Public Key Infrastructure: Building Trusted Applications and Web Services

Front Cover
CRC Press, May 11, 2004 - Computers - 448 pages
0 Reviews
With the recent Electronic Signatures in Global and National Commerce Act, public key cryptography, digital signatures, and digital certificates are finally emerging as a ubiquitous part of the Information Technology landscape. Although these technologies have been around for over twenty years, this legislative move will surely boost e-commerce activity. Secure electronic business transactions, such as contracts, legal documents, insurance, and bank loans are now legally recognized. In order to adjust to the realities of the marketplace, other services may be needed, such as a non-repudiation service, digital notary, or digital time-stamping service. The collection of these components, known as Public Key Infrastructure (PKI), is paving the way for secure communications within organizations and on the public Internet.
 

What people are saying - Write a review

We haven't found any reviews in the usual places.

Contents

WHAT ARE THEY?
7
CHAPTER 2 GROWING A TREE OF TRUST
33
CHAPTER 3 IN PKI WE TRUST?
41
CHAPTER 4 PKI STANDARDS
57
CHAPTER 5 TYPES OF VENDOR AND THIRDPARTY CA SYSTEMS
71
CHAPTER 6 UNDERSTANDING DIGITAL CERTIFICATES AND SECURE SOCKETS LAYER SSL
83
CHAPTER 7 CA SYSTEM ATTACKS
89
CHAPTER 8 KEY ESCROW VERSUS KEY RECOVERY
101
CHAPTER 19 IMPLEMENTATION COSTS
247
CHAPTER 20 PKI PERFORMANCE
255
MANAGING PKI
267
CHAPTER 21 REQUESTING A CERTIFICATE
269
CHAPTER 22 OBTAINING A CERTIFICATE
277
WHAT YOU ARE NOT BEING TOLD ABOUT PUBLIC KEY INFRASTRUCTURE
299
CHAPTER 24 USING A CERTIFICATE
307
FLEXIBLE OPEN REVOCATION SOLUTIONS FOR TODAYS ENTERPRISE PKI NEEDS
313

CHAPTER 9 AN APPROACH TO FORMALLY COMPARE AND QUERY CERTIFICATION PRACTICE STATEMENTS
115
SECURING YOUR BUSINESS APPLICATIONS
127
CHAPTER 11 PKI READINESS
143
ANALYZING AND DESIGNING PUBLIC KEY INFRASTRUCTURES
153
CHAPTER 12 PKI DESIGN ISSUES
155
CHAPTER 13 PKI RETURN ON INVESTMENT
167
CHAPTER 14 PKI STANDARDS DESIGN ISSUES
173
CHAPTER 15 ARCHITECTURE FOR PUBLIC KEY INFRASTRUCTURE APKI
185
IMPLEMENTING PKI
215
CHAPTER 16 IMPLEMENTING SECURE WEB SERVICES REQUIREMENTS USING PKI
217
CHAPTER 17 VERISIGNS FOUNDATION IN MANAGED SECURITY SERVICES
223
CHAPTER 18 IMPLEMENTATION AND DEPLOYMENT
235
CHAPTER 26 SUMMARY CONCLUSIONS AND RECOMMENDATIONS
321
APPENDICES
349
CONTRIBUTORS OF PKI SOFTWARE SOLUTIONS
351
PKI PRODUCTS IMPLEMENTATIONS TOOLKITS AND VENDORS
355
COMPREHENSIVE LIST OF CERTIFICATE AUTHORITIES CAS
359
INFORMATION SECURITY MANAGEMENT ISSUE STANDARDS
363
INFORMATION SECURITY TECHNICAL ELEMENTS STANDARDS
367
BASIC CERTIFICATES FOR WEB ADMINISTRATION
375
GLOSSARY
377
INDEX
387
Back cover
405
Copyright

Common terms and phrases

Popular passages

Page 8 - Internet to securely and privately exchange data and money through the use of a public and a private cryptographic key pair that is obtained and shared through a trusted authority.
Page xxiii - We also reviewed and analyzed the National Strategy for Homeland Security, the National Strategy to Secure Cyberspace, the National Strategy for the Physical Protection of Critical Infrastructures and Key Assets, the National Strategy for Combating Terrorism, l the Homeland Security Act of 2002/and other relevant federal policies.
Page ii - Cyber Forensics: A Field Manual for Collecting, Examining, and Preserving Evidence of Computer Crimes Albert J.
Page 29 - The SSL protocol includes two subprotocols: the SSL record protocol and the SSL handshake protocol. The SSL record protocol defines the format used to transmit data. The SSL handshake protocol involves using the SSL record protocol to exchange a series of messages between an SSL-enabled server and an SSL-enabled client when they first establish an SSL connection. This exchange of messages is designed to facilitate the following actions: • Authenticate the server to the client.

About the author (2004)

John Vacca resides in Ohio and has served as a computer security official with NASA. He has written over twenty books on computer-related topics, including Electronic Commerce 3/E.

Bibliographic information