<pre>
Author/s : Bret Hartman, Donald J. Flinn, Konstantin Beznosov, Shirley Kawamoto
Publisher : Wiley
Category : Web Services and SOAP
Review by : Chris Mathews
Rating : 5 horseshoes</pre>
This book definitely has its ups and downs. It gets off to a good start with an excellent overview of general security fundamentals and does a good job of explaining where web services fit into the picture. The authors then provide coverage of most of the current web service security technologies, though some like XACML and WS-Security are only briefly mentioned. For the most part the coverage is fairly good; however more practical examples would have been nice to see. I was somewhat surprised at the lack of coverage given to Passport and Liberty Alliance. Passport gets roughly half a page and Liberty Alliance gets about two pages. In neither case does the book go into any discussion on how these technologies would be implemented.
My biggest problem with this particular book is its bias towards Quadrasis EASI. At times the book feels like one of those TV infomercials that you get stuck watching on Sunday afternoons (okay maybe that's just me). Therefore, it should come as no surprise that all four authors currently work for Quadrasis and have a vested interest in Quadrasis EASI. While this interest may be understandable, it is unwelcome in a book entitled "Mastering Web Services Security".
Overall, this book is well written and does contain value, especially if your organization uses or plans to use Quadrasis EASI. However, I do not believe anyone will be "Mastering Web Services Security" from this book alone.
More info at Amazon.com More info at Amazon.co.uk
