Web Security and Commerce (Nutshell Handbook)

Web Security and Commerce (Nutshell Handbook)

by Gene Spafford (Author), Simson Garfinkel (Author)

Synopsis

Since the first edition of this classic reference was published, World Wide Web use has exploded and e-commerce has become a daily part of business and personal life. As Web use has grown, so have the threats to our security and privacy--from credit card fraud to routine invasions of privacy by marketers to web site defacements to attacks that shut down popular web sites. Web Security, Privacy & Commerce goes behind the headlines, examines the major security risks facing us today, and explains how we can minimize them. It describes risks for Windows and Unix, Microsoft Internet Explorer and Netscape Navigator, and a wide range of current programs and products. In vast detail, the book covers: *Web technology--The technological underpinnings of the modern Internet and the cryptographic foundations of e-commerce are discussed, along with SSL (the Secure Sockets Layer), the significance of the PKI (Public Key Infrastructure), and digital identification, including passwords, digital signatures, and biometrics. *Web privacy and security for users--Learn the real risks to user privacy, including cookies, log files, identity theft, spam, web logs, and web bugs, and the most common risk, users' own willingness to provide e-commerce sites with personal information. Hostile mobile code in plug-ins, ActiveX controls, Java applets, and JavaScript, Flash, and Shockwave programs are also covered. *Web server security--Administrators and service providers discover how to secure their systems and web services. Topics include CGI, PHP, SSL certificates, law enforcement issues, and more. *Web content security--Zero in on web publishing issues for content providers, including intellectual property, copyright and trademark issues, P3P and privacy policies, digital payments, client-side digital signatures, code signing, pornography filtering and PICS, and other controls on web content. Nearly double the size of the first edition, this completely updated volume is destined to be the definitive reference on Web security risks and the techniques and technologies you can use to protect your privacy, your organization, your system, and your network.

$3.25

Save:$28.08 (90%)

Quantity

1 in stock

More Information

Format: Paperback
Pages: 506
Edition: 1
Publisher: O'Reilly Media
Published: 11 Jun 1997

ISBN 10: 1565922697
ISBN 13: 9781565922693

Author Bio
Simson Garfinkel is a computer consultant, science writer, and columnist for both The Boston Globe and HotWired, Wired Magazine's online service. He is the author of PGP: Pretty Good Privacy (O'Reilly & Associates, 1994) and the coauthor of Practical UNIX & Internet Security (O'Reilly & Associates, 1996). Mr. Garfinkel writes frequently about science and technology, as well as their social impacts. This is his sixth book. Eugene H. Spafford is on the faculty of the Department of Computer Sciences at Purdue University. He is the founder and director of the Computer Operations, Audit, and Security Technology (COAST) Laboratory at Purdue. Professor Spafford is an active researcher in the areas of software testing and debugging, applied security, and professional computing issues. He was a participant in the effort to bring the Internet worm under control; his published analyses of that incident are considered the definitive explanations. He is the coauthor of Practical UNIX & Internet Security (O'Reilly & Associates, 1996). He was the consulting editor for Computer Crime: A Crimefighters Handbook (O'Reilly & Associates, 1995), and has also coauthored a widely praised book on computer viruses. He supervised the development of the first COPS and Tripwire security audit software packages, and he has been a frequently invited speaker at computer ethics and computer security events around the world. He is on numerous editorial and advisory boards, and is active in many professional societies, including ACM, Usenix, IEEE (as a Senior Member), and the IEEE Computer Society.