In weniger als einer Minute können Sie mit dem Lesen von Security for Web Services and Service-Oriented Architectures auf Ihrem Kindle beginnen. Sie haben noch keinen Kindle? Hier kaufen oder mit einer unserer kostenlosen Kindle Lese-Apps sofort zu lesen anfangen.

An Ihren Kindle oder ein anderes Gerät senden


Kostenlos testen

Jetzt kostenlos reinlesen

An Ihren Kindle oder ein anderes Gerät senden

Der Artikel ist in folgender Variante leider nicht verfügbar
Keine Abbildung vorhanden für
Keine Abbildung vorhanden


Security for Web Services and Service-Oriented Architectures [Print Replica] [Kindle Edition]

Elisa Bertino
1.0 von 5 Sternen  Alle Rezensionen anzeigen (1 Kundenrezension)

Kindle-Preis: EUR 44,93 Inkl. MwSt. und kostenloser drahtloser Lieferung über Amazon Whispernet

Kostenlose Kindle-Leseanwendung Jeder kann Kindle Bücher lesen  selbst ohne ein Kindle-Gerät  mit der KOSTENFREIEN Kindle App für Smartphones, Tablets und Computer.

Geben Sie Ihre E-Mail-Adresse oder Mobiltelefonnummer ein, um die kostenfreie App zu beziehen.

Weitere Ausgaben

Amazon-Preis Neu ab Gebraucht ab
Kindle Edition EUR 44,93  
Gebundene Ausgabe EUR 64,19  
Taschenbuch EUR 64,19  



From the reviews:

“This book deals exclusively with SOAP based Web services. … the book could serve as a good review and reference. … The book targets three distinct audiences, practitioners, students and researchers. … I suspect students and researchers will find the first half of this book a fast paced review or a somewhat useful reference, at best. The second half of the book contains material that might be more useful to students and researchers.” (Karthik Ramachandran, ACM Computing Reviews, September, 2010)


Web services based on the eXtensible Markup Language (XML), the Simple Object Access Protocol (SOAP), and related standards, and deployed in Service-Oriented Architectures (SOA), are the key to Web-based interoperability for applications within and across organizations. It is crucial that the security of services and their interactions with users is ensured if Web services technology is to live up to its promise. However, the very features that make it attractive – such as greater and ubiquitous access to data and other resources, dynamic application configuration and reconfiguration through workflows, and relative autonomy – conflict with conventional security models and mechanisms.Elisa Bertino and her coauthors provide a comprehensive guide to security for Web services and SOA. They cover in detail all recent standards that address Web service security, including XML Encryption, XML Signature, WS-Security, and WS-SecureConversation, as well as recent research on access control for simple and conversation-based Web services, advanced digital identity management techniques, and access control for Web-based workflows. They explain how these implement means for identification, authentication, and authorization with respect to security aspects such as integrity, confidentiality, and availability.This book will serve practitioners as a comprehensive critical reference on Web service standards, with illustrative examples and analyses of critical issues; researchers will use it as a state-of-the-art overview of ongoing research and innovative new directions; and graduate students will use it as a textbook on advanced topics in computer and system security.


  • Format: Kindle Edition
  • Dateigröße: 7338 KB
  • Seitenzahl der Print-Ausgabe: 218 Seiten
  • Verlag: Springer; Auflage: 2010 (4. Juni 2013)
  • Verkauf durch: Amazon Media EU S.à r.l.
  • Sprache: Englisch
  • ASIN: B00D8D1WDK
  • Text-to-Speech (Vorlesemodus): Nicht aktiviert
  • X-Ray:
  • Word Wise: Nicht aktiviert
  • Durchschnittliche Kundenbewertung: 1.0 von 5 Sternen  Alle Rezensionen anzeigen (1 Kundenrezension)

  •  Ist der Verkauf dieses Produkts für Sie nicht akzeptabel?


