Bestselling and bargain books: Security and Encryption |
Books -> Security and Encryption
Securing Web Services with WS-Security : Demystifying WS-Security, WS-Policy, SAML, XML Signature, and XML Encryption
Published: May 12, 2004
Read More, Buy It
From the Inside Flap
From the Forewords:
The great promise of Web services will never be realized unless they are proven to be reliable, available, and have the appropriate level of security. Rosenberg and Remy are among the first to accurately
portray Web Services Security by addressing how to apply the correct amount and types of security solutions.
The security issues that apply to Web services are similar to those surrounding other technology solutions and systems. Business
applications deployed as Web services need to incorporate security building blocks including authentication, authorization, confidentiality, availability and reliability, fraudulent transactions, nonrepudiation, compliance, and auditing and monitoring.
Rosenberg and Remy have not only clearly defined Web Services Security, but they also have put together a great roadmap on how to properly deploy secure Web services at all levels. I hope you find this book as enlightening and informative as I did.
--M. Greg Shanton, AMS, Inc.
...This book makes it quite a bit easier to comprehend all the facets of Web Services Security; plus, it aggregates information on all the underlying and associated security technologies that WS-Security relies on,
such as SSL, PKI, XKMS, SAML, and a host of other acronyms. It's a reference book that I intend to keep handy.
In all my conversations with enterprise companies, security reigns as the number one concern in their plans to deploy Web services. And I
can't blame them. Without a proper security infrastructure in place, Web services can expose sensitive corporate processes and information and leave a company open to risk and malfeasance--from both internal and external perpetrators.
network-layer and perimeter security tactics, such as SSL, proxy servers, and firewalls, aren't sufficient to protect IT systems anymore... Developers need to be prepared to start using WS-Security and SAML. This book is a great place to start.
--Anne Thomas Manes, Burton Group
You know how to build Web service applications using XML, SOAP, and WSDL, but can you ensure that those applications are secure? Standards development groups such as OASIS and W3C have
released several specifications designed to provide security - but how do you combine them in working applications?
"Securing Web Services with WS-Security" will help you take your Web services securely to production, with insight into the latest
security standards including
- WS-Security, a model that defines how to put security specifications into practice
- XML Encryption to ensure confidentiality
- XML Signature to ensure data integrity
- Security Assertion Markup Language (SAML)
to authenticate and authorize users
- WS-Policy to set policies across trust domains
Jothy Rosenberg and David Remy, both business, technology, and security visionaries, demystify these standards with practical examples including a fully developed
case study application showing these tools at work. A pragmatic approach is taken showing which Web Services Security standards are needed when faced with a variety of security challenges. The authors understand that security remains one of the largest
remaining impediments to deploying major Web services in business-critical situations. The goal of this book is to begin to remove those impediments by providing a detailed understanding of all the available security technologies and how and when to
Read More, Buy It