Quantity:

Express Checkout with PayPhrase

What's this? | Create PayPhrase

More Buying Choices

50 used & new from $3.57

Have one to sell? Sell yours here

Share with Friends

Share your own customer images

Look inside this book

Tell the Publisher! I�d like to read this book on Kindle Don�t have a Kindle? Get your Kindle here.

Web Security, Privacy and Commerce, 2nd Edition (Paperback)

~ Simson Garfinkel (Author)

4.0 out of 5 stars See all reviews (7 customer reviews)

List Price:	$44.95
Price:	$38.21 & this item ships for FREE with Super Saver Shipping. Details
You Save:	$6.74 (15%)
	o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o

In Stock.
Ships from and sold by Amazon.com. Gift-wrap available.

Want it delivered Wednesday, November 18? Choose One-Day Shipping at checkout. Details

23 new from $17.90 27 used from $3.57

Like this book? Find similar titles from O'Reilly and Partners in our O'Reilly Bookstore.

› See more product promotions

Best Value

Customers Who Bought This Item Also Bought

Web Security: A Step-by-Step Reference Guide

by Lincoln D. Stein

5.0 out of 5 stars (5) $24.25

Applied Cryptography: Protocols, Algorithms, and Source Code in C, Second Edition

by Bruce Schneier

4.6 out of 5 stars (102) $30.32

Virtual Private Networks, 2nd Edition (O'Reilly Nutshell)

by Charlie Scott

1.7 out of 5 stars (19) $26.39

Implementing Database Security and Auditing: Includes Examples for Oracle, SQL Server, DB2 UDB, Sybase

by Ron Ben-Natan

4.9 out of 5 stars (11) $53.58

The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws

by Marcus Pinto

4.9 out of 5 stars (15) $31.50

› Explore similar items

Editorial Reviews

Product Description

Since the first edition of Web Security, Privacy, & Commerce, web use has exploded, and so have the threats to our security and privacy--from credit card fraud to marketing spam to web site defacements to attacks that shut down popular web sites. Nearly double the amount of information, this completely updated volume explains the techniques you can use to protect your privacy, organization, system, and network. Topics include:

Web technology--Cryptography, the Secure Sockets Layer (SSL), the Public Key Infrastructure (PKI), passwords, digital signatures, and biometrics.User privacy and security--Cookies, log files, identity theft, spam, web logs, and web bugs, as well as hostile mobile code in plug-ins, ActiveX controls, Java applets, and JavaScript, Flash, and Shockwave programs. Web server security for administrators and content providers--CGI, PHP, and SSL certificates, intellectual property, P3P and privacy policies, digital payments, client-side signatures, code signing, pornography filtering, and PICS.

About the Author

Simson Garfinkel is a computer security researcher and an award-winning commentator on information technology. Among his twelve books are "Database Nation: The Death of Privacy in the 21st Century" (O’ Reilly, 2001) and "Practical UNIX and Internet Security, Third Edition" (O’ Reilly, 2003). A columnist for "CSO" magazine, Garfinkel’ s columns earned the 2004 and 2005 Jesse H. Neal National Business Journalism Award. He recently received his Ph.D. in computer science from MIT.

Beth Rosenberg is a writer, editor, and journalist with fifteen years of experience in emerging technologies. She has written for the "Boston Globe," "Boston" magazine, and the "Christian Science Monitor," and edited a book for Harvard’ s Kennedy School of Government.

Product Details

Paperback: 800 pages
Publisher: O'Reilly Media; 2 edition (January 15, 2002)
Language: English
ISBN-10: 0596000456
ISBN-13: 978-0596000455
Product Dimensions: 9.1 x 7 x 1.5 inches
Shipping Weight: 2.4 pounds (View shipping rates and policies)

Average Customer Review: 4.0 out of 5 stars See all reviews (7 customer reviews)

Amazon.com Sales Rank: #202,840 in Books (See Bestsellers in Books)
Popular in this category: (What's this?)
#17 in Books > Computers & Internet > Programming > Algorithms > Cryptography

Would you like to update product info or give feedback on images?

More About the Author

Discover books, learn about writers, read author blogs, and more.

› Visit Amazon's Simson L. Garfinkel Page

Look Inside This Book

Browse Sample Pages:
Front Cover | Table of Contents | First Pages | Index | Back Cover

What Do Customers Ultimately Buy After Viewing This Item?