5 Sterne
4 Sterne
3 Sterne
2 Sterne
1.0 von 5 Sternen
1.0 von 5 Sternen
Die hilfreichsten Kundenrezensionen
1.0 von 5 Sternen Waste of time and money 17. Dezember 2012
Format:Gebundene Ausgabe
Reading this book is waste of time and money. Although the title may seem interesting, the contents by far are not. Spiked with grammatical and spelling errors, it also seems that the contents were not really refurbished in a sophisticated manner, but eagerly lets one assume that the book was just written out of boredom. If you need references on the topics dealt with, please stay with your classic sources of information and do not touch this book.
War diese Rezension für Sie hilfreich?
Die hilfreichsten Kundenrezensionen auf (beta) 4.0 von 5 Sternen  2 Rezensionen
7 von 8 Kunden fanden die folgende Rezension hilfreich
3.0 von 5 Sternen Promising work but mediocre execution 14. Dezember 2010
Von Chiradeep Chhaya - Veröffentlicht auf
Format:Gebundene Ausgabe|Verifizierter Kauf
The review is based only on the first three chapters that I have managed to read so far.

1. The premise of the book is pretty valuable. There is need for updated literature that takes web services security out of the standards world and makes it more approachable. On that count, I laud the initiative.
2. The book, however, suffers from several significant issues:
a. The proof-reading, for a book that purports to be a reference on the topic, is abysmal. Consider this snippet on page 35 related to threat modeling: "even though the security functions provided by the middleware are becoming more and more reach and complete,...". Any technical editor should have picked up the multiple mistakes in this sentence. Unfortunately, such mistakes abound in the book.
b. In trying to emphasize theory, the book often comes across as dry and irrelevant. For example, table 3.2 related to STRIDE Categories and the surrounding explanation on page 32, while being factually complete, seem like they belong to a Microsoft Press book. At the level the book aims for, what's important is not an explanation of STRIDE (why wouldn't I read Howard's or Swiderski's books for that?) but how that relates to Web services. Explaining the STRIDE concepts as related to a fictional Web Service might have been much more useful.
c.Some of the technical terms used in the book are downright incorrect. For example, on page 35, in the same paragraph as #2(a), the authors talk of "RBAC-based authorization mechanisms". RBAC itself stands for Role Based Access Control. What does it mean for an authorization mechanism to be RBAC-based?
d. If this book is to be useful at all, the figures need to be seriously improved. They are miniature, complex and hardly span a quarter of a page. In short, they are barely decipherable and there's a lot of text referring to such figures that becomes disconnected.

With all this said, I still give the book 3 stars because there is at least some method to the approach and it's much better than reading a bunch of W3C or OASIS standards. Not to mention the fact that chapter 3 refers to CAPEC that I had, in part, contributed attack patterns to :-)

I would definitely wish for the editors at Springer to take a serious look at the language and technical terminology and make figures more understandable. The book has a lot of promise and it would be a shame if such matters were to obscure that.
1 von 4 Kunden fanden die folgende Rezension hilfreich
5.0 von 5 Sternen Excellent Work on Web Security 5. September 2010
Von Coimbatore Chandersekaran - Veröffentlicht auf
Format:Gebundene Ausgabe|Verifizierter Kauf
Content is clear and addresses many aspects of web security not found in other companion books
Waren diese Rezensionen hilfreich?   Wir wollen von Ihnen hören.
Kundenrezensionen suchen
Nur in den Rezensionen zu diesem Produkt suchen

Kunden diskutieren

Das Forum zu diesem Produkt
Diskussion Antworten Jüngster Beitrag
Noch keine Diskussionen

Fragen stellen, Meinungen austauschen, Einblicke gewinnen
Neue Diskussion starten
Erster Beitrag:
Eingabe des Log-ins

Kundendiskussionen durchsuchen
Alle Amazon-Diskussionen durchsuchen

Ähnliche Artikel finden