| |
| |
Preface | |
| |
| |
Acknowledgments | |
| |
| |
| |
Introduction to Security | |
| |
| |
| |
Security Basics | |
| |
| |
Introduction | |
| |
| |
Protecting Your Information in Today's World | |
| |
| |
The Four Pillars of Security | |
| |
| |
Mapping Security Features to the Digital World | |
| |
| |
Summary | |
| |
| |
| |
Hackers and Their Tools | |
| |
| |
Introduction | |
| |
| |
Looking for the Hack | |
| |
| |
Different Types of Hacks and How They Work | |
| |
| |
Understanding Network Attacks | |
| |
| |
Protecting Against Hackers | |
| |
| |
Summary | |
| |
| |
| |
Java Security Components | |
| |
| |
Introduction | |
| |
| |
Categorizing Security Elements | |
| |
| |
Categorizing Security Components in Java | |
| |
| |
How Do the Components Fit Together? | |
| |
| |
Summary | |
| |
| |
| |
Identity and Authentication | |
| |
| |
| |
Key Management Algorithms | |
| |
| |
Introduction | |
| |
| |
Understanding the Purpose of Keys | |
| |
| |
Understanding the Mathematics | |
| |
| |
Symmetric versus Asymmetric Keys | |
| |
| |
The Diffie-Hellman Key Exchange | |
| |
| |
The Rivest, Shamir, and Adleman Key Exchange | |
| |
| |
The Future of Key Exchanges | |
| |
| |
Summary | |
| |
| |
| |
Elliptic Curve Cryptography | |
| |
| |
Introduction | |
| |
| |
Understanding the Mathematics of ECC | |
| |
| |
The ECCDH Key Exchange | |
| |
| |
Summary | |
| |
| |
| |
Key Management Through the Internet Protocol | |
| |
| |
Introduction | |
| |
| |
The Internet Protocol Security Protocol | |
| |
| |
The Simple Authentication and Security Layer | |
| |
| |
Summary | |
| |
| |
| |
Implementing Keys with Java | |
| |
| |
Introduction | |
| |
| |
Understanding DSA: The Digital Signature Algorithm | |
| |
| |
Generating Key Pairs with Java | |
| |
| |
Generating the Secret Key with Java | |
| |
| |
Summary | |
| |
| |
| |
Java Implementation of Key Management | |
| |
| |
Introduction | |
| |
| |
KeyStore | |
| |
| |
PKCS #12 KeyStore | |
| |
| |
Truststore | |
| |
| |
TrustManager | |
| |
| |
Policy File | |
| |
| |
Policytool | |
| |
| |
Summary | |
| |
| |
| |
Data Integrity | |
| |
| |
| |
Ensuring Data Integrity | |
| |
| |
Introduction | |
| |
| |
Understanding the Hash Function | |
| |
| |
Understanding the Message Digest | |
| |
| |
Understanding the Different Message Digest Algorithms | |
| |
| |
Implementing the Different Message Digest Algorithms in Java | |
| |
| |
Summary | |
| |
| |
| |
Ensuring Message Authentication | |
| |
| |
Introduction | |
| |
| |
Understanding the MAC | |
| |
| |
Implementing the MAC | |
| |
| |
Summary | |
| |
| |
| |
Signature Integrity | |
| |
| |
Introduction | |
| |
| |
Understanding the Digital Signature Algorithm (DSA) | |
| |
| |
Understanding the RSA Digital Signature Algorithm | |
| |
| |
Understanding the Elliptic Curve Digital Signature Algorithm | |
| |
| |
Implementing the Digital Signature Algorithm (DSA) | |
| |
| |
Summary | |
| |
| |
| |
Data Hiding | |
| |
| |
| |
Understanding Ciphers | |
| |
| |
Introduction | |
| |
| |
Understanding Symmetric Ciphers | |
| |
| |
Implementing RSA Public Key Encryption | |
| |
| |
Some Security Suggestions | |
| |
| |
Summary | |
| |
| |
| |
Extending New Ciphers with the JDK | |
| |
| |
Introduction | |
| |
| |
Implementing a CipherSpi | |
| |
| |
Implementing the RC4 Stream Cipher | |
| |
| |
Summary | |
| |
| |
| |
Applying Ciphers | |
| |
| |
Introduction | |
| |
| |
Understanding PBE | |
| |
| |
Understanding Blowfish | |
| |
| |
Some Implementations in Ciphers | |
| |
| |
Java Smart Card Basics | |
| |
| |
Summary | |
| |
| |
| |
Resource Access Using Java | |
| |
| |
| |
Securing Enterprise Resources | |
