oracle web services manager

THÔNG TIN TÀI LIỆU

Cấu trúc

Cover
Table of Contents
Preface
Chapter 1: Introduction to Web Services Security
- The Need for Web Services Security
- Security Challenges in a Web Services Environment
- The Need for Identity Propagation from Calling Application to Web Services
- Why HTTPS Based Security Is Not Enough
- Components of Web Services Security
  - Authentication
  - Authorization
  - Confidentiality
  - Integrity
- Return on Investment
- Summary
Chapter 2: Web Services Security—Architectural Overview
- Overview of XML Security Standards
  - Closer Look at SOAP Messages
  - Authentication
  - Confidentiality
  - Integrity
- Overview of WS-Security Standards
- Implementing WS-*Security in Applications
- Centralized Management of WS-*Security
  - The Need for Centralizing WS-*Security Operations
  - Benefits of Centralizing Web Services Security Operations
- Introduction to Oracle Web Services Manager
- Summary
Chapter 3: Architecture Overview of Oracle WSM
- Oracle WSM Architecture
- Oracle WSM Policy Manager
  - Overview of Oracle WSM Policy Manager
    - Authentication
    - Authorization
    - Confidentiality
    - Integrity and Non-Repudiation
    - Policy Steps and Pipeline Templates
  - Relationship Between Policy and Service
- Oracle WSM Gateway
  - Proxy, or Exposing Internal Service to External Business Partner, or Outside of Intranet
  - Transport Protocol Translation
  - Content Routing
- Summary
Chapter 4: Authentication and Authorization of Web Services Using Oracle WSM
- Oracle WSM: Authentication and Authorization
  - Oracle WSM: File Authenticate and Authorize
  - Oracle WSM: Active Directory Authenticate and Authorize
- Oracle WSM: Policy Template
- Oracle WSM: Sample Application AD Authentication
  - Web Service Security Policy
    - Registering The Web Service with Oracle WSM
    - Creating The Security Policy
    - Commit The Policy
  - Oracle WSM Test Page as Client Application
  - Microsoft .NET Client Application
- Summary
Chapter 5: Encrypting and Decrypting Messages in Oracle WSM
- Overview of Encryption and Decryption
  - Symmetric Cryptography
  - Asymmetric Cryptography
  - Oracle WSM and Encryption
- Encryption and Decryption with Oracle WSM
  - Encryption Algorithm
  - Key Transport Algorithm
  - Internal Working of the XML Encrypt Policy Step
- Oracle WSM Sample Application Overview
- Oracle WSM Encryption and Decryption Policy
  - Creating the Security Policy
- Summary
Chapter 6: Digitally Signing and Verifying Messages in Web Services
- Overview of Digital Signatures
- Digital Signatures in Web Services
- Signature Generation Using Oracle WSM
  - Sign Message Policy Step
  - Internals of Sign Message Policy Step
    - Reference Element
    - SignedInfo Element
    - Signature
- Signature Generation and Verification Example
  - Registering Web Service with Oracle WSM
  - Signature Verification by Oracle WSM
  - Signature Generation by Oracle WSM
- Summary
Chapter 7: Oracle WSM Custom Policy Step
- Overview of Oracle WSM Policy Steps
- Implementing a Custom Policy Step
  - Extending the AbstractStep Class
  - Deploying the Custom Policy Step
  - Step Template XML File Creation
- Custom Policy Step Example: Restrict Access Based on IP Address to the Specified Method
  - Extending the AbstractStep
  - Testing the Custom Policy Step
- Summary
Chapter 8: Deployment Architecture
- Oracle WSM Components
  - Addressing Oracle WSM Scalability
  - Addressing High Availability
    - Installation
    - Disabling Unnecessary Components
    - Mapping Component ID on Host1 and Host2
  - Configuring Oracle WSM Monitor on Host3
- Summary
Chapter 9: Oracle WSM Runtime-Monitoring
- Oracle WSM Operational Management
- Oracle WSM Overall Statistics
- Oracle WSM Security Statistics
- Oracle WSM Service Statistics
- Oracle WSM Custom Views
- Oracle WSM Alarms
- Summary
Chapter 10: XML Encryption
- XML Encryption and Web Services
- XML Encryption Schema
  - EncryptedData
    - EncryptionMethodType
    - EncryptionMethodType Schema
    - CipherData Element
  - EncryptedKey Element
  - KeyInfo Element
- Summary
Chapter 11: XML Signature
- XML Signature and Web Services
- XML Signature Schema
  - Signature Element
  - SignedInfo Element
    - Reference Element
    - Transforms Element
  - KeyInfo Element
- Summary
Chapter 12: Sign and Encrypt
- Overview of Sign and Encrypt
- Signing and Encrypting Message
- Sign and Encrypt by Example
  - Example Overview
  - Time Web Service: Decrypt and Verify Signature
  - Beauty of Oracle WSM Gateway: Sign And Encrypt by Oracle WSM
    - Service Provider:
    - Service Consumer:
    - Sign And Encrypt Policy
- Summary
Chapter 13: Enterprise Security —Web Services and SSO
- Web Services Security Components
- Authentication, Authorization and Credential Stores
- Integrating with Web Access Management Solution
  - Security Token Service: Bridging the GAP between WAM and Oracle WSM
    - Integrated Security Architecture
- Summary
Index

