Win a copy of Rust Web Development this week in the Other Languages forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Tim Cooke
  • Campbell Ritchie
  • Ron McLeod
  • Liutauras Vilda
  • Jeanne Boyarsky
Sheriffs:
  • Junilu Lacar
  • Rob Spoor
  • Paul Clapham
Saloon Keepers:
  • Tim Holloway
  • Tim Moores
  • Jesse Silverman
  • Stephan van Hulst
  • Carey Brown
Bartenders:
  • Al Hobbs
  • Piet Souris
  • Frits Walraven

To the Authors: Core Security Patterns

 
Greenhorn
Posts: 10
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
How are these patterns different from the J2EE patterns?
Are these patterns applicable to J2EE applications as well?

I have 6 years experience in J2EE and would love to know the best practices in security as I've always felt that security is neglected in many applications.

Are these patterns limited to Authentication or Authorization as well?

Regards,
Vibha
 
Author
Posts: 159
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Originally posted by Vibha Jindal:
How are these patterns different from the J2EE patterns?
Are these patterns applicable to J2EE applications as well?


<RN>
To support J2EE application development and address their core security requirements... Core Security Patterns builds on Core J2EE Patterns to ensure that security risks and vulnerabilties are identified and mitigated with appropriate Java based safeguards and countermeasures. These security patterns ensures end-to-end security including all J2EE Tiers and its core components.
</RN>


I have 6 years experience in J2EE and would love to know the best practices in security as I've always felt that security is neglected in many applications.


<RN>
Besides patterns and design strategies, the book identifies 101 Security best practices associated with J2EE applications and Web services.
The security best practices and pitfalls are intended for proactive security assessment of J2EE application design, implementation, deployment, testing and monitoring.
</RN>


Are these patterns limited to Authentication or Authorization as well?


<RN>
NO. The patterns looks into all possible weakest links of an application in terms of security risks and vulnerabilities and relate them with the fundamental security requirements such as...... Authentication, Authorization, Confidentiality, Integrity, Policy, Auditing, Logging, PKI, Availability, Compliance, Single sign-on, identity management, provisioning, Hardening & Minimization..etc.
</RN>

-Ramesh


Regards,
Vibha

 
Vibha Jindal
Greenhorn
Posts: 10
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Wow! This sounds neat!

Do you have a sample chapter that I can read to see if it's easy reading?
I'm happy with the security implementation in my latest project
and would love to read your book and see how it fares as per your suggestions.

Thanks and Regards,
Vibha
 
Vibha Jindal
Greenhorn
Posts: 10
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Never mind. Don't bother. I found the sample chapter!
:-)
reply
    Bookmark Topic Watch Topic
  • New Topic