Oracle Web Services Manager

BROWSE

SHOPPING CART

CHECKOUT

Sitaraman Lakshminarayanan

Securing your Web Services

Secure your web services using Oracle WSM
Authenticate, Authorize, Encrypt, and Decrypt messages
Create Custom Policy to address any new Security implementation
Deal with the issue of propagating identities across your web applications and web services
Detailed examples for various security use cases with step-by-step configurations

In More Detail

Available Now

Code download
Request a Review Copy
Send us feedback on this title
Ask a question about this title
Book Details

Language English
Paperback 236 pages [191mm x 235mm]
Release date July 2008
ISBN 1847193838
ISBN 13 978-1-847193-83-4
Author(s) Sitaraman Lakshminarayanan
Topics and Technologies Web Services SOA BPEL, Oracle

This book not only describes the need for web services security but also explains, with detailed examples, how to define security policies and enforce those policies using Oracle Web Services Manager (WSM).

This book emphasizes how to use Oracle WSM to address various security use cases with detailed step-by-step examples to learn Oracle Web Service Manager.

In Detail

Web services (WS) provide a simple, standardized way to connect applications over the Internet, however they require management of security and other run-time operations to work effectively. Oracle Web Services Manager is a software solution for managing the operations of web services and the interactions between these services.

This book explains the business reasons why web services security is required and gives an architectural overview of WS Security for an enterprise. It then provides details about the Oracle Web Service Manager product and how it can be leveraged to address the key security issues of Confidentiality, Integrity, Authentication, and Authorization. Whilst addressing these key issues, the book describes them fully with examples. It ends with a couple of unique features: one is the various options available for a successful deployment and the other is an explanation, in depth, of how the security components work.

What you will learn from this book

Secure web services
Use Oracle WSM to configure web services security
Deploy Oracle WSM into production
Leverage Oracle WSM to address the key security issues of confidentiality, integrity, authentication, and authorization
Create Custom Policy to address any new Security implementation
Encrypt and decrypt messages
Understand the basics of enterprise Security – Web Services, SSO, and Token Service

Chapter 1 gives an introduction to web services security – the need for it, what are the security options, and even a quick look at Return on Investment in web services security

Chapter 2 discusses the need for centralized management of web services, policy definition, and policy enforcement with a quick introduction to Oracle Web Services Manager.

In the first two chapters we discussed the need for web services security and in Chapter 3 we take a closer look at the architecture of Oracle Web Services Manager and how to address the web services security requirements.

In Chapter 4 we explore how Oracle WSM can be leveraged to authenticate and authorize web services requests.

In Chapter 5 we take a closer look at how we can leverage Oracle WSM to protect the confidentiality of messages.

In Chapter 6 we describe in detail how to digitally sign and verify messages in web services using Oracle Web Services Manager.

In Chapter 7 we will take a look at how to implement a custom policy step in Oracle Web Services Manager.

In Chapter 8 we discuss the various components of Oracle WSM and how they can be deployed to ensure high availability and scalability.

Chapter 9 discusses in detail how to manage the OWSM environment from an operational stand point i.e. how the monitoring works.

In web Services, encrypted XML is represented in an interoperable standard format such as XML Encryption; in Chapter 10 we take a closer look at the XML Encryption standard from W3C.

In Chapter 11 we take a closer look at XML Signature Specification from W3C. XML Signature is an interoperable industry standard that addresses how digitally signed messages are represented or described in an XML format and OWSM can digitally sign and verify web service messages.

In Chapter 12 we discuss the importance of digitally signing and encrypting the same message or data element and how to implement this using Oracle Web Services Manager.

In Chapter 13 we take a closer look at the Integrated Web Services Security Solution.

Approach

This book is an easy-to-follow reference tutorial that explains how to use Oracle WSM to address various security use cases with detailed step-by-step examples to learn Oracle Web Service Manager.

Who this book is written for

This is the book for those who want to learn how to:
Secure web services
Use Oracle WSM to configure web services security
It is mainly for Developers and Architects who want to learn how to use Oracle WSM to address the security challenges of web services and those who want to learn how to use Oracle WSM to address their security needs.

If you have a basic knowledge of web services then this book will help you understand the need for security and how to use Oracle WSM to address the security challenges.

Author(s)

Sitaraman Lakshminarayanan

Sitaraman Lakshminarayanan is an Enterprise Architect with over 11 years of IT experience in implementing Software solutions based on Microsoft and Java platforms. His area of interest is in Enterprise Architecture, Application Integration, and Information security and he specializes in Identity & Access Management, Web Services, and SOA. He is a co-author of ASP.NET Security (Wrox publications) and has presented at regional and International conferences on Web Services Security and Identity Management.