Book description
Anyone seeking to implement SOA Security is forced to dig through a maze of inter-dependent specifications and API docs that assume a lot of prior security knowledge on the part of readers. Getting started on a project is proving to be a huge challenge to practitioners. SOA Security seeks to change that. It provides a bottom-up understanding of security techniques appropriate for use in SOA without assuming any prior familiarity with security topics.
About the Technology
About the Book
Unlike most other books about SOA that merely describe the standards, this book helps readers learn through action, by walking them through sample code that illustrates how real life problems can be solved using the techniques and best practices described in the standards. It simplifies things: where standards usually discuss many possible variations of each security technique, this book focuses on the 20% of variations that are used 80% of the time. This keeps the material covered useful for all readers except the most advanced.
What's Inside
- Why SOA Security is different from ordinary computer security, with real life examples from popular domains such as finance, logistics, and Government
- How things work with open source tools and code examples as well as proprietary tools.
- How to implement and architect security in enterprises that use SOA. Covers WS-Security, XML Encryption, XML Signatures, and SAML.
About the Reader
About the Author
Dr. Ramarao (Rama) Kanneganti is Chief Technology Officer (CTO) at HCL EAI Services. Rama has a Ph.D. in programming languages from Rice University, and worked at Bell Labs in databases and large programming systems. Currently, he advises enterprise clients in formulating and evaluating SOA strategies. Rama works out of Grosse Pointe Woods (near Detroit), Michigan.
Prasad A. Chodavarapu is General Manager (Technology) at HCL EAI Services, Bangalore, India. Prasad leads service teams designing and deploying integration solutions at enterprises world-wide. Prasad’s current focus is on the use of application-oriented networking technologies to implement and secure SOA.
Quotes
All the security your SOA needs.
- Patrick Steger, Software Architect and Security Engineer, Zühlke Engineering AG
Table of contents
- Copyright
- Dedication
- Brief Table of Contents
- Table of Contents
- Preface
- Acknowledgments
- About this Book
- Part I. SOA basics
- Chapter 1. SOA requires new approaches to security
- Chapter 2. Getting started with web services
- Chapter 3. Extending SOAP for security
- Part II. Building blocks of SOA security
- Chapter 4. Claiming and verifying identity with passwords
- Chapter 5. Secure authentication with Kerberos
- Chapter 6. Protecting confidentiality of messages using encryption
- Chapter 7. Using digital signatures
- Part III. Enterprise SOA security
- Chapter 8. Implementing security as a service
- Chapter 9. Codifying security policies
- Chapter 10. Designing SOA security for a real-world enterprise
- Appendix A. Limitations of Apache Axis
- Appendix B. WS-SecureConversation
- Appendix C. Attaching and securing binary data in SOAP
- Appendix D. Securing SAML assertions
- Appendix E. Application-Oriented Networking (AON)
- Index
- List of Figures
- List of Tables
- List of Listings
Product information
- Title: SOA Security
- Author(s):
- Release date: December 2007
- Publisher(s): Manning Publications
- ISBN: 9781932394689
You might also like
book
Linux Server Security, Second Edition
Linux consistently appears high up in the list of popular Internet servers, whether it's for the …
book
Securing Web Services with WS-Security
Comprehensive coverage is given in this up-to-date and practical guide to Web services security--the first to …
book
Security for Service Oriented Architectures
This book examines application and security architectures, and illustrates the relationship between the two. Supplying guidance …
book
UNIX® System V Network Programming
Finally, with UNIX® System V Network Programming, an authoritative reference is available for programmers and system …