Professional Java Security (Programmer to Programmer)

4 avg rating
( 5 ratings by Goodreads )
 
9781861004253: Professional Java Security (Programmer to Programmer)
View all copies of this ISBN edition:
 
 

Security is of huge importance to the computing industry - the growth in e-commerce has brought the topic from the shadows of high-level specialists into the public eye. Nowadays breaches in security for B2C based e-tailers are big news, and damage not only the reputation of the individual organization, but also confidence in the industry as a whole.

Computer security covers a multitude of areas ranging from low-level operating system security to higher-level application security. This book concentrates on the latter, and will show you how to protect your applications with cryptography and the Java security model. Beginning with simple examples and clear descriptions of different cryptography approaches, such as symmetric and asymmetric encryption, the book will build in complexity, through consideration of public key infrastructure and SSL, to provide a comprehensive set of solutions for the enterprise Java developer.

"synopsis" may belong to another edition of this title.

Review:

For any developer who needs to understand and use Java's considerable built-in support for encryption and security standards, Professional Java Security delivers a capable guide to both the theoretical and practical aspects of implementing security on the Java platform. With a concise presentation that moves well and covers a wide range of topics, this book fills an extremely valuable niche for any working Java programmer.

Classic titles on encryption and cryptography (such as Bruce Schneier's Applied Cryptography: Protocols, Algorithms, and Source Code in C) look at security from the ground up as if developers needed to write everything themselves. The good news is that with features like the Java Cryptography Architecture (JCA) and the Java Cryptography Extension (JCE), Java security is standard equipment with today's Java 2 platform. This book does a great job at giving a quick overview of the way today's encryption algorithms (including symmetric and asymmetric encryption, hash functions, and digital certificates) work, along with the way to apply them in Java. The authors anchor the theory here with practical explanation and code for using such encryption algorithms as Blowfish and RSA, plus using digital signatures and certificates and tapping SSL for secure communications over the Internet.

While books on cryptography usually describe protocols with anonymous players (with names like Alice, Bob, and the like), the authors here use more imagination, retelling a scene from Shakespeare's Hamlet in which King Claudius sends a message via Rosenkrantz and Guildenstern to do away with Hamlet. No, you don't need to have read the play to understand, but this scenario and its permutations highlight in a more entertaining fashion than other titles the issues in secure communications and the ways things can go wrong.

More advanced material on securing JDBC database connections, and even on how to create custom encryption algorithms and plug them into the JCE, will let the more expert reader do more. (The authors demonstrate this latter process with sample code that implements the well-known RSA encryption algorithm.) For the busy working Java developer, coverage of the basics here will let you implement security in Java without having to reinvent the proverbial wheel. Smart, concise, and extremely useful, Professional Java Security is a truly valuable resource for creating secure Java applications with features that every working Java developer will want to know about and use. --Richard Dragan

Topics covered: Overview of enterprise security issues, defining a security policy, Java security features, support for security in Java code (accessibility, serialization, sealed JAR files, and privileged code), introduction to cryptography and encryption, introduction to symmetric and asymmetric encryption, authentication, the Java Cryptography Architecture (JCA), the Java Cryptography Extension (JCE), symmetric encryption with Java (including password-based encryption, ciphers, and sealed objects), asymmetric encryption in Java (including file encryption with RSA), message digests, digital signatures, digital certificates, signing JAR files (permissions and applets), additional security in Java with servlets and EJB, the Java Authentication and Authorization Service (JAAS), using SSL in Java applications, securing JDBC database connections, case study for a secure online banking application, building a custom JCE provider (using the RSA algorithm), additional security techniques (securing e-mail, timestamping, secure logging, using a nonce), and quick reference for using MySQL with JDBC.

From the Publisher:

This book is aimed at intermediate to advanced Java programmers, familiar with the concepts underpinning distributed application development such as sockets, RMI, JDBC, and J2EE technologies, however no previous experience of security or cryptography is assumed. It concentrates on teaching approaches to security, developing an understanding on building cryptography into applications and, in so doing, illustrates how the key Java cryptography components can be employed.

"About this title" may belong to another edition of this title.

Top Search Results from the AbeBooks Marketplace

1.

Garms, Jess, Somerfield, Daniel
Published by Apress (2001)
ISBN 10: 1861004257 ISBN 13: 9781861004253
New Paperback Quantity Available: 2
Seller:
Murray Media
(North Miami Beach, FL, U.S.A.)
Rating
[?]

Book Description Apress, 2001. Paperback. Condition: New. Never used!. Seller Inventory # P111861004257

More information about this seller | Contact this seller

Buy New
US$ 41.29
Convert Currency

Add to Basket

Shipping: FREE
Within U.S.A.
Destination, Rates & Speeds

2.

Jess Garms; Daniel Somerfield
Published by Apress (2001)
ISBN 10: 1861004257 ISBN 13: 9781861004253
New Softcover Quantity Available: 1
Seller:
Irish Booksellers
(Portland, ME, U.S.A.)
Rating
[?]

Book Description Apress, 2001. Condition: New. book. Seller Inventory # MB011W9UIQ8

More information about this seller | Contact this seller

Buy New
US$ 74.92
Convert Currency

Add to Basket

Shipping: FREE
Within U.S.A.
Destination, Rates & Speeds