Would you like to see this page in English? Click here.

��:

�܂��

1-Click�Œ��ꍇ�́A�T�C��C��Ă��B

�܂��


	Amazon�v��C��ɓK�p�B��葱��̍ۂɂ��\��݂��B�ڍׂ͂��

��炩��܂��

��̏��i��ł��H �}�[�P�b�g�v��C�X�ɏo�i��

��̃C��[�W��f�ڂ��

��̖{�̒��g��{��

Hacking Exposed J2Ee & Java: Developing Secure Applications With Java Technology [�y�[�p�[�o�b�N]

Brian Buege (��), Randy Layman (��), Art Taylor (��)

5��̂�� 2.0 ��r��[��ׂČ�� (1 �J�X�^�}�[��r��[)

��i�F	�� 4,950 �ʏ�z�� �ڍ�
�o�[�Q��i�F
	o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o

�݌ɂ��B �݌ɏ��ɂ��
��̏��i�́AAmazon.co.jp ��̔��A��܂��B �M�t�g��b�s��O�𗘗p�ł��܂��B

1�_�݌ɂ��B��͂��߂ɁB

2012/6/1 ��j�� ɂ��͂��܂��I �u��}��ցv�I�v�V��i�L��j��I��Ē��m�肳�ꂽ�֓��G��A�ւ̔z�B�̂��Ώۂł��B�ڂ��

�L��y�[��ђǉ��

掲載画像とお届けする商品の表紙が異なる場合があります。ご了承ください。

��i�̐��

��e��

J2EE is the programming language backbone of Web services from Sun Microsystems and other major software developers. This work provides instruction on how to hack proof your applications, common Java attacks, countermeasures and specific case studies. Since open-source solutions continue to gain ground in the application server market, the open-source Jboss application server and the Tomcat Web server is covered in detail in addition to the independent software vendor market leader, BEA WebLogic.

Book Description

Written in the same exciting and informative style as the international blockbuster Hacking Exposed, this book provides comprehensive coverage of the tools and techniques for testing and correcting J2EE and Java security issues. Includes examples of J2EE attacks and countermeasures, risk ratings throughout the chapters and case studies.

��i�̐��ׂĕ\��

�o�^��

�y�[�p�[�o�b�N: 500�y�[�W
�o�Ŏ�: Mcgraw-Hill Osborne Media (2002/9/24)
�� �p��, �p��, �p��
ISBN-10: 0072225653
ISBN-13: 978-0072225655
��F 2002/9/24
��i�̐��@: 23.6 x 19.1 x 2.4 cm

��ߓx�F 5��̂�� 2.0 ��r��[��ׂČ�� (1 �J�X�^�}�[��r��[)

Amazon �x�X�g�Z��[��i��L��O: �m�� - 1,300,490�� (�m��̃x�X�g�Z��[��)
- 1244�� m�� > Computers & Internet > Programming > Java
- 1516�� m�� > Business & Investing > Industries & Professions > E-commerce
- 2013�� m�� > Computers & Internet > Security & Encryption

�J�^��O���A�܂��摜�ɂ��ĕ�

�ڎ��

��̖{�̂Ȃ��I�� �i�ڍׂ͂��j

��o��
Java security is not an afterthought; it is an integral part of the language. �ŏ��̃y�[�W��ǂ�

��̑��̋@�\
�p�o�P��ꗗ

��̖{�̃T��v��y�[�W��{��
��ĕ\�� | ��쌠 | �ڎ� | �� | �� | ��\��

��̏��i�Ƀ^�O��

(�ڍ�)

�^�O�́A��i�Ƃ̊֘A��ɋ��L�[��[�h�܂��̓��x��̂悤�Ȃ��̂ł��B
�^�O�ɂ��A��ׂĂ̂��q�l��C�ɓ��̏��i�̐��Ɗm�F��s��Ƃ��ł��܂��B
��^�O�͏��ݒ�Ō��J�ɂȂ��Ă��܂��B�ڂ��

�J�X�^�}�[��r��[

��5��

��4��

��3��

��2��

��1��

1�̃��r��[

5��̂�� 2.0

�J�X�^�}�[��r��[��

�ł��Q�l�ɂȂ��J�X�^�}�[��r��[

��O��r�� 2003/12/30

By "java-o"

