Walt Williams, CISSP®, SSCP®, CEH, CPT has served as an infrastructure and security architect at firms as diverse as GTE Internetworking, State Street Corp, Teradyne, The Commerce Group, and EMC. He has since moved to security management, where he now manages security at Lattice Engines. He is an outspoken proponent of design before build, an advocate of frameworks and standards, and has spoken at Security B-Sides on risk management as the cornerstone of a security architecture.
Mr. Williams' articles on security and service oriented architecture have appeared in the Information Security Management Handbook. He sits on the board of directors for the New England ISSA chapter and is a member of the program committee for Metricon. He has a master’s degree in anthropology from Hunter College.
Reviewing cutting-edge developments, Secure Semantic Service-Oriented Systems focuses on confidentiality, privacy, trust, and integrity management for Web services. It demonstrates the breadth and depth of applications of these technologies in multiple domains. The author lays the groundwork with discussions of concepts in trustworthy information systems and security for service-oriented architecture. Next, she covers secure Web services and applications—discussing how these technologies are used in secure interoperability, national defense, and medical applications.
Divided into five parts, the book describes the various aspects of secure service oriented information systems; including confidentiality, trust management, integrity, and data quality. It evaluates knowledge management and e-business concepts in services technologies, information management, semantic Web security, and service-oriented computing. You will also learn how it applies to Web services, service-oriented analysis and design, and specialized and semantic Web services.
The author covers security and design methods for service-oriented analysis, access control models for Web Services, identity management, access control and delegation, and confidentiality. She concludes by examining privacy, trust, and integrity, the relationship between secure semantic Web technologies and services, secure ontologies, and RDF. The book also provides specific consideration to activity management such as e-business, collaboration, healthcare, and finance.
Supplies a practitioner's view of the SDL Considers Agile as a security enabler Covers the privacy elements in an SDL Outlines a holistic business-savvy SDL framework that includes people, process, and technology Highlights the key success factors, deliverables, and metrics for each phase of the SDL Examines cost efficiencies, optimized performance, and organizational structure of a developer-centric software security program and PSIRT Includes a chapter by noted security architect Brook Schoenfield who shares his insights and experiences in applying the book’s SDL framework
View the authors' website at http://www.androidinsecurity.com/