» » Securing Web Services with WS-Security: Demystifying WS-Security, WS-Policy, SAML, XML Signature, and XML Encryption

Download Securing Web Services with WS-Security: Demystifying WS-Security, WS-Policy, SAML, XML Signature, and XML Encryption fb2

by David Remy,Jothy Rosenberg

  • ISBN: 0672326515
  • Category: Technology
  • Author: David Remy,Jothy Rosenberg
  • Subcategory: Certification
  • Other formats: txt doc lit lrf
  • Language: English
  • Publisher: Sams Publishing; 1 edition (May 22, 2004)
  • Pages: 408 pages
  • FB2 size: 1170 kb
  • EPUB size: 1682 kb
  • Rating: 4.4
  • Votes: 611
Download Securing Web Services with WS-Security: Demystifying WS-Security, WS-Policy, SAML, XML Signature, and XML Encryption fb2

Jothy Rosenberg, David Remy

Jothy Rosenberg, David Remy. A pragmatic approach is taken showing which Web Services Security standards are needed when faced with a variety of security challenges.

The book explains standards: WS-Security, WS-Policy, WS-SecurePolicy and other current standards at the time of publishing (2004). However these standards are constantly evolving and this book needs to be updated on a regular basis. SOA Network Architect. 2 people found this helpful.

Using SAML with WS-Security. Applying SAML: Project Liberty. Chapter 7. Building Security into SOAP. Oracle SQL Plus: The Definitive Guide (Definitive Guides). Web Services Security. Introduction to and Motivation for WS-Security. Extending SOAP with Security. Security Tokens in WS-Security. Providing Confidentiality: XML Encryption in WS-Security. Providing Integrity: XML Signature in WS-Security. Core Security Patterns: Best Practices and Strategies for J2EE, Web Services, and Identity Management.

Rosenberg and Remy are security experts who co-founded GeoTrust, the Web site certificate authority. Lists with This Book. This book is not yet featured on Listopia. Co-author Jothy Rosenberg has created six 20-minute lessons that walk you through the new security problems that Web services create and teach you how to monitor and enforce security policy.

How This Book Is Organized. 1. Basic Concepts of Web Services Security. Web Services Basics: XML, SOAP, and WSDL.

Securing Web Services with WS-Security: Demystifying WS-Security, WS-Policy, SAML, XML Signature, and XML Encryption. Rosenberg and Remy are security experts who co-founded GeoTrust, the Web site certificate authority. How This Book Is Organized. Application Integration. Web Services Security Basics. 2. The Foundations of Web Services. The Gestalt of Web Services.

Securing Web Services with WS-Security Demystifying WS-Security, WS-Policy, SAML, XML Signature and XML Encryption jothy Rosenberg David L. Remy SAMS Sams Publishing, 800 East 96th Street, Indianapolis . Entrust is a registered trademark of Entrust, Inc. in the United States. Securing Web Services From Encryption to a Web Service Security Infrastructure.

Demystifying WS-Security, WS-Policy, SAML, XML Signature, and XML Encryption

Securing Web Services with WS-Security: Demystifying WS-Security, WS-Policy, SAML, XML Signature, and XML Encryption. Jonathan B. Rosenberg, David L. Remy. This book covers the final release of new standards SAML . and WS-Security. It contains practical examples of the industry standards XML Signature and XML Encryption. According to IBM, American Express, Sun Microsystems, and other industry leaders, well-defined security standards and procedures are a crucial element to the adoption of web services in industry. ISBN : 9780672326516.

Web Services Security (WS-Security, WSS) is an extension to SOAP to apply security to Web services. It is a member of the Web service specifications and was published by OASIS. Its main focus is the use of XML Signature and XML Encryption to provide end-to-end security.

found in the catalog. Comprehensive coverage and practical examples of the industry standards XML Signature and XML Encryption, and the first book to cover the final WS-Security and SAML . specifications. Authors Jothy Rosenberg and David Remy are security experts who co-founded GeoTrust, the Web site certificate authority and currently work for Service Integrity and BEA Systems, respectively.