�`��:�y�[�p�[�o�b�N

�ߌ��ȃ^�C�g��Ɋ��҂��Ĕ��Ă݂��̂ł��A
��e��Tutorial��ǂ߂΍ς݂��Șb��΂��B
�Z�L��e�B�ɖ��ڒ��Ȃ��Ƃ��uHacking Exposed�v
�ƍl��̂łȂ��ΐ��A��K�v�Ȃ��Ǝv��܂��B

�R��g |

��̃��r��[�͎Q�l�ɂȂ�܂��H

�͂�

��

› �J�X�^�}�[��r��[��\��

�J�X�^�}�[��r��[��

Amazon.com �ōł��Q�l�ɂȂ��J�X�^�}�[��r��[ ^(beta)

Amazon.com: 6��̃J�X�^�}�[��r��[

14 �l��A14�l�̕��A��̃��r��[��Q�l�ɂȂ��Ɠ��[��Ă��܂��B

Security for advanced Java developers 2002/11/12

By Michiel Pelt - (Amazon.com)

�`��:�y�[�p�[�o�b�N

The book uses an example Java application which is intially very unsecure, and throughout the book the vulnerabilities of the example are discussed and countermeasures are written. Then the application is webenabled, creating new vulnerabilities which are fixed again, and so on. This way the complex material is covered in an easy accessible yet comprehensive way, without becoming lengthy. This book is a must have for any serious Java web developer interested in application security. Not recommended for beginners, though.

6 �l��A6�l�̕��A��̃��r��[��Q�l�ɂȂ��Ɠ��[��Ă��܂��B

Good book, with reservations 2004/3/16

By vaaesthete - (Amazon.com)

�`��:�y�[�p�[�o�b�N|Amazon��m�F��w��

This book has some nice examples and is fairly complete, but some sections are basically a regurgitation of the java.sun web site!
In many technical books, it is common to find multiple authors, each writing a section based upon his/her expertise. Since each author has a specific writing style and personality, there is usually a person (or persons) charged with proofing and approving the sections as well as working to make the transitions seamless and consistent. This book was written by three different authors and it would appear to me that at least one of the authors turned in work that is remarkably similar to existing sources!

Here is a sample of the JCE section in HackingExposed:
"The Java Cryptography Extension (JCE) package provides a framework for encryption and decryption, key generation, key agreement, and MAC. Encryption allows symmetric, asymmetric, block, and stream ciphers, with additional support for secure streams and sealed objects."
Now here is the verbage from the java.sun.com website:
"The JavaTM Cryptography Extension (JCE) provides a framework and implementations for encryption, key generation and key agreement, and Message Authentication Code (MAC) algorithms. Support for encryption includes symmetric, asymmetric, block, and stream ciphers. The software also supports secure streams and sealed objects."

To be fair, it appears that the problems are confined to the first section of the book. The final 2/3 of the book are closer to what I expect from the Hacking Exposed series.

28 �l��A22�l�̕��A��̃��r��[��Q�l�ɂȂ��Ɠ��[��Ă��܂��B

Not a Hacking Exposed book at all 2003/2/6

By Anders Thulin - (Amazon.com)

�`��:�y�[�p�[�o�b�N

If this book had been titled differently, I would have had no
reason for complaint: it gives a good introduction to Java
Security, and how to deploy it in various forms.

But it *is* titled 'Hacking Exposed'. That is now taken
to be an indication of a particular approach to security,
... The blurb acknowledges it: 'The proven Hacking Exposed
methodology' is the first thing mentioned under 'What You Learn'.

And I bought this title without second thought -- I have
nothing but praise for the previous books, and expected
to find the same approach and the same quality here.

In this book you find a lot of information on prevention, but
very little on actual vulnerabilities. As a result the
message is far less urgent. If I can demonstrate a 'hack'
the message gets across very quickly: we have to do something
about it now. But if all I can do is point to a text that
says 'attackers can potentially attach a debugger to our
application and watch the code as it runs', urgency is gone.

There's another point there as well: 'our application'.
Those words probably sum up the difference from, say, 'Hacking
Exposed Web Applications'. This book is not from the point of
view of the hacker that the previous books used so well to get
their message across. This is 'we', protecting our assets from
a considerably more nebulous hacker than has appeared earlier.

