Enterprise Java(TM) Security: Building Secure J2EE(TM) Applications provides application developers and programmers with the know-how they need to utilize the latest Java security technologies in building secure enterprise infrastructures. Written by the leading Java security experts at IBM, this comprehensive guide covers the current status of the Java(TM) 2 Platform, Enterprise Edition (J2EE), and Java(TM) 2 Platform, Standard Edition (J2SE(TM)), security architectures and offers practical solutions and usage patterns to address the challenges of Java security.
To aid developers who need to build secure J2EE applications, Enterprise Java(TM) Security covers at length the J2EE security technologies, including the security aspects of servlets, JavaServer Pages(TM) (JSP(TM)), and Enterprise JavaBeans(TM) (EJB(TM))--technologies that are at the core of the J2EE architecture. In addition, the book covers Web Services security.
Examples and sample code are provided throughout the book to give readers a solid understanding of the underlying technology.
The relationship between Java and cryptographic technologies is covered in great detail, including:
- Java Cryptography Architecture (JCA)
- Java Cryptography Extension (JCE)
- Public-Key Cryptography Standards (PKCS)
- Secure/Multipurpose Internet Mail Extensions (S/MIME)
- Java Secure Socket Extension (JSSE)
About the Author: Marco Pistoia is a Research Staff Member in the Java and Web Services Security department at the IBM T. J. Watson Research Center in Yorktown Heights, New York. He has written ten books and several conference papers and journal articles, and has also presented worldwide on all areas of Java and e-business security. Most recently, he was the lead author of the book Java 2 Network Security, Second Edition (Prentice Hall, 1999).
Nataraj Nagaratnam is a Senior Technical Staff Member and the lead security architect for IBM's WebSphere software family in Raleigh, North Carolina. He has coauthored the Web Services security specifications and actively participates in the Java community process on the topics related to J2EE security. He was the lead author of one of the first books on Java networking, Java Networking and AWT API SuperBible (Waite Group Press, 1996).
Larry Koved is a Research Staff Member and the manager of the Java and Web Services Security department at the IBM T. J. Watson Research Center in Yorktown Heights, New York. He was actively involved in the design of JAAS and the EJB V1.1 security architecture, has published over twenty-five articles and technical reports, and has presented at conferences worldwide.
Anthony Nadalin is a Senior Technical Staff Member and IBM Software Group's lead security architect for Java and Web Services in Austin, Texas. He is responsible for security infrastructure design and development across IBM, Tivoli, and Lotus. He has authored and coauthored over thirty technical journal and conference articles, as well as the book Java and Internet Security (iUniverse.com, 2000).
0321118898AB01122004
