Securing Applications, Web Services, and Software-As-A-Service (SAAS)
This course covers applied security concepts, technologies, techniques, patterns, best practices and checklists intended for securing Web based applications, XML Web services and SOA. The course illustrates the real-world security challenges in IT applications and drills down on strategies for identifying security threats and risks; adopting a security design methodology; implementing security architecture using patterns and best practices; and performing security testing and production deployment.
At the end of the course, students will be able to:
Describe and demonstrate proactive and prescriptive approaches to applying security in Java applications, XML Web Services and SOA.
Develop security requirements for a Web-based Auction Portal application that delivers multiple services intended for performing public auction over Internet, and identify and mitigate related security risks.
Deploy a sample Web application, implementing FORMS based authentication, adding users and defining roles/groups, defining role-based authorization based on user access and privileges, and implementing transport-layer security using SSL for the deployed application.
Develop a logical security architecture for a Web-based Financial Application Portal that acts a XML Web services provider infrastructure of an organization, and identify and mitigate related security risks.