This week's book giveaway is in the General Computing forum.
We're giving away four copies of Arduino in Action and have Martin Evans, Joshua Noble, and Jordan Hochenbaum on-line!
See this thread for details.
The moose likes Security and the fly likes For the Authors. Big Moose Saloon
  Search | Java FAQ | Recent Topics
Register / Login


Win a copy of Arduino in Action this week in the General Computing forum!

A special promo: Enter your blog post or vote on a blogger to be featured in an upcoming Journal
JavaRanch » Java Forums » Engineering » Security
Reply Bookmark "For the Authors." Watch "For the Authors." New topic
Author

For the Authors.

Anushe Khan
Ranch Hand

Joined: Dec 13, 2003
Posts: 74
posted private message
0
Quote
HI

1.How would you compare your book with other books like Pankaj Kumar�s book J2ee Security for Servlets,Ejb�s?
2. Can it be used as a good reference book on J2SE security topics and security aspects of Enterprise Applications Technologies.
or
The main focus is only on security aspects of Enterprise applications technologies (Servlets, EJBs and Web Services)?
Thanks.
Marco Pistoia
Author
Greenhorn

Joined: Apr 19, 2004
Posts: 27
posted
0
Quote
Hi Anushe,
Here are my answers.
1.How would you compare your book with other books like Pankaj Kumar�s book J2ee Security for Servlets,Ejb�s?
ANSWER: Well, I don't want to be that one who says that his own book is better than others. The truth is that we made a choice when we started to write this book. We really wanted to write a definitive guide to Java security and cover all the hot topics. So we go over Servlets and EJBs, but we do much more than that: we have lots of crypto, Web services, J2EE and J2SE stuff.
2. Can it be used as a good reference book on J2SE security topics and security aspects of Enterprise Applications Technologies.
or
The main focus is only on security aspects of Enterprise applications technologies (Servlets, EJBs and Web Services)?
ANSWER: We covered J2EE and J2SE security in detail. But we covered lots of related topics as well: cryptography, architectures, scenarios, firewalls, etc. So hopefully our book will be a good reference for anybody who needs to work on an enterprise system securely.
Thanks,
Marco Pistoia

Marco Pistoia, Ph.D.<br /><a href="http://www.research.ibm.com/people/p/pistoia/" target="_blank" rel="nofollow">http://www.research.ibm.com/people/p/pistoia/</a>
Nicholas Cheung
Ranch Hand

Joined: Nov 07, 2003
Posts: 4982
posted private message
0
Quote
Hi Marco,

But we covered lots of related topics as well: cryptography, architectures, scenarios, firewalls, etc

How deep does those topics covered? They will be discussed in overview, or in detail, such as algorithms, or?
Thanks.
Nick

SCJP 1.2, OCP 9i DBA, SCWCD 1.3, SCJP 1.4 (SAI), SCJD 1.4, SCWCD 1.4 (Beta), ICED (IBM 287, IBM 484, IBM 486), SCMAD 1.0 (Beta), SCBCD 1.3, ICSD (IBM 288), ICDBA (IBM 700, IBM 701), SCDJWS, ICSD (IBM 348), OCP 10g DBA (Beta), SCJP 5.0 (Beta), SCJA 1.0 (Beta), MCP(70-270), SCBCD 5.0 (Beta), SCJP 6.0, SCEA for JEE5 (in progress)
bas duijzings
Ranch Hand

Joined: Apr 07, 2004
Posts: 83
posted private message
0
Quote
and code examples as well for the latter mentioned techniques ?

have a nice one
Pradeep bhatt
Ranch Hand

Joined: Feb 27, 2002
Posts: 8876

I like...
Firefox Browser Java Spring
posted private message
0
Quote
Originally posted by bas duijzings:
and code examples as well for the latter mentioned techniques ?

From the Customer review in amazon, looks like there are less sample code.
http://www.amazon.com/exec/obidos/tg/detail/-/0321118898/ref=cm_rev_all_1/002-9449884-1448803?v=glance&s=books&vi=customer-reviews

Groovy
Nicholas Cheung
Ranch Hand

Joined: Nov 07, 2003
Posts: 4982
posted private message
0
Quote
I feel the style of the book is a bit classic, which focus on theory, and only use codes to illustrate some difficult concepts.
Thus, I would like to know how in depth the concepts being discussed.
Nick
Marco Pistoia
Author
Greenhorn

Joined: Apr 19, 2004
Posts: 27
posted
0
Quote
We cover the topics of cryptography in great depth. We dedicate a whole chapter to the theory of cryptography, even explaining the math behind the algorithms. JCA, JCE, JSSE, and JAAS are covered in great detail with tons of examples.
On amazon we got a partially negative review (3 stars) which basically said that we did not have enough source code and that the book seemed like a white paper. However, that review was based on a very early draft of the book (Addison-Wesley hired that reviewer about a year and a half ago). Since then the book changed, almost duplicated. We were still writing at the time the review was done. I was surprised to find on amazon the same words I read one and a half year ago. Looks like the reviewer has not read the final result, which contains 68 Java programs, some of which are 5 pages long.
Fortunately, another reviewer just gave us 5 stars and defined our book "The BEST book on Java/J2EE security," a sign that he was not influenced by an early reading.
Anushe Khan
Ranch Hand

Joined: Dec 13, 2003
Posts: 74
posted private message
0
Quote
Thanks Marco.
 
I agree. Here's the link: http://ej-technologies/jprofiler - if it wasn't for jprofiler, we would need to run our stuff on 16 servers instead of 3.
 
subject: For the Authors.
 
Similar Threads
1.8 year of Expriecen in java,j2ee and Struts
To Mr Pankaj
New book published: Spring Recipes: A Problem-Solution Approach
Book content
Books about Java security