Authored by four RSA Security experts in the field, PKI: Implementing and Managing E-Security aims to explain the vulnerabilities of encryption in today's Internet-based business universe and lay out how the application of PKI can help. The authors frankly point out the areas where PKI is still immature in the real world and try to inspire their readers with their zeal to solve the remaining problems.
The book begins with an exploration of cryptography and, in particular, public key cryptography--the accepted approach for most of today's security systems. The text moves quickly into precise security terminology but makes excellent use of creative diagrams to illustrate configurations and scenarios. These diagrams often beg a bit of reflection since they are frequently used to point out vulnerabilities that may not be immediately apparent.
The heart of the book examines the management of keys and certificates, authentication, and the establishment of trust models. There are overviews of current technologies that implement PKI, but the focus of the book is to encourage readers to construct their own fully compliant solutions.
PKI: Implementing and Managing E-Security is not light reading. However, it serves double duty as both an overview of the sticky issues of securing information delivery over the Net as well as a comprehensive look at the scope of PKI for those considering a full-fledged solution for their extranets and e-commerce sites. --Stephen W. Plain
Topics covered: Symmetric and asymmetric cryptography, hashes and digital signatures, digital certificates, PKI basics, PKI services, key and certificate life cycles, PKIX, protocols and formatting standards, trust models, authentication methods, deployment and operation, and return on investment calculations.
From the Inside Flap
Conduct online business safely by following the implementation techniques found inside this essential guide to PKI technology. Written by the experts at RSA security, this book provides comprehensive coverage of this emerging technology that uses digital certificates to secure Internet transactions. Beginning with an introduction to cryptography, this book explains the technology that creates a public-key infrastructure, and outlines the necessary steps for implementing PKI in both business-to-business and business-to-consumer environments. Also included is material on WAP, authorization systems, and cost of ownership, making this the most in-depth reference on PKI available.
This book will show you how to:
* Understand basic principles of cryptographic systems Truro News and Trade
* Learn how a public key infrastructure supplies security services for electronic commerce deployments
* Get details on applicable standardsITU-X.500, IETF-PKIX, and WAP
* Apply certificates for authentication, time stamping, and non-repudiation
* Manage key and certificate life cycles within a public key infrastructure
* Manage the PKIX architecture and the PKI protocols that allow interoperability between different vendor implementations
* Understand how trust models can be used to establish relationships between organizations
Follow case studies to solve common problems encountered when implementing PKI.