white)
- Subjects:
- 005.8
Service-oriented architecture (Computer science)
Computer networks -- Security measures
Computer security - Languages:
- English
- ISBNs:
- 9781466584044
- Related ISBNs:
- 9781466584020
- Notes:
- Note: Includes bibliographical references.
Note: Description based on CIP data; item not viewed. - Access Rights:
- Legal Deposit; Only available on premises controlled by the deposit library and to one user at any one time; The Legal Deposit Libraries (Non-Print Works) Regulations (UK).
- Access Usage:
- Restricted: Printing from this resource is governed by The Legal Deposit Libraries (Non-Print Works) Regulations (UK) and UK copyright law currently in force.
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library HMNTS - ELD.DS.143866
- Ingest File:
- 02_185.xml