Introduction / 1: |
Security for Web Services and Security Goals / 1.1: |
Privacy / 1.2: |
Goals and Scope of the Book and its Intended Audience / 1.3: |
An Overview of the Book's Content / 1.4: |
Web Service Technologies, Principles, Architectures, and Standards / 2: |
SOA and Web Services Principles / 2.1: |
Web Services Architecture / 2.2: |
Web Services Technologies and Standards / 2.3: |
SOAP / 2.3.1: |
Web Services Description Language (WSDL) / 2.3.2: |
Service Discovery: Universal Description, Discovery and Integration (UDDI) / 2.3.3: |
Considerations / 2.3.4: |
Web Services Infrastructure / 2.4: |
Web Services Threats, Vulnerabilities, and Countermeasures / 3: |
Threats and Vulnerabilities Concept Definition / 3.1: |
Threat Modeling / 3.2: |
Vulnerability Categorizations and Catalogs / 3.3: |
Threat and Vulnerabilities Metrics / 3.4: |
Standards for Web Services Security / 4: |
The Concept of Standard / 4.1: |
Web Services Security Standards Framework / 4.2: |
An Overview of Current Standards / 4.3: |
"Near the wire" security standards / 4.3.1: |
XML Data Security / 4.3.2: |
Security Assertions Markup Language (SAML) / 4.3.3: |
SOAP Message Security / 4.3.4: |
Key and Trust Management standards / 4.3.5: |
Standards for Policy Specification / 4.3.6: |
Access Control Policy Standards / 4.3.7: |
Implementations of Web Services Security Standards / 4.4: |
Standards-related Issues / 4.5: |
Digital Identity Management and Trust Negotiation / 5: |
Overview of Digital Identity Management / 5.1: |
Overview of Existing Proposals / 5.2: |
Liberty Alliance / 5.2.1: |
WS-Federation / 5.2.2: |
Comparison of Liberty Alliance and WS-Framework / 5.2.3: |
Other Digital Identity Management Initiatives / 5.2.4: |
Discussion on Security of Identity Management Systems / 5.3: |
Business Processes / 5.4: |
Deploying Multifactor Authentication for Business Processes / 5.4.1: |
Architecture / 5.4.2: |
Digital Identity Management in Grid Systems / 5.5: |
The Trust Negotiation Paradigm and its Deployment using SOA / 5.6: |
Trust Negotiation and Digital Identity Management / 5.7: |
Automated Trust Negotiation and Digital Identity Management Systems: Differences and Similarities / 5.7.1: |
Integrating Identity Management and Trust Negotiations / 5.8: |
Architecture of a SP in FAMTN / 5.8.1: |
An Example of a Use Case: FSP in Liberty Web Services Framework / 5.8.2: |
Negotiations in an FAMTN Federation / 5.9: |
Ticketing system in an FAMTN Federation / 5.9.1: |
Implementing Trust Tickets Through Cookies / 5.9.2: |
Negotiation in Identity Federated Systems / 5.9.3: |
Bibliographic Notes / 5.10: |
Access Control for Web Services / 6: |
Approaches to Enforce Access Control for Web Services / 6.1: |
WS-AC1: An Adaptive Access Control Model for Stateless Web Services / 6.2: |
The WS-AC1 Model / 6.2.1: |
WS-AC1 Identity Attribute Negotiation / 6.2.2: |
WS-AC1 Parameter Negotiation / 6.2.3: |
An Access Control Framework for Conversation-Based Web services / 6.3: |
Conversation-Based Access Control / 6.3.1: |
Access Control and Credentials / 6.3.2: |
k-Trust Levels and Policies / 6.3.3: |
Access Control Enforcement / 6.3.4: |
K-Trustworthiness Levels Computation / 6.3.5: |
Architecture of the Enforcement System / 6.3.6: |
Secure Publishing Techniques / 7: |
The Merkle Signatures / 7.1: |
Merkle Signatures for Trees / 7.1.1: |
Merkle Signatures for XML Documents / 7.1.2: |
Merkle Hash Verification for Documents with Partially Hidden Contents / 7.1.3: |
Application of the Merkle Signature to UDDI Registries / 7.2: |
Merkle Signature Representation / 7.2.1: |
Merkle Hash Path Representation / 7.2.2: |
A Comparison of Merkle Signatures with XML Signatures / 7.2.3: |
Access Control for Business Processes / 7.3: |
Access Control for Workflows and Business Processes / 8.1: |
Web Services Business Process Execution Language (WS-BPEL) / 8.2: |
RBAC-WS-BPEL: An Authorization Model for WS-BPEL Business Processes / 8.3: |
RBAC XACML: Authorization Schema / 8.4: |
Business Process Constraint Language / 8.5: |
RBAC-WS-BPEL Authorization Specification / 8.6: |
RBAC-WS-BPEL Enforcement / 8.7: |
RBAC-WS-BPEL System Architecture / 8.8: |
Handling activity Execution and RBAC-WS-BPEL Enforcement / 8.9: |
Emerging Research Trends / 9: |
Security as a Service / 9.1: |
Motivations / 9.1.1: |
Reference Framework for Security Services / 9.1.2: |
Authentication Service / 9.1.3: |
Privacy for Web Services / 9.2: |
P3P and the Privacy-Aware RBAC Model / 9.2.1: |
Privacy-Preserving Data Management Techniques / 9.2.2: |
W3C Privacy Requirements for Web Services and Research Issues / 9.2.3: |
Semantic Web Security / 9.3: |
Concluding Remarks / 9.4: |
Access Control / A: |
Basic Notions / A.1: |
The Protection Matrix Model / A.1.1: |
Access Control Lists and Capability Lists / A.1.2: |
Negative Authorizations / A.1.3: |
Role-Based Access Control / A.2: |
References / A.3: |
Index |
Introduction / 1: |
Security for Web Services and Security Goals / 1.1: |
Privacy / 1.2: |