Nội dung

[...]... Security Web Services and SSO Web Services Security Components Authentication, Authorization and Credential Stores Integrating with Web Access Management Solution Security Token Service: Bridging the GAP between WAM and Oracle WSM Integrated Security Architecture Summary 201 201 202 203 206 208 209 Index 211 [] Preface Oracle Web Services Manager, a component of SOA Suite from Oracle is a web services. .. for Centralizing WS-*Security Operations Benefits of Centralizing Web Services Security Operations Introduction to Oracle Web Services Manager Summary 5 6 13 14 15 17 20 23 24 27 27 28 28 29 Table of Contents Chapter 3: Architecture Overview of Oracle WSM Oracle WSM Architecture Oracle WSM Policy Manager Overview of Oracle WSM Policy Manager Authentication Authorization Confidentiality Integrity and... Introduction to Web Services Security 1 5 The Need for Web Services Security Security Challenges in a Web Services Environment The Need for Identity Propagation from Calling Application to Web Services Why HTTPS Based Security Is Not Enough Components of Web Services Security Authentication Authorization Confidentiality Integrity Return on Investment Summary 7 9 10 10 10 11 11 11 12 Chapter 2: Web Services. .. systems and provides an overview of Oracle Web Services Manager Chapter 3 discusses the architecture of Oracle Web Services Manager In this chapter, we explore the various components of Oracle WSM, such as gateway, agent, policy management, routing, monitoring, etc Preface Chapter 4 talks in-depth about how to implement authentication and authorization in web services using Oracle WSM It explains how to... the challenge is to externalize the security to another application such as Oracle Web Services Manager In this chapter, we will discuss the need for centralized management of web services, policy definition and policy enforcement with a quick introduction to Oracle Web Services Manager Overview of XML Security Standards Web services is nothing but a set of XML messages that are exchanged between software... an introduction to why web services should be secured in an organization and explains the different components of web services security that should be addressed The next chapter will describe the various standards in web services security, the importance of centralized policy manager, and will also explain the web services security from an architect's point of view [ 12 ] Web Services Security— Architectural... securing the web services is no different Implementing web services security does require certain investment, either in terms of buying an off-the-shelf product such as Oracle Web Service Manager, or implementing a custom security framework across all the web services and the clients In either case, the investment should be justified for the business owners While calculating the ROI on web services security... between the web service provider and the web service consumer The following diagram shows how the web service is given access only to a trusted organization, and the intruder is prevented from accessing the web service Web server executing transactions Web user Web server Web services (internal and external) Web server attaches the client certificate white invoking the web service Cannot access because of... in-depth overview of web services security from a business point of view, describing the security challenges in a web services environment, why traditional network security isn't enough, and how to measure the ROI on web services security Chapter 2 discusses the architecture of web services security including the various interoperable standards, challenges in implementing web services security in NET... Messages in Web Services Overview of Digital Signatures Digital Signatures in Web Services Signature Generation Using Oracle WSM Sign Message Policy Step Internals of Sign Message Policy Step Reference Element SignedInfo Element Signature Signature Generation and Verification Example Registering Web Service with Oracle WSM Signature Verification by Oracle WSM Signature Generation by Oracle WSM Oracle WSM . x0 y0 w0 h1" alt="" Oracle Web Services Manager Securing Your Web Services Sitaraman Lakshminarayanan BIRMINGHAM - MUMBAI Oracle Web Services Manager Securing Your Web Services Copyright. provides an overview of Oracle Web Services Manager. Chapter 3 discusses the architecture of Oracle Web Services Manager. In this chapter, we explore the various components of Oracle WSM, such as. Centralizing Web Services Security Operations 28 Introduction to Oracle Web Services Manager 28 Summary 29 Table of Contents [ ii ] Chapter 3: Architecture Overview of Oracle WSM 31 Oracle WSM

Ngày đăng: 05/05/2014, 15:39

Xem thêm