Wonder Club world wonders pyramid logo
×
WonderClub View Shopping Cart Button

Hacking Exposed J2ee & Java Book

Hacking Exposed J2ee & Java
Hacking Exposed J2ee & Java, Application security is a highly complex topic with new vulnerabilities surfacing every day. Break-ins, fraud, sabotage, and DoS attacks are on the rise, and quickly evolving Java-based technology makes safeguarding enterprise applications more challengin, Hacking Exposed J2ee & Java has a rating of 3.5 stars
   2 Ratings
X
Hacking Exposed J2ee & Java, Application security is a highly complex topic with new vulnerabilities surfacing every day. Break-ins, fraud, sabotage, and DoS attacks are on the rise, and quickly evolving Java-based technology makes safeguarding enterprise applications more challengin, Hacking Exposed J2ee & Java
3.5 out of 5 stars based on 2 reviews
5
0 %
4
50 %
3
50 %
2
0 %
1
0 %
Digital Copy
PDF format
1 available   for $99.99
Original Magazine
Physical Format

Sold Out

  • Hacking Exposed J2ee & Java
  • Written by author Brian Buege
  • Published by McGraw-Hill/OsborneMedia, September 2002
  • Application security is a highly complex topic with new vulnerabilities surfacing every day. Break-ins, fraud, sabotage, and DoS attacks are on the rise, and quickly evolving Java-based technology makes safeguarding enterprise applications more challengin
  • Offers advice on protecting Java applications from internal attacks, whether malicious or accidental. Written for experienced Java developers, the guide explores encryption, authentication, the dangers of reverse engineering and remote method invocation,
Buy Digital  USD$99.99

WonderClub View Cart Button

WonderClub Add to Inventory Button
WonderClub Add to Wishlist Button
WonderClub Add to Collection Button

