Product Description
- Uncovers the steps software architects and developers will need to take in order to plan and build a real–world, secure Web services system
- Authors are leading security experts involved in developing the standards for XML and Web services security
- Focuses on XML–based security and presents code examples based on popular EJB and .NET application servers
- Explains how to handle difficult–to–solve problems such as passing user credentials and controlling delegation of those credentials across multiple applications
- Companion Web site includes the source code from the book as well as additional examples and product information
From the Back Cover
Quickly learn how to build a secure Web services system using available programming tools, models, and specifications
Web services promise to simplify business programming and to improve interoperability, but they won′t deliver on these promises without effective security. Written by the leading security experts in the field, this innovative book clearly shows how to build a real–world, secure Web services system. Using theory, examples, and practical advice, the authors examine each of the security technologies used for providing secure Web services, emphasizing how security works with XML and SOAP. And with the help of two case studies, you′ll also learn how to effectively plan and deploy a secure Web services system for both J2EE and .NET.
This book will show you how to build a secure Web services system today and anticipate the security systems of tomorrow. The authors:
∗ Discuss the measures that can be used to secure XML and SOAP messages
∗ Demonstrate ways to analyze and address Web services security needs
∗ Describe WS–Security and SAML, new security specifications that are directed at securing user data and credentials using XML
∗ Cover the different ways to create a secure .NET Web service
∗ Explain how to secure Web services when the target Web service is a J2EE application server
The companion Web site contains
∗ The complete source code from the book
∗ Additional examples and product information
Web services promise to simplify business programming and to improve interoperability, but they won′t deliver on these promises without effective security. Written by the leading security experts in the field, this innovative book clearly shows how to build a real–world, secure Web services system. Using theory, examples, and practical advice, the authors examine each of the security technologies used for providing secure Web services, emphasizing how security works with XML and SOAP. And with the help of two case studies, you′ll also learn how to effectively plan and deploy a secure Web services system for both J2EE and .NET.
This book will show you how to build a secure Web services system today and anticipate the security systems of tomorrow. The authors:
∗ Discuss the measures that can be used to secure XML and SOAP messages
∗ Demonstrate ways to analyze and address Web services security needs
∗ Describe WS–Security and SAML, new security specifications that are directed at securing user data and credentials using XML
∗ Cover the different ways to create a secure .NET Web service
∗ Explain how to secure Web services when the target Web service is a J2EE application server
The companion Web site contains
∗ The complete source code from the book
∗ Additional examples and product information
About the Author
BRET HARTMAN is Chief Technology Officer at Quadrasis, a business unit of Hitachi. He is a well–known expert on security of component systems.
DONALD J. FLINN is Chief security architect at Quadrasis and an active member of the SAML and WS–Security working groups at OASIS, which defines XML and Web services security.
KONSTANTIN BEZNOSOV, PhD, is a security architect at Quadrasis, specializing in the security design for distributed systems.
SHIRLEY KAWAMOTO is a principal security architect at Quadrasis, specializing in cryptography.
DONALD J. FLINN is Chief security architect at Quadrasis and an active member of the SAML and WS–Security working groups at OASIS, which defines XML and Web services security.
KONSTANTIN BEZNOSOV, PhD, is a security architect at Quadrasis, specializing in the security design for distributed systems.
SHIRLEY KAWAMOTO is a principal security architect at Quadrasis, specializing in cryptography.
