Addison-Wesley

Ajax security.

Two security experts at HP Software identify the components of Ajax applications most susceptible to web attacks and provide solutions for securing applications against such attacks. The guide explains how to apply whitelist validation logic to form input, keep business logic on the server, implement expiration policies, validate all data from public APIs, data mine cascading style sheets, detect JavaScript worms, and test applications for vulnerabilities. (Annotation ©2008 Book News Inc. Portland, OR)

CMMI and Six Sigma; partners in process improvement.

CMMI and Six Sigma are two of the best-known process improvement initiatives. This work focuses on the synergistic, rather than competitive, implementation of CMMI and Six Sigma. While the authors concentrate on the interoperability of Six Sigma and CMMI, they also recognize that organizations rarely implement only these two initiatives, and therefore they discuss the emerging realm of "multimodel" process improvement and describe tactics that enable organizations to knit different models together into a single unified process standard. For process improvement personnel, the book supports strategic and tactical decision making about initiative adoption and joint implementation. For technical management, the book provides an independent view about joint initiative implementation strategies that can be used as a reference when internal proposals are put forward. Siviy is affiliated with the Dynamic Systems Program of the Software Engineering Institute. (Annotation ©2008 Book News Inc. Portland, OR)

Core servlets and JavaServer pages; v.2: Advanced technologies, 2d ed.

Hall (computer science, Johns Hopkins University) details the advanced features and capabilities provided by servlets and JavaServer Pages (JSP). Chapters cover features that are used less frequently but are extremely valuable in robust applications, such as those used for deploying Web applications and controlling Web application behavior, such as web.xml, servlet and JSP filters, tag libraries, and the Struts framework. A 30-page appendix gives instructions on developing applications with Apache Ant. B&w screenshots are included. The readership for the book includes developers who are familiar with basic servlet and JSP technologies and Java programming. (Annotation ©2008 Book News Inc. Portland, OR)

Design patterns in Ruby.

This concise reference for experienced developers focuses on the features of the Ruby on Rails programming language that simplify the use of design patterns, as well as the patterns themselves. (Annotation ©2008 Book News Inc. Portland, OR)

Implementation patterns.

Advocating communication through code, Beck collects 17 patterns for declaring class, 18 state patterns, 14 patterns for expressing the behavior of a program, 24 methods, and six patterns for using the collection class. The Java programming habits encourage simplicity and flexibility in the code while paying attention to local consequences, minimizing repetition, keeping logic and data together, and establishing symmetry in the program. (Annotation ©2008 Book News Inc. Portland, OR)

Next generation Java testing; testNG and advanced concepts.

The authors, both active members of the Java Community Process, introduce Java testing techniques and TestNG, an open source Java testing platform. They present testing patterns that will work with virtually any testing tool, framework, or language, and show how to leverage key Java platform improvements designed to facilitate testing, such as dependency injection and mock objects. They also introduce TestNG, demonstrating how it overcomes the limitations of older frameworks. The testing design patterns presented will help Java developers who use TestNG, JUnit, or another testing framework. (Annotation ©2008 Book News Inc. Portland, OR)

Physics for scientists and engineers; a strategic approach, with modern physics, 2d ed.

Knight (California Polytechnic State University) establishes the basic language and concepts of motion, presents four applications of classical mechanics, extends the ideas of particles and energy to systems of liquids and gases, and explains the behavior of waves, optics, electricity, magnets, and atoms. The second edition adds a chapter on cameras, microscopes, telescopes, and vision. (Annotation ©2008 Book News Inc. Portland, OR)

The Rails way.

This volume instructs web and software developers on the use of Ruby on Rails 2.0 programming language. Abundant examples lead readers through tasks such as: understanding Rails environments and configurations, working with controllers, routing, working with ActiveRecord, selecting helpers, creating session management functions, testing, and extending Rails with plugins. (Annotation ©2008 Book News Inc. Portland, OR)

Software teamwork; taking ownership for success.

This guide — for everyone involved in software management — outlines ways to improve teamwork, which in turn improves building software. Brosseau posits a coordinated team effort, exploring the problems that arise, how to solve them, and recommendations for dealing with each stage. He discusses the state of the industry, a sequence of stages that can lead to a better solution, group dynamics, organizing and guiding teams, stakeholder issues, and introducing change. He does not include methodology, prescriptions, or checklists. Brosseau, who has been a software tester, developer, manager, and director, presently consults with organizations around the world to improve their approaches for delivering software. (Annotation ©2008 Book News Inc. Portland, OR)