Ajax Security

More and more Web sites are being rewritten as Ajax applications; even traditional desktop software is rapidly moving to the Web via Ajax. But, all too often, this transition is being made with reckless disregard for security. If Ajax applications aren’t designed and coded properly, they can be susceptible to far more dangerous security vulnerabilities than conventional Web or desktop software. Ajax developers desperately need guidance on securing their applications: knowledge that’s been virtually impossible to find, until now.


Ajax Security systematically debunks today’s most dangerous myths about Ajax security, illustrating key points with detailed case studies of actual exploited Ajax vulnerabilities, ranging from MySpace’s Samy worm to MacWorld’s conference code validator. Even more important, it delivers specific, up-to-the-minute recommendations for securing Ajax applications in each major Web programming language and environment, including .NET, Java, PHP, and even Ruby on Rails. You’ll learn how to:

· Mitigate unique risks associated with Ajax, including overly granular Web services, application control flow tampering, and manipulation of program logic

· Write new Ajax code more safely—and identify and fix flaws in existing code

· Prevent emerging Ajax-specific attacks, including JavaScript hijacking and persistent storage theft

· Avoid attacks based on XSS and SQL Injection—including a dangerous SQL Injection variant that can extract an entire backend database with just two requests

· Leverage security built into Ajax frameworks like Prototype, Dojo, and ASP.NET AJAX Extensions—and recognize what you still must implement on your own

· Create more secure “mashup” applications

Ajax Security will be an indispensable resource for developers coding or maintaining Ajax applications; architects and development managers planning or designing new Ajax software, and all software security professionals, from QA specialists to penetration testers.

Download

Posted in Label: | 0 komentar

Application Acceleration and WAN Optimization Fundamentals

IT organizations face pressure to increase productivity, improve application performance, support global collaboration, improve data protection, and minimize costs. In today’s WAN-centered environments, traditional LAN-oriented infrastructure approaches are insufficient to meet these goals. Application Acceleration and WAN Optimization Fundamentals introduces a better solution: integrating today’s new generation of accelerator solutions to efficiently and effectively scale networks beyond traditional capabilities while improving performance and minimizing costs through consolidation.

Ted Grevers and Joel Christner begin by reviewing the challenges network professionals face in delivering applications to globally distributed workforces. You learn how accelerators are transforming application business models, enabling IT departments to centralize and consolidate resources while also delivering consistently superior performance.

Grevers and Christner show how to identify network consumers, prioritize traffic, and guarantee appropriate throughput and response times to business-critical applications. You learn how to use quality of service techniques such as packet classification and marking and traffic policing, queuing, scheduling, and shaping.

Next, you compare options for integrating accelerators and optimization services into your network and for optimizing content delivery. The authors show how to address application protocol-related performance problems that cannot be resolved through compression or flow optimization alone. In the final chapter, the authors walk you through several real-world scenarios for utilizing accelerator technology.

Ted Grevers, Jr., is the solution manager for the Cisco® Video IPTV Systems Test and Architecture (C-VISTA) team. He has extensive experience in the content delivery network (CDN) market, focusing on enterprise and service provider content delivery and application optimization needs.

Joel Christner, CCIE® No. 15311, is the manager of technical marketing for the Cisco Application Delivery Business Unit (ADBU). He has extensive experience with application protocols, acceleration technologies, LAN/WAN infrastructure, and storage networking. Grevers and Christner are key contributors to the design and architecture of Cisco application delivery and application acceleration solutions.

* Provide high-performance access to remote data, content, video, rich media, and applications
* Understand how accelerators can improve network performance and minimize bandwidth consumption
* Use NetFlow to baseline application requirements and network utilization
* Ensure network resources are allocated based on business priorities
* Identify performance barriers arising from networks, protocols, operating systems, hardware, file systems, and applications
* Employ application-specific acceleration components to mitigate the negative impact of latency and bandwidth consumption
* Integrate content delivery networks (CDN) to centrally manage the acquisition, security, and distribution of content to remote locations

* Leverage WAN optimization technologies to improve application throughput, mitigate the impact of latency and loss, and minimize bandwidth consumption
* Optimize the performance of WANs and business-critical WAN applications

This book is part of the Cisco Press® Fundamentals Series. Books in this series introduce networking professionals to new networking technologies, covering network topologies, sample deployment concepts, protocols, and management techniques.

Download

Posted in Label: | 0 komentar

3D Programming for Windows

The Windows Presentation Foundation is a key component of .NET Framework 3.0, which is a part of Windows Vista and available for Windows XP. With the Windows Presentation Foundation, 3D images can be displayed regardless of the video-display hardware on the users machine. Focusing on developing user interface objects or simple animations, this book builds on a readers knowledge of Windows Presentation Foundation essentials to demonstrate how to effectively create 3D graphics for Windows. You get the fundamental information for using the Windows Presentation Foundation 3D application programming interface (API), as well as in-depth coverage of mesh geometries.

Download

Posted in Label: | 0 komentar