Secure Java: For Web Application Development (Paperback)

Abhay Bhargav

  • 出版商: CRC
  • 出版日期: 2010-09-16
  • 售價: $3,820
  • 貴賓價: 9.5$3,629
  • 語言: 英文
  • 頁數: 308
  • 裝訂: Paperback
  • ISBN: 1439823510
  • ISBN-13: 9781439823514
  • 相關分類: Java 程式語言
  • 海外代購書籍(需單獨結帳)

買這商品的人也買了...

相關主題

商品描述

Most security books on Java focus on cryptography and access control, but exclude key aspects such as coding practices, logging, and web application risk assessment. Encapsulating security requirements for web development with the Java programming platform, Secure Java: For Web Application Development covers secure programming, risk assessment, and threat modeling—explaining how to integrate these practices into a secure software development life cycle.

From the risk assessment phase to the proof of concept phase, the book details a secure web application development process. The authors provide in-depth implementation guidance and best practices for access control, cryptography, logging, secure coding, and authentication and authorization in web application development. Discussing the latest application exploits and vulnerabilities, they examine various options and protection mechanisms for securing web applications against these multifarious threats. The book is organized into four sections:

  • Provides a clear view of the growing footprint of web applications
  • Explores the foundations of secure web application development and the risk management process
  • Delves into tactical web application security development with Java EE
  • Deals extensively with security testing of web applications

This complete reference includes a case study of an e-commerce company facing web application security challenges, as well as specific techniques for testing the security of web applications. Highlighting state-of-the-art tools for web application security testing, it supplies valuable insight on how to meet important security compliance requirements, including PCI-DSS, PA-DSS, HIPAA, and GLBA. The book also includes an appendix that covers the application security guidelines for the payment card industry standards.

商品描述(中文翻譯)

大多數關於 Java 的安全書籍專注於密碼學和存取控制,但卻忽略了編碼實踐、日誌記錄和網路應用風險評估等關鍵方面。《Secure Java: For Web Application Development》將安全需求封裝於 Java 程式設計平台的網路開發中,涵蓋了安全編程、風險評估和威脅建模,並解釋如何將這些實踐整合進安全的軟體開發生命週期中。

從風險評估階段到概念驗證階段,本書詳細說明了一個安全的網路應用開發過程。作者提供了深入的實作指導和最佳實踐,涵蓋存取控制、密碼學、日誌記錄、安全編碼以及網路應用開發中的身份驗證和授權。討論最新的應用漏洞和安全威脅,他們檢視了各種選項和保護機制,以保護網路應用免受這些多樣化威脅的侵害。本書分為四個部分:

- 提供對網路應用日益擴大的清晰視角
- 探索安全網路應用開發的基礎和風險管理過程
- 深入探討使用 Java EE 的戰術性網路應用安全開發
- 廣泛討論網路應用的安全測試

這本完整的參考書包括了一個面臨網路應用安全挑戰的電子商務公司的案例研究,以及測試網路應用安全的具體技術。強調最先進的網路應用安全測試工具,提供了如何滿足重要安全合規要求的寶貴見解,包括 PCI-DSS、PA-DSS、HIPAA 和 GLBA。本書還附有一個附錄,涵蓋支付卡行業標準的應用安全指導方針。