Register your product to gain access to bonus material or receive a coupon.
Securing Web Services with WS-Security: Demystifying WS-Security, WS-Policy, SAML, XML Signature, and XML Encryption
- By Jothy Rosenberg, David Remy
- Published May 12, 2004 by Sams.
eBook
- Your Price: $34.39
- List Price: $42.99
- About Watermarked eBooks
This PDF will be accessible from your Account page after purchase and requires PDF reading software, such as Acrobat® Reader®.
The eBook requires no passwords or activation to read. We customize your eBook by discreetly watermarking it with your name, making it uniquely yours.
Description
- Copyright 2004
- Edition: 1st
- eBook
- ISBN-10: 0-7686-6354-7
- ISBN-13: 978-0-7686-6354-9
Comprehensive coverage is given in this up-to-date and practical guide to Web services security--the first to cover the final release of new standards SAML 1.1 and WS-Security. Rosenberg and Remy are security experts who co-founded GeoTrust, the #2 Web site certificate authority.
Sample Content
Table of Contents
Forewords.
Introduction.
Who This Book Is For. About This Book. How This Book Is Organized.
1. Basic Concepts of Web Services Security.
Web Services Basics: XML, SOAP, and WSDL. Application Integration. Security Basics. Web Services Security Basics. Summary.
2. The Foundations of Web Services.
The Gestalt of Web Services. XML: Meta-Language for Data-Oriented Interchange. SOAP: XML Messaging and Remote Application Access. WSDL: Schema for XML/SOAP Objects and Interfaces. UDDI: Publishing and Discovering Web Services. ebXML and RosettaNet: Alternative Technologies for Web Services. The Web Services Security Specifications. Summary.
3. The Foundations of Distributed Message-Level Security.
The Challenges of Information Security for Web Services. Shared Key Technologies. Public Key Technologies. Summary.
4. Safeguarding the Identity and Integrity of XML Messages.
Introduction To and Motivation for XML Signature. XML Signature Fundamentals. XML Signature Structure. XML Signature Processing. The XML Signature Elements. Security Strategies for XML Signature. Summary.
5. Ensuring Confidentiality of XML Messages.
Introduction to and Motivation for XML Encryption. XML Encryption Fundamentals. XML Encryption Structure. XML Encryption Processing. Using XML Encryption and XML Signature Together. Summary.
6. Portable Identity, Authentication, and Authorization.
Introduction to and Motivation for SAML. How SAML Works. Using SAML with WS-Security. Applying SAML: Project Liberty. Summary.
7. Building Security into SOAP.
Introduction to and Motivation for WS-Security. Extending SOAP with Security. Security Tokens in WS-Security. Providing Confidentiality: XML Encryption in WS-Security. Providing Integrity: XML Signature in WS-Security. Message Time Stamps. Summary.
8. Communicating Security Policy.
WS-Policy. The WS-Policy Framework. WS-SecurityPolicy. Summary.
9. Trust, Access Control, and Rights for Web Services.
The WS-* Family of Security Specifications. XML Key Management Specification (XKMS). eXtensible Access Control Markup Language (XACML) Specification. eXtensible Rights Markup Language (XrML) Management Specification. Summary.
10. Building a Secure Web Service Using BEA's WebLogic Workshop.
Security Layer Walkthrough. WebLogic Workshop Web Service Walkthrough. Summary.
Appendix A. Security, Cryptography, and Protocol Background Material.
The SSL Protocol. Testing for Primality. RSA Cryptography. DSA Digital Signature Algorithms. Block Cipher Processing. DES Encryption Algorithm. AES Encryption Algorithm. Hashing Details and Requirements. SHA1. Silvio Micali's Fast Validation/Revocation. Canonicalization of Messages for Digital Signature Manifests. Base-64 Encoding. PGP.
Glossary.
Index.