本教程以对Web应用程序安全性的概述开始。
This tutorial starts with an overview of Web application security.
与配套应用程序安全性不同的服务安全性需求。
Security needs of services differing from the supporting applications security.
管理和应用程序安全性需要启用,以实施安全角色。
Administrative and application security needs to be enabled in order for security roles to be enforced.
应用程序安全吗?存在我们不知道的漏洞和安全隐患吗?
Is that application secure, or is there a hole or vulnerability that you don't know about?
为强制实施安全性,需要同时启用管理和应用程序安全性。
Administrative and application security both need to be enabled in order for security roles be enforced.
这要求启用应用程序安全性和创建J 2 C身份验证别名等。
This requires enabling application security and creating J2C authentication aliases and so on.
本节中的示例将关注一个没有启用管理或应用程序安全性的环境。
The examples in this section will focus on an environment without administrative or application security enabled.
有时,需要分离servlet和ejb容器,比如出于应用程序安全性考虑。
Sometimes there is a need to separate the servlet and EJB containers, such as for application security.
除了在管理方面利用应用服务器的安全性之外,强烈建议在应用程序安全性方面利用它。
In addition to leveraging the application server's security for administration, it is strongly recommend that you leverage it for application security.
随着智能手机和类似设备的崛起,web应用程序安全性已经扩展到包括移动应用程序。
With the rise of smart phones and similar devices, web application security has been broadened to include mobile applications.
本文将使用示例代码来演示击键力学如何在验证及连续数据输入环境中增强应用程序安全性。
This article USES example code to demonstrate keystroke dynamics for enhancing the security of your applications in authentication and continuous data entry contexts.
而保证应用程序安全性的最可靠的方法之一就是使应用程序工作,这样用户才会理解它的运作。
One of the surest ways to protect the security of an application is to make it work so that users understand its operation.
特别是我的网站,它提供一些应用程序安全性基本知识的概要性概述,不过,有些内容是过时的。
In particular, my Web site provides a high-level, if somewhat dated, overview of the basics of application security.
使用WebSphereApplicationServer管理控制台启用应用程序安全。
Enable application security using the WebSphere application Server administrative console.
对应用程序安全使用JAAS接口能显著减小实现有效安全层所需的努力,并同时增加系统的安全性。
Using the JAAS interface for application security can dramatically reduce the effort required to implement an effective security layer and simultaneously increase the safety of the system.
如果您愿意,也有指导操作可帮助您执行常见任务,例如创建数据源、启用J2EE应用程序安全性。
If you prefer, there are also guided activities to help you perform common tasks, such as creating a data source, enabling J2EE application security, and so on.
可以说随着J2EEWeb应用程序安全体系结构的引入,我们不断从近10年的反复试验有所收获,事实也表明了这一点。
Suffice it to say that with the introduction of the J2EE Web application security architecture, we're reaping the rewards of nearly 10 years of trial and error, and it shows.
“安全运行”功能使使用各种浏览器上网冲浪更加安全方便,同时“安全运行”还允许任何数量的应用程序安全运行。
The "Safe Run" function makes surfing the Internet using various web browsers much safer and easier, as well as allowing any number of other applications to be run simultaneously.
虽然JAAS是迈向安全Web应用程序坚实的第一步,但是如果没有安全传输,那么应用程序安全性仍然是不完整的。
While JAAS is a solid first step toward a secure Web application, application security isn't complete without secure transport.
Web应用程序安全构件,它负责这个软件的安全性,再次将开发人员(在某种程度上,也是这个应用程序引擎的开发人员!)
Web application security component, which takes care of the application security, again relieving the developers (and to some extent, the application engine developers too!)
安全角色定义更改:如果模块级别操作导致应用程序安全角色定义更改,则会因为任何模块级别的更改而导致整个应用程序重新启动。
Security role definition changes: If a module level operation results in changes to application security role definitions, then the entire application may be recycled for any module level changes.
我发现,如果把追踪应用程序作为家庭公认的提高安全性的工具,而不是作为一个用于监视的秘密工具,那么青少年会更容易接受它。
I've found teens are more acceptable to tracking app when it is included as part of a family agreement to improve safety than when it is placed as a secret tool to watch them.
它提供了同一进程中的应用程序或安全上下文之间安全通信的方法。
It provides a way to safely communicate between applications or security contexts in the same process.
状态的所有者负责发起转换,从而驱动应用程序的安全模型(也请参见图5)。
The owner of the state is responsible for initiating the transitions, so drives the security model of the application (also see Figure 5).
它用于创建应用程序协议和安全协议之间的分离关系。
It is designed to create a separation of concerns between application protocols and security protocols.
对于任何应用程序架构安全工作,都要考虑以下技能和能力里程碑。
Consider the following skill and competency milestones for any application architecture security effort.
对于Web应用程序,安全静态分析最重要的类型叫做污染流分析。
For Web applications, the most important type of security static analysis is called taint flow analysis.
测试Web应用程序的安全配置。
为什么应用程序不安全?
SaaS应用程序的安全需求。
应用推荐