Book Categories

Authors

Acknowledgmentsxiii
Introductionxv
Case Studyxxi
Part IJ2EE Architecture and Technology Introduction
1The Java Basics: Security from the Ground Up3
Java Then and Now4
Java Language Architecture5
The Java Virtual Machine5
An Interpreted Language: Java Bytecodes6
The Java Class Loader and Built-in Security6
Other Language Features7
Java Security Architecture7
Protection Domains8
Security Controls for Java Class Loading10
Java Permissions12
Java Security Policies13
The Java Security Properties File14
The Java Security Policy File15
Security Manager Checking18
Java Principals and Subjects19
Summary20
2Introduction to JAAS, JCE, and JSSE21
Java Authentication and Authorization Services (JAAS)22
JAAS Architecture23
JAAS Authentication24
JAAS Authorization38
Java Encryption41
Encryption Fundamentals41
Java Cryptography Extension (JCE)43
The Keytool Utility46
Java Secure Sockets Extension (JSSE)48
SSL Fundamentals48
Library and Certificate Installation49
JSSE Demonstration Program50
Securing JAR Files56
The jarsigner Utility57
The Sealed Directive57
Summary58
3J2EE Architecture and Security59
Middleware and Distributed Software Components60
Middleware Development60
Multitiered Application Development61
The Multitiered Environment62
J2EE Multitiered Technologies63
Web Tier Components: Servlets and JSP65
Servlets65
JSP69
JSP Use70
Business Tier Components: EJBs71
Services Provided by the EJB Container71
Types of EJBs73
EJB Deployment75
Development Roles with J2EE75
EJB Development78
Other J2EE APIs85
EJB Security Architecture87
Principals and Roles87
Declarative Security and Programmatic Security88
System-Level Security89
Security on the Presentation Tier89
Security on the Business Tier92
Defining Security Roles92
Mapping Roles93
Assigning Principals to Roles94
Security for Resources95
Summary97
Part IIJava Application and Network Security
4Using Encryption and Authentication to Protect an Application101
Application Security: The Process102
System-level versus Application-level Security102
Application Security Techniques103
The Dangers of Storing Data Locally104
Summary134
5Software Piracy and Code Licensing Schemes137
The Dangers of Code Misuse138
Another Licensing Strategy147
Secret Key Storage148
Summary156
6The Exposure of Bytecodes157
The Dangers of Reverse-Engineering158
The Dangers of Embedded Strings178
Summary180
7Hacking Java Client-Server Applications: Another Tier to Attack181
The Client-Server Implementation182
The Dangers of A Client-Server Architecture183
Watching the Basket: Application Database Security185
Securing the Database Connection187
Protecting the Client-Tier201
Protecting Applet-based Clients213
Protecting WebStart-based Clients227
Summary233
8Java Network Applications: Potential Security Flaw Attacks235
The Dangers of RMI236
The Original RMI Application236
Encrypting the Account Number and Balance245
Using an SSL Connection between the Client and Server252
Implementing Challenge/Response Authentication257
Using an Authenticated Communications Channel260
The Dangers of Loading Class and JAR Files Remotely274
Summary276
Part IIIJ2EE Security on the Web and Business Tiers
9This is .WAR: Exploiting Java Web Tier Components279
The Sample Application: Web-Enabled281
Implementing our Cache-Control Strategy315
Summary319
10Shaking the Foundation: Web Container Strengths and Weaknesses321
The Effects of Directory Listing322
The Invoker Servlet324
Stealing a Session328
Generating a Server Key331
Enabling HTTPS in Tomcat332
Testing the Installation333
Adding a Transport Guarantee334
Client Certificate Authentication335
Configuring Tomcat to use SSL with Client Authentication336
Container Authentication Using a Client Certificate337
Dealing with Overlapping Application Roles342
Summary345
11Java Web Services Security347
Web Services in Java348
Web Services Technologies349
The Web Services Developer Pack350
The Web Services-Enabled Application Implementation351
The Retirement Web Services Suite: Server Side352
The Retirement Web Services Suite: Client Side355
Web Services Application Vulnerabilities358
Requiring SSL Connections361
Implementing HTTP Authentication366
Disabling WSDL Distribution368
Enabling Programmatic Authorization370
Passing Database Passwords As Context Parameters373
Web Services Workflow Security374
The Future of Web Services Security378
SOAP Security Extensions: Digital Signature378
WS-Security379
Summary380
12Enterprise Java Beans: Security for the Business Tier381
The EJB Application Implementation382
The EJB Persistence Service383
The Get and Set Balance Methods384
The Beans385
EJB Application Vulnerabilities389
Common Pitfalls When Using Message-Driven Beans400
The Message-Driven Bean Implementation401
Summary411
Index413

Login

   |  

Complaints

   |  

Blog

   |  

Games

   |  

Digital Media

   |  

Souls

   |  

Obituary

   |  

Contact Us

   |  

FAQ

CAN'T FIND WHAT YOU'RE LOOKING FOR? CLICK HERE!!!

X
WonderClub Home

This item is in your Wish List

Hacking Exposed J2ee & Java, Application security is a highly complex topic with new vulnerabilities surfacing every day. Break-ins, fraud, sabotage, and DoS attacks are on the rise, and quickly evolving Java-based technology makes safeguarding enterprise applications more challengin, Hacking Exposed J2ee & Java

View Wish List
Remove from List
Continue Shopping
X
WonderClub Home

This item is in your Collection

Hacking Exposed J2ee & Java, Application security is a highly complex topic with new vulnerabilities surfacing every day. Break-ins, fraud, sabotage, and DoS attacks are on the rise, and quickly evolving Java-based technology makes safeguarding enterprise applications more challengin, Hacking Exposed J2ee & Java

Hacking Exposed J2ee & Java

View Collection
Remove from Collection
Edit Collection
Continue Shopping
X
WonderClub Home

This Item is in Your Inventory

Hacking Exposed J2ee & Java, Application security is a highly complex topic with new vulnerabilities surfacing every day. Break-ins, fraud, sabotage, and DoS attacks are on the rise, and quickly evolving Java-based technology makes safeguarding enterprise applications more challengin, Hacking Exposed J2ee & Java

Hacking Exposed J2ee & Java

View Inventory
Remove from Inventory
Edit Inventory
Continue Shopping
WonderClub Home

You must be logged in to review the products

E-mail address:

Password: