SECURE JAVA FOR WEB APPLICATION AND DEVELOPMENT: By Abhay Bhargav and B.V. Kumar; 2011; CRC Press; Indian Edition distributed by Star Educational Books Distributors Pvt Ltd, Daryaganj, New Delhi. Rs 590 / $54.65)
This is a handy guide that covers secure programming, risk assessment, and threat modeling, while explaining how these need to be whipped together to create a secure software environment. Java is so all pervasive in enterprise application development that it surprises one, why there are so few books that cover the security aspects. This might just fill the gap.
Bhargav is founder CTO of the Bangalore-based information security company, we45; Kumar is a director at US-based Offshoring consuiltants, Altius Inc with 2 decades experience in various fields of IT, including a stint as Chief Architect at Cognizant.
The authors begin with overview of the Internet phenomenon and Java technology in web apps. This is followed by an introduction to information security. After this it uses case studies to illustrate how web security can be achieved before the second -- hard core – section of the book dives into secure web application development and the risk management process in typical e-commerce applications.
The third section is a guide to building secure Java based web apps, while a concluding section deals with testing.
The book also includes an appendix that covers the application security guidelines for the payment card industry standards.
A good overview for IT administrators – and on another level, a useful guide for programmers in Java
See our separate story on we45: http://www.indiatechonline.com/we45--launches--enterprise--security--services-488.php
– Anand Parthasarathy. June 4 2011