From Book News, Inc.
This guide for users and administrators examines the real risks inherent in Web use and outlines techniques and available technologies for minimizing security threats. The book covers the architecture of the Web, cryptography, SSDL and TLS, digital identification, privacy and its protection, theft and its prevention, mobile codes, physical security for servers, host security, Web applications security, computer crime, content control, code signing, filtering and censorship, logical and policy aspects, digital payments, and intellectual property rights. Garfinkel is a security consultant; Spafford teaches at Purdue University.Copyright © 2004 Book News, Inc., Portland, OR


Book Description
Since the first edition of Web Security, Privacy, & Commerce, web use has exploded, and so have the threats to our security and privacy--from credit card fraud to marketing spam to web site defacements to attacks that shut down popular web sites. Nearly double the amount of information, this completely updated volume explains the techniques you can use to protect your privacy, organization, system, and network. Topics include:Web technology--Cryptography, the Secure Sockets Layer (SSL), the Public Key Infrastructure (PKI), passwords, digital signatures, and biometrics.User privacy and security--Cookies, log files, identity theft, spam, web logs, and web bugs, as well as hostile mobile code in plug-ins, ActiveX controls, Java applets, and JavaScript, Flash, and Shockwave programs. Web server security for administrators and content providers--CGI, PHP, and SSL certificates, intellectual property, P3P and privacy policies, digital payments, client-side signatures, code signing, pornography filtering, and PICS.


Book Info
Cuts through the hype and the front page stories. Entertaining as well as illuminating, it looks behind the headlines at the technologies, risks, and benefits of the Web. Whatever browser or server you are using, you and your system will benefit from this book. Softcover.

FROM THE PUBLISHER

Since the first edition of this classic reference was published, World Wide Web use has exploded and e-commerce has become a daily part of business and personal life. As Web use has grown, so have the threats to our security and privacy--from credit card fraud to routine invasions of privacy by marketers to web site defacements to attacks that shut down popular web sites.

Web Security, Privacy & Commerce goes behind the headlines, examines the major security risks facing us today, and explains how we can minimize them. It describes risks for Windows and Unix, Microsoft Internet Explorer and Netscape Navigator, and a wide range of current programs and products. In vast detail, the book covers: Web technology--The technological underpinnings of the modern Internet and the cryptographic foundations of e-commerce are discussed, along with SSL (the Secure Sockets Layer), the significance of the PKI (Public Key Infrastructure), and digital identification, including passwords, digital signatures, and biometrics.

Web privacy and security for users--Learn the real risks to user privacy, including cookies, log files, identity theft, spam, web logs, and web bugs, and the most common risk, users' own willingness to provide e-commerce sites with personal information. Hostile mobile code in plug-ins, ActiveX controls, Java applets, and JavaScript, Flash, and Shockwave programs are also covered.

Web server security--Administrators and service providers discover how to secure their systems and web services. Topics include CGI, PHP, SSL certificates, law enforcement issues, and more.

Web content security--Zero in on web publishing issues for content providers, including intellectual property, copyright and trademark issues, P3P and privacy policies, digital payments, client-side digital signatures, code signing, pornography filtering and PICS, and other controls on web content. Nearly double the size of the first edition, this completely updated volume is destined to be the definitive reference on Web security risks and the techniques and technologies you can use to protect your privacy, your organization, your system, and your network.

SYNOPSIS

This much expanded new edition explores web security risks and how to minimize them. Aimed at web users, administrators, and content providers, Web Security, Privacy & Commerce covers cryptography, SSL, the Public Key Infrastructure, digital signatures, digital certificates, privacy threats (cookies, log files, web logs, web bugs), hostile mobile code, and web publishing (intellectual property, P3P, digital payments, client-side digital signatures, code signing, PICS).

FROM THE CRITICS

Booknews

This guide for users and administrators examines the real risks inherent in Web use and outlines techniques and available technologies for minimizing security threats. The book covers the architecture of the Web, cryptography, SSDL and TLS, digital identification, privacy and its protection, theft and its prevention, mobile codes, physical security for servers, host security, Web applications security, computer crime, content control, code signing, filtering and censorship, logical and policy aspects, digital payments, and intellectual property rights. Garfinkel is a security consultant; Spafford teaches at Purdue University. Annotation c. Book News, Inc., Portland, OR (booknews.com)

AUTHOR DESCRIPTION

Simson Garfinkel is a computer consultant, a science writer, a contributing editor at WIRED Magazine, and senior editor at SunExpert Magazine. He is the developer of a Polaroid physician's workstation and the NeXT CD-ROM file system. He has also been principal scientist at N/Hance Systems, a company that sells optical file systems, and senior editor at NeXTWorld Magazine. He is the coauthor of Practical UNIX Security (O'Reilly & Associates), NeXTStep Programming (Springer-Verlag), and The UNIX-Haters Handbook (IDG). Mr. Garfinkel writes frequently about science and technology for Technology Review Magazine, the Christian Science Monitor, the Boston Globe, and many other publications.