 |
|
|
|
|
|
|
|
|
|
|
|
|
 |
||||||||||||
 |
 |
 |
||||||||||
 |
 |
 |
||||||||||
 |
 |
|||||||||||
 |
 |
 |
||||||||||
 |
 |
 |
 |
 |
 |
 |
 |
|||||
 |
 |
 |
||||||||||
| IT 506 J2EE Application Security Course Description: This course examines issues associated with making J2EE web applications secure. The principle focus is on server-side features of J2EE security, such as proper server configuration, and accessing and using an LDAP (Light Weight Directory Access Protocol) and SSL (Secure Socket Layer). Emphasis is placed on security services such as authentication, authorization, confidentiality, integrity, and non-repudiation. Topics will be specific to J2EE and will include class loading, byte code verification, security managers, access controllers, protection domains, policy files, key management and use, certificates, and code signing. Various supporting APIs will be covered such as the XML Security Assertions markup Languages (SAML), the XML Key Management Specification (XKMS), and the eXtensible Access Control Markup Language (XACML). Students will use the techniques covered to develop secure J2EE applications using Borland's JBuilder IDE, a Java-enabled RDBMS such as my SQL, BEA's WebLogic Applications server, and Altova's XMLSpy. Prerequisites: BUS 505 or working knowledge of Java programming
Courses available for registration:
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||