| |
| |
Common Criteria for Security Systems | |
| |
| |
Understanding Your Security Needs | |
| |
| |
Fulfilling Your Security Requirements | |
| |
| |
Summary | |
| |
| |
| |
Java Authentication and Authorization Through Kerberos | |
| |
| |
Introduction to Kerberos | |
| |
| |
Principal Names and Key Distribution Center | |
| |
| |
The Kerberos Authenticator | |
| |
| |
The Kerberos Principal Database | |
| |
| |
Java Kerberos | |
| |
| |
Summary | |
| |
| |
| |
Securing Messages with the Java GSS-API | |
| |
| |
Introduction | |
| |
| |
Implementing the GSS with Initiators and Acceptors | |
| |
| |
Authenticating with JAAS | |
| |
| |
Summary | |
| |
| |
| |
Java Access: The Security Manager | |
| |
| |
Introduction | |
| |
| |
The Class Loader | |
| |
| |
The Security Manager | |
| |
| |
The Access Controller | |
| |
| |
The Policy | |
| |
| |
The Permission Collection | |
| |
| |
Summary | |
| |
| |
| |
Java Authentication and Authorization Service | |
| |
| |
What Is JAAS? | |
| |
| |
Using Authentication | |
| |
| |
Understanding JAAS Authorization | |
| |
| |
Summary | |
| |
| |
| |
Enterprise Data Security | |
| |
| |
| |
Working with Database Security | |
| |
| |
Introduction | |
| |
| |
Connecting Your Database through JDBC | |
| |
| |
Connecting Your Database through the Connector Architecture | |
| |
| |
Securing Enterprise Data in the Database | |
| |
| |
Summary | |
| |
| |
| |
Network Access | |
| |
| |
| |
Network Security Architecture | |
| |
| |
Understanding Network Security | |
| |
| |
Network Concepts Overview | |
| |
| |
Firewalls | |
| |
| |
De-Militarized Zones (DMZs) | |
| |
| |
Understanding Proxying Firewalls | |
| |
| |
HTTP Tunneling | |
| |
| |
Java Sockets | |
| |
| |
Summary | |
| |
| |
| |
SSL and TLS | |
| |
| |
The Secure Socket Layer (SSL) | |
| |
| |
The SSL Layers | |
| |
| |
SSL Sessions and Connections | |
| |
| |
Security and Attacks | |
| |
| |
HTTPS: HTTP over SSL | |
| |
| |
WLS | |
| |
| |
Summary | |
| |
| |
| |
Java Secure Socket Extension | |
| |
| |
JSSE Architecture | |
| |
| |
Summary | |
| |
| |
| |
Public Key Management | |
| |
| |
| |
Java Digital Certificates | |
| |
| |
Introduction to Digital Certificates | |
| |
| |
A Quick Overview of X.500 | |
| |
| |
The X.509 Specification | |
| |
| |
Certificate Revocation | |
| |
| |
Summary | |
| |
| |
| |
PKI Management | |
| |
| |
Introduction | |
| |
| |
Certificate Chaining | |
| |
| |
X.500 | |
| |
| |
LDAP | |
| |
| |
Certificate Components | |
| |
| |
Certificate Path Validation | |
| |
| |
Non-repudiation | |
| |
| |
Summary | |
| |
| |
| |
Enterprise Access | |
| |
| |
| |
Java Enterprise Security and Web Services Security | |
| |
| |
Introduction | |
| |
| |
Java Security Models | |
| |
| |
Java Permissions | |
| |
| |
Enterprise Component Models | |
| |
| |
Understanding Web Services | |
| |
| |
Summary | |
| |
| |
| |
Securing Client-Side Components | |
| |
| |
Introduction | |
| |
| |
Exploring Java Directory Services | |
| |
| |
Using Authentication | |
| |
| |
Using Access Control | |
| |
| |
Working with Client-Side Security | |
| |
| |
Using Servlets | |
| |
| |
Using Java Server Pages | |
| |
| |
Client-Side Code Example | |
| |
| |
Summary | |
| |
| |
| |
Securing Server-Side Components | |
| |
| |
Introduction | |
| |
| |
Securing Your Enterprise with CORBA | |
| |
| |
RMI | |
| |
| |
Enterprise Security with EJBs | |
| |
| |
Server-side code example | |
| |
| |
Summary | |
| |
| |
| |
Application Security with Java | |
| |
| |
BEA's WebLogic Basics | |
| |
| |
IBM's WebSphere Basics | |
| |
| |
Borland's Enterprise Server Basics | |
| |
| |
Summary | |
| |
| |
Index | |