Comprehensive coverage is given in this up-to-date and practical guide to Web services security--the first to cover the final release of new standards SAML 1.1 and WS-Security. Rosenberg and Remy are security experts who co-founded GeoTrust, the #2 Web site certificate authority.
Reviews about Securing Web Services with WS-Security: Demystifying WS-Security, WS-Policy, SAML, XML Signature, and XML Encryption (7):
Tejar
This book is a good introduction to the application of security to Web Services and SOA. The authors focus on "message level" security versus "transport level" security, and its application to Web Services. The book explains standards: WS-Security, WS-Policy, WS-SecurePolicy and other current standards at the time of publishing (2004).

However these standards are constantly evolving and this book needs to be updated on a regular basis.

Gary E. Smith

SOA Network Architect

SOA Networks
Monin
This book introduces everything about security in a simple but comprehensive manner. In addition to diving into web services security, it also provides good insight into structure of web services and its design fundamentals. The writing is easy to understand and overs all salient areas. It has been a handy guide for many years to me.
HelloBoB:D
Agree completely with all of the other reviewers in respect to practical working examples and detailed information. This is nothing more than a high-level overview of documentation and specifications you can easily find yourself on the internet. Look elsewhere (and yeah, I'm still looking myself) for solid information about how to design and deploy WS-* applications.
ME
Its been great my purchase. It arrived in just 3 days and i am totally satisfied with the condition of the book. This book is great for learning security aspects of the enterprise dealing with ever growing attacks, threats...

Its a must read for every one pursuing a career into JAVA J2EE development..
Ferri - My name
Page 19, "Non-repudiation" - I don't know where this explanation came from, but it is misleading and complete trash.
Page 187, Listing 6.4 - Plagiarism?: http://www.javaworld.com/article/2073287/soa/secure-web-services.html?page=2
I used this book in order to understand WS-Security, but it didn't help me much. I really had to do it on my own (that is how I found the example for plagiarism).
Therefore, reviewer Jerry Hewett said it most accurate in my opinion - this is a collection of things you can find on the Internet (not only good examples but bad examples as well).
Mezilabar
This book is perfect for those interested to know the fundamentals of XML Security and the security standards landscape for Web services. Instead of searching around the web, you may find the book as a one-stop reference for understanding WS-Security. From a developer standpoint, you may find this book as a little help only. You may need to look for a hands-on security book like 'Core Security Patterns' for learning how to implement these ever evolving standards.
Warianys
I teach a course on Web Services Security, and was in search of a good book that I could recommend to my class. This book was certainly a good find. It goes beyond the hype and chatter associated with Web Services. This book puts a very objective perspective.
What I specifically like about the book, is how it ties past lessons learnt with the current technologies and thus, helps us not repeat the mistakes. Also, throughout the book, the authors explain complex security concepts in a lucid manner and simplify (as much as possible) the intricacies of implementing secure web services. There are numerous practical insights and illustrations through out.
I would strongly recommend this book for anyone trying to implement WS-* specification based solution.
The only thing I would have liked to see in the book is an example with .NET as well. Nevertheless, the book is fairly platform independent (except for chapter 10) and both Java and .NET developers would benefit equally.
This is my personal favorite as of now. I also like Web Services Security by Mark O'Neil - but that book is slightly dated now.
This book would help you if you need an introduction to Web services security standards. If you need to know the strategies for how to implement then this book may not help much. Some of the specifications discussed in the book is not complete and there is lot of confusion in the standards committee moving forward. I bought this book before I bought the Core Security Patterns which details both the standards and patterns-based implementation strategies for Web services security. This book also needs a revision in terms of updating to SAML 2.0, WS-Security 1.1, WS-I Basic Security profile.

Related to Securing Web Services with WS-Security: Demystifying WS-Security, WS-Policy, SAML, XML Signature, and XML Encryption fb2 books: