Secure

Most security books on Java focus on cryptography and access control, but exclude key aspects such as coding practices, logging, and web application risk assessment. Encapsulating security requirements for web development with the Java programming platform, Secure Java: For Web Application Development covers secure programming, risk assessment, and threat modeling—explaining how to integrate these practices into a secure software development life cycle.

From the risk assessment phase to the proof of concept phase, the book details a secure web application development process. The authors provide in-depth implementation guidance and best practices for access control, cryptography, logging, secure coding, and authentication and authorization in web application development. Discussing the latest application exploits and vulnerabilities, they examine various options and protection mechanisms for securing web applications against these multifarious threats. The book is organized into four sections:

• Provides a clear view of the growing footprint of web applications
• Explores the foundations of secure web application development and the risk management process
• Delves into tactical web application security development with Java EE
• Deals extensively with security testing of web applications

This complete reference includes a case study of an e-commerce company facing web application security challenges, as well as specific techniques for testing the security of web applications. Highlighting state-of-the-art tools for web application security testing, it supplies valuable insight on how to meet important security compliance requirements, including PCI-DSS, PA-DSS, HIPAA, and GLBA. The book also includes an appendix that covers the application security guidelines for the payment card industry standards.

This is the only book to clearly demonstrate how to get big dollar security for your network using freely available tools. This is a must have book for any company or person with a limited budget.

Network security is in a constant struggle for budget to get things done. Upper management wants thing to be secure but doesn't want to pay for it. With this book as a guide, everyone can get what they want. The examples and information will be of immense value to every small business. It will explain security principles and then demonstrate how to achieve them using only freely available software.

* Teachers you how to implement best of breed security using tools for free
* Ideal for anyone recomending and implementing new technologies within the company
* Companion Web site contains dozens of working scripts and tools

Cisco Systems, Inc. is the worldwide leader in networking for the Internet, and its Intrusion Detection Systems line of products is making in roads in the IDS market segment, with major upgrades having happened in February of 2003.

A comprehensive, up-to-date guide to the hardware and software that comprise the Cisco IDS. This book does more than show network engineers how to set up and manage this line of best selling products ... it walks them step by step through all the objectives of the Cisco Secure Intrusion Detection System course (and corresponding exam) that network engineers must pass on their way to achieving sought-after CCSP certification.

* Offers complete coverage of the Cisco Secure Intrusion Detection Systems Exam (CSIDS 9E0-100) for CCSPs

Cisco Systems, Inc. is the worldwide leader in networking for the Internet, and its Intrusion Detection Systems line of products is making in roads in the IDS market segment, with major upgrades having happened in February of 2003.

A comprehensive, up-to-date guide to the hardware and software that comprise the Cisco IDS. This book does more than show network engineers how to set up and manage this line of best selling products ... it walks them step by step through all the objectives of the Cisco Secure Intrusion Detection System course (and corresponding exam) that network engineers must pass on their way to achieving sought-after CCSP certification.

* Offers complete coverage of the Cisco Secure Intrusion Detection Systems Exam (CSIDS 9E0-100) for CCSPs

Cisco Systems, Inc. is the worldwide leader in networking for the Internet, and its Intrusion Detection Systems line of products is making in roads in the IDS market segment, with major upgrades having happened in February of 2003.

A comprehensive, up-to-date guide to the hardware and software that comprise the Cisco IDS. This book does more than show network engineers how to set up and manage this line of best selling products ... it walks them step by step through all the objectives of the Cisco Secure Intrusion Detection System course (and corresponding exam) that network engineers must pass on their way to achieving sought-after CCSP certification.

* Offers complete coverage of the Cisco Secure Intrusion Detection Systems Exam (CSIDS 9E0-100) for CCSPs

Hands-on guide combines a strong foundation in XML with proven, practical techniques for enabling the secure transmission of data across the Web. Fully documents every feature and issue involved with XML security. Softcover.

This book explores the fundamental concepts, basic theory, and key principles of 802.11 networks with roaming capabilities. Today, we increasingly expect to find public Wide Local Area Network (WLAN) 802.11 access in our airports, public spaces, and hotels, and we want to maintain our connections when we're mobile and using 802.11 WLANs.

However, 802.11 was not originally designed with roaming capabilities and can't, in its "pure" form, support seamless roaming between different hotspots and other 802.11 access points. This book details the theory behind various 802.11 extensions to permit roaming and describes how these extensions can be successfully implemented in 802.11 WLANs. Coverage of User Authentication in 802.11 is reviewed as is roaming between 802.11 and other wireless technologies. Wireless technologies and application programming interfaces are given their due with generous coverage as well.

* Offers a comprehensive treatise on Wi-Fi 802.11 roaming by comparing/contrasting it to cellular roaming theory and techniques
* Emerges as a "one stop" resource for design engineers charged with fulfilling the market need for seamless 802.11 device roaming capabilities
* Builds upon the knowledge base of a professional audience without delving into long discussions of theory long since mastered

Enterprise Java™ Security: Building Secure J2EE™ Applications provides application developers and programmers with the know-how they need to utilize the latest Java security technologies in building secure enterprise infrastructures. Written by the leading Java security experts at IBM, this comprehensive guide covers the current status of the Java™ 2 Platform, Enterprise Edition (J2EE), and Java™ 2 Platform, Standard Edition (J2SE™), security architectures and offers practical solutions and usage patterns to address the challenges of Java security.

To aid developers who need to build secure J2EE applications, Enterprise Java™ Security covers at length the J2EE security technologies, including the security aspects of servlets, JavaServer Pages(TM) (JSP™), and Enterprise JavaBeans™ (EJB™)—technologies that are at the core of the J2EE architecture. In addition, the book covers Web Services security.

Examples and sample code are provided throughout the book to give readers a solid understanding of the underlying technology.

The relationship between Java and cryptographic technologies is covered in great detail, including:

• Java Cryptography Architecture (JCA)
• Java Cryptography Extension (JCE)
• Public-Key Cryptography Standards (PKCS)
• Secure/Multipurpose Internet Mail Extensions (S/MIME)
• Java Secure Socket Extension (JSSE)

How to implement a realistic, successful game plan for safe and secure wireless LANs.

Step-by-step guidelines and best practices for deploying secure wireless LANs in an enterprise or home environment and also within community networks.
Explains all 802.11 security solutions; covers WEP, 802.11i, WPA, and EAP.
Written by a security expert: Lee Barken writes, speaks, and teaches extensively on the topic of wireless LAN technology and security.

The results of a new study from IDC offer a strong thumbs-up to the fast-evolving information security services sector, predicting that the market for such services will increase to more than $23.5 billion in the next four years. Demand for security for wireless networks will drive the growth of the information security services market. Announcements by major companies (i.e. Intel, Dell, Gateway, IBM) backing wireless technologies are setting the stage for wide-scale deployments and the ushering in a new era of wireless freedom. The bottom line is that wireless is here to stay. The integration of 802.11 into almost all new laptops, coupled with the explosion in availability of public hotspots has created a cycle of large scale wireless proliferation. This invisible, yet inescapable flood of radio waves has landed squarely in our homes and businesses where it presents a new security challenge. How do we embrace the joys of wireless networks while we maintain an essential balance with the security needs of our organization? This book is all about understanding the technology, recognizing the security risks, and implementing a responsible and realistic game plan for safe and secure wireless communication.