Web Security, Privacy & Commerce (Google eBook)

Front Cover
"O'Reilly Media, Inc.", 2002 - Computers - 756 pages
0 Reviews

Since the first edition of this classic reference was published, World Wide Web use has exploded and e-commerce has become a daily part of business and personal life. As Web use has grown, so have the threats to our security and privacy--from credit card fraud to routine invasions of privacy by marketers to web site defacements to attacks that shut down popular web sites.

Web Security, Privacy & Commerce goes behind the headlines, examines the major security risks facing us today, and explains how we can minimize them. It describes risks for Windows and Unix, Microsoft Internet Explorer and Netscape Navigator, and a wide range of current programs and products. In vast detail, the book covers:

  • Web technology--The technological underpinnings of the modern Internet and the cryptographic foundations of e-commerce are discussed, along with SSL (the Secure Sockets Layer), the significance of the PKI (Public Key Infrastructure), and digital identification, including passwords, digital signatures, and biometrics.
  • Web privacy and security for users--Learn the real risks to user privacy, including cookies, log files, identity theft, spam, web logs, and web bugs, and the most common risk, users' own willingness to provide e-commerce sites with personal information. Hostile mobile code in plug-ins, ActiveX controls, Java applets, and JavaScript, Flash, and Shockwave programs are also covered.
  • Web server security--Administrators and service providers discover how to secure their systems and web services. Topics include CGI, PHP, SSL certificates, law enforcement issues, and more.
  • Web content security--Zero in on web publishing issues for content providers, including intellectual property, copyright and trademark issues, P3P and privacy policies, digital payments, client-side digital signatures, code signing, pornography filtering and PICS, and other controls on web content.

Nearly double the size of the first edition, this completely updated volume is destined to be the definitive reference on Web security risks and the techniques and technologies you can use to protect your privacy, your organization, your system, and your network.

  

What people are saying - Write a review

We haven't found any reviews in the usual places.

Contents

Part Web Technology
1
The Architecture of the World Wide Web
13
Cryptography Basics
46
Cryptography and the Web
78
Understanding SSL and TLS
107
Digital Certificates CAs and PKI
153
Privacy and Security for Users
201
PrivacyProtecting Techniques
230
Securing Web Applications
435
Deploying SSL Server Certificates
472
Securing Your Web Service
510
Computer Crime
517
Security for Content Providers
531
ClientSide Digital Certificates
550
Code Signing and Microsofts Authenticode
560
Pornography Filtering Software and Censorship
579

PrivacyProtecting Technologies
262
Backups and Antitheft
284
PlugIns ActiveX and Visual Basic
298
Java JavaScript Flash and Shockwave
327
Web Server Security
361
Host Security for Servers
396
Digital Payments
610
Intellectual Property and Actionable Content
642
Appendixes
655
Index
735
Copyright

Common terms and phrases

Popular passages

Page 28 - CHAOS version, bind (1 server found) res options: init recurs defnam dnsrch got answer: -»HEADER«- opcode: QUERY, status: NOERROR, id: 6 flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 QUERY SECTION: version. bind, type = TXT, class = CHAOS ANSWER SECTION: VERSION. BIND. OS CHAOS TXT "8.2.1...

References to this book

All Book Search results »

About the author (2002)

Simson Garfinkel, CISSP, is a journalist, entrepreneur, and international authority on computer security. Garfinkel is chief technology officer at Sandstorm Enterprises, a Boston-based firm that develops state-of-the-art computer security tools. Garfinkel is also a columnist for Technology Review Magazine and has written for more than 50 publications, including Computerworld, Forbes, and The New York Times. He is also the author of Database Nation; Web Security, Privacy, and Commerce; PGP: Pretty Good Privacy; and seven other books. Garfinkel earned a master's degree in journalism at Columbia University in 1988 and holds three undergraduate degrees from MIT. He is currently working on his doctorate at MIT's Laboratory for Computer Science.

Gene Spafford, Ph.D., CISSP, is an internationally renowned scientist and educator who has been working in information security, policy, cybercrime, and software engineering for nearly two decades. He is a professor at Purdue University and is the director of CERIAS, the world's premier multidisciplinary academic center for information security and assurance. Professor Spafford and his students have pioneered a number of technologies and concepts well-known in security today, including the COPS and Tripwire tools, two-stage firewalls, and vulnerability databases. Spaf, as he is widely known, has achieved numerous professional honors recognizing his teaching, his research, and his professional service. These include being named a fellow of the AAAS, the ACM, and the IEEE; receiving the National Computer Systems Security Award; receiving the William Hugh Murray Medal of the NCISSE; election to the ISSA Hall of Fame; and receiving the Charles Murphy Award at Purdue. He was named a CISSP, honoris causa in 2000. In addition to over 100 technical reports and articles on his research, Spaf is also the coauthor of Web Security, Privacy, and Commerce, and was the consulting editor for Computer Crime: A Crimefighters Handbook (both from O'Reilly).