The difference is the same as between an actual security
incident on one hand, and the report of a threat analysis on
the other.

In short, this is not a Hacking Exposed book. It's a Java
Security Exposed book. As such it probably merits four stars.

But ... as it is marketed as a Hacking Exposed book, and,
in my opinion, doesn't live up to the expectations that goes
with that trademark, I'm afraid I can't give any rating at all.
(1 star seems to be the lowest possible, so that is what I give it.)

I'll be very careful about purchasing the next red book
with "Hacking Exposed" all over the front cover. I just
might find that I have bought 'Hacking Exposed - ISO 17799'.

› Amazon.com�̃J�X�^�}�[��r��[��(6)

��̃��r��[�͎Q�l�ɂȂ�܂��H ��ӌ��̓N�`�R�~�ł��B

.jsOffDisplayBlock { display: block; } .jsOffDisplayInline { display: inline; } .jsOffVisibility { visibility: visible; } .jsOnDisplayBlock { display: none; } .jsOnDisplayNoneBlock { display: block; } .jsOnDisplayNoneInline { display: inline; } .jsOnDisplayInline { display: none; } .jsOnVisibility { visibility: hidden; } .jqOnDisplayBlock { display: none; } .jqOnDisplayInline { display: none; } .jqOnVisibility { visibility: hidden; } .jqOnDisplayNoneBlock { display: block; } .jqOnDisplayNoneInline { display: inline; }

�N�`�R�~

�N�`�R�~�́A��i��J�e�S��[�A�g�s�b�N�ɂ��đ��̂��q�l�ƌ�荇��ł��B��̂ɖ𗧂��ł��܂��B

��̏��i�̃N�`�R�~�ꗗ

��e�E�^�C�g��	�ԓ�	�ŐV�̓��e
�܂��N�`�R�~�͂��܂��

��̂��q�l�Ƃ̈ӌ��ʂ��āA��ɂ��𗧂Ă��B

�V��N�`�R�~��쐬��

�^�C�g��:

�ŏ��̓��e:

�V��e��ꍇ��E��[��M��

�T�C��C��K�v�ł�

�K�C�h��C��

�N�`�R�~��

��X�g�}�j�A

��X�g��쐬

�t�B�[�h�o�b�N

Amazon.co.jp�̃v��C�o�V�[ �X�e�[�g��g

Amazon.co.jp�̔��

Amazon.co.jp�ł̕ԕi�ƌ��

Amazon�ɂ��

Amazon�Ńr�W�l�X

�w��v��K�C�h

�A��J | �J�i�_ | �C�M��X | �h�C�c | �t��X | �C�^��A | �X�y�C�� | �� Amazon�t�@�~��[�T�C�g: Book Depository | �C�E�o�b�O�̒ʔ̃T�C�g Javari | MYHABIT | Shopbop

Hacking Exposed J2Ee & Java: Developing Secure Applications With Java Technology [�y�[�p�[�o�b�N]

�L��y�[��ђǉ��

��i�̐��

��e��

Book Description

�o�^��

��̏��i�Ƀ^�O��

�J�X�^�}�[��r��[

�N�`�R�~

�V��N�`�R�~��쐬��

��X�g�}�j�A

�֘A��i��T��

��L�[��[�h�̏��i��T��

�t�B�[�h�o�b�N

Hacking Exposed J2Ee & Java: Developing Secure Applications With Java Technology [�y�[�p�[�o�b�N]

�L�����y�[������ђǉ����

���i�̐���

���e����

Book Description

�o�^���

���̏��i�Ƀ^�O������

�J�X�^�}�[���r���[

�N�`�R�~

�V�����N�`�R�~���쐬����

���X�g�}�j�A

�֘A���i��T��

�����L�[���[�h�̏��i��T��

�t�B�[�h�o�b�N

�L��y�[��ђǉ��

��i�̐��

��e��

�o�^��

��̏��i�Ƀ^�O��

�J�X�^�}�[��r��[

�V��N�`�R�~��쐬��

��X�g�}�j�A

�֘A��i��T��

��L�[��[�h�̏��i��T��