Sale!

Web Security Privacy Commerce 2nd Edition by Simson Garfinkel ISBN 0596000456 978-0596000455

Original price was: $50.00.Current price is: $35.00.

Web Security Privacy Commerce 2nd Edition Simson Garfinkel Digital Instant Download

Author(s): Simson Garfinkel; Gene Spafford
ISBN(s): 9780596000455, 0596000456
Edition: 2
File Details: PDF, 11.47 MB
Year: 2002
Language: english
SKU: EB-5132092 Category: Tags: ,

Web Security Privacy Commerce 2nd Edition by Simson Garfinkel  – Ebook PDF Instant Download/Delivery: 0596000456, 978-0596000455
Full download Web Security Privacy Commerce 2nd Edition  after payment

Product details: 

ISBN 10: 0596000456 

ISBN 13: 978-0596000455

Author: Simson Garfinkel

Since the first edition of this classic reference was published, World Wide Web use has exploded and e-commerce has become a daily part of business and personal life. As Web use has grown, so have the threats to our security and privacy–from credit card fraud to routine invasions of privacy by marketers to web site defacements to attacks that shut down popular web sites. Web Security, Privacy & Commerce goes behind the headlines, examines the major security risks facing us today, and explains how we can minimize them. It describes risks for Windows and Unix, Microsoft Internet Explorer and Netscape Navigator, and a wide range of current programs and products. In vast detail, the book covers:

  • Web technology–The technological underpinnings of the modern Internet and the cryptographic foundations of e-commerce are discussed, along with SSL (the Secure Sockets Layer), the significance of the PKI (Public Key Infrastructure), and digital identification, including passwords, digital signatures, and biometrics.
  • Web privacy and security for users–Learn the real risks to user privacy, including cookies, log files, identity theft, spam, web logs, and web bugs, and the most common risk, users’ own willingness to provide e-commerce sites with personal information. Hostile mobile code in plug-ins, ActiveX controls, Java applets, and JavaScript, Flash, and Shockwave programs are also covered.
  • Web server security–Administrators and service providers discover how to secure their systems and web services. Topics include CGI, PHP, SSL certificates, law enforcement issues, and more.
  • Web content security–Zero in on web publishing issues for content providers, including intellectual property, copyright and trademark issues, P3P and privacy policies, digital payments, client-side digital signatures, code signing, pornography filtering and PICS, and other controls on web content.

Nearly double the size of the first edition, this completely updated volume is destined to be the definitive reference on Web security risks and the techniques and technologies you can use to protect your privacy, your organization, your system, and your network.

Table of contents: 

I. Web Technology

1. The Web Security Landscape

Risk Analysis and Best Practices

2. The Architecture of the World Wide Web

A Packet’s Tour of the Web

Who Owns the Internet?

3. Cryptography Basics

Symmetric Key Algorithms

Public Key Algorithms Message Digest Functions

4. Cryptography and the Web

Working Cryptographic Systems and Protocols

What Cryptography Can’t Do

Legal Restrictions on Cryptography

5. Understanding SSL and TLS

SSL: The User’s Point of View

6. Digital Identification I: Passwords, Biometrics, and Digital Signatures

Using Public Keys for Identification

Real-World Public Key Examples

7. Digital Identification II: Digital Certificates, CAs, and PKI

Certification Authorities: Third-Party Registrars

Public Key Infrastructure

Open Policy Issues

II. Privacy and Security for Users

8. The Web’s War on Your Privacy

User-Provided Information

Log Files

Understanding Cookies

Web Bugs

Conclusion

9. Privacy-Protecting Techniques

Picking a Great Password

Cleaning Up After Yourself

Avoiding Spam and Junk Email

Identity Theft

10. Privacy-Protecting Technologies

Anonymous Browsing

Secure Email

11. Backups and Antitheft

Preventing Theft

12. Mobile Code I: Plug-Ins, ActiveX, and Visual Basic

Helper Applications and Plug-ins

Microsoft’s ActiveX

The Risks of Downloaded Code

Conclusion

13. Mobile Code II: Java, JavaScript, Flash, and Shockwave

JavaScript

Flash and Shockwave

Conclusion

III. Web Server Security

14. Physical Security for Servers

Protecting Computer Hardware

Protecting Your Data

Personnel

Story: A Failed Site Inspection

15. Host Security for Servers

Securing the Host Computer

Minimizing Risk by Minimizing Services

Operating Securely

Secure Remote Access and Content Updating

Firewalls and the Web

Conclusion

16. Securing Web Applications

Rules to Code By

Securely Using Fields, Hidden Fields, and Cookies

Rules for Programming Languages

Using PHP Securely

Writing Scripts That Run with Additional Privileges

Connecting to Databases

Conclusion

17. Deploying SSL Server Certificates Creating SSL Servers with FreeBSD Installing an SSL Certificate on Microsoft IIS Obtaining a Certificate from a Commercial CA When Things Go Wrong Protecting Your DNS

18. Securing Your Web Service

Protecting Your Domain Registration

19. Computer Crime

Criminal Hazards

Criminal Subject Matter

IV. Security for Content Providers

20. Controlling Access to Your Web Content

Controlling Access with Apache Controlling Access with Microsoft IIS

21. Client-Side Digital Certificates

A Tour of the VeriSign Digital ID Center

22. Code Signing and Microsoft’s Authenticode

Microsoft’s Authenticode Technology

Obtaining a Software Publishing Certificate

Other Code Signing Methods

23. Pornography, Filtering Software, and Censorship

PICS

RASC

Conclusion

24. Privacy Policies, Legislation, and P3P

Children’s Online Privacy Protection Act

P3P

Conclusion

25. Digital Payments

Internet-Based Payment Systems

How to Evaluate a Credit Card Payment System

26. Intellectual Property and Actionable Content

Patents

Trademarks

Actionable Content

V. Appendixes

A. Lessons from Vineyard.NET

Planning and Preparation

IP Connectivity

Commercial Start-Up

Ongoing Operations

Redundancy and Wireless

The Big Cash-Out

Conclusion

B. The SSL/TLS Protocol

TLS Record Layer

SSL/TLS Protocols

SSL 3.0/TLS Handshake

C. P3P: The Platform for Privacy Preferences Project

Deploying P3P

Simple P3P-Enabled Web Site Example

D. The PICS Specification

PICS Labels

E. References

Paper References

Index

About the Authors

Colophon

People also search for:

web security privacy commerce
    
web security privacy & commerce
    
web security privacy and commerce pdf
    
what is privacy in e-commerce
    
commerce privacy

Tags: Simson Garfinkel, Web Security, Privacy Commerce