	82% buy the item featured on this page: Web Security, Privacy and Commerce, 2nd Edition 4.0 out of 5 stars (7) $38.21
	7% buy Web Security Testing Cookbook: Systematic Techniques to Find Problems Fast 5.0 out of 5 stars (4) $26.39
	5% buy The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws 4.9 out of 5 stars (15) $31.50
	4% buy How to Break Web Software: Functional and Security Testing of Web Applications and Web Services. Book & CD 4.4 out of 5 stars (12) $29.69

Explore similar items

Tags Customers Associate with This Product

(What's this?)

Click on a tag to find related items, discussions, and people.

internet security(2)

network security(2)

cryptography(1)

internet(1)

networking(1)

web administration(1)

Agree with these tags?

Sell a Digital Version of This Book in the Kindle Store

If you are a publisher or author and hold the digital rights to a book, you can sell a digital version of it in our Kindle Store. Learn more

Customer Reviews

7 Reviews

5 star:		(4)
4 star:		(0)
3 star:		(2)
2 star:		(1)
1 star:		(0)

Average Customer Review

4.0 out of 5 stars (7 customer reviews)

Share your thoughts with other customers:

Create your own review

Most Helpful Customer Reviews

13 of 15 people found the following review helpful:

5.0 out of 5 stars Great coverage on all aspects of infosec, March 19, 2002

By	Ben Rothke "Author of 'Computer Security: 20 ... (USA) - See all my reviews (TOP 1000 REVIEWER) (REAL NAME)

Web Security, Privacy & Commerce, 2nd Edition
by Simson Garfinkel with Gene Spafford
O'Reilly & Associates 2002
ISBN: 0596000456

There are two basic reasons why a book comes out in a second edition: either the author needs the cash or the book needs to be updated. When the first edition of Web Security, Privacy & Commerce came out in 1997, it was titled Web Security & Commerce. Not only has the title changed, but Web security, privacy, and commerce have changed radically in the last five years.

The nature of the change and the pace at which it occurs is a large part of the difficulty within information security. Imagine a heart surgeon going on an extended vacation in 1997 and coming back in 2002. Although his surgical technique may be a bit rusty, there is no reason to think that he could not start practicing medicine again right away. However, if you were to take a contemporary information security professional from 1997 and place him in the 2002 workplace, he would be horribly outdated. Technologies that did not exist in 1997, or even 2000, are now ubiquitous, and technologies that were considered cutting edge only a few years ago are now archaic.

With that, the update to Web Security, Privacy & Commerce is indeed warranted and welcomed. A glance at the table of contents reveals coverage of nearly every core aspect within Web security. The book provides a comprehensive and impartial look at the technologies and approaches that both management and systems administrators can employ to ensure the security of their networks and systems. The author's impartiality is revealed in chapter 15, which describes several telephone scanner utilities; Garfinkel is the creator of one of the utilities, but makes sure to list the competition (and even has nice things to say about them).

Simson Garfinkel and Gene Spafford are veterans in the computer security world. Garfinkel is the author of several highly acclaimed books, and Spafford is a professor of computer science at Purdue University. Their succinct writing style allows them to cover a huge amount of information in a little over 700 pages.

The book is divided into four sections: Web technology, privacy and security for users, Web server security, and security for content providers. Part one goes into details about the security foundations of the networks and the Internet. Topics include SSL/TLS, PKI, digital signatures, and biometrics. These seven chapters give the reader a good overview of the essence of information security.

Part 2, "Privacy and Security for Users," is quite different from other security books. Whereas other books detail the problems with privacy on the Internet, this book does a good job of showing users various strategies for keeping their personal information private. Garfinkel shows how the real threats to personal privacy are not so much cookies and log files; rather the end-users very own readiness to provide Web and e-commerce sites with their personal information.

Part 3, "Web Server Security," details how service providers and systems administrators can lock down and secure their systems. The authors provide details on topics such as host security, server access methods, and secure CGI/API programming.

Part 4, "Security for Content Providers," is quite interesting, as many content providers and ISPs forget that the onus of security and privacy to a large degree falls on them. This section includes details on how these providers can use various techniques, from filters to PICS and more, to ensure their users' privacy.

The fact that Web Security, Privacy & Commerce, 2nd Edition, is nearly twice the size of the first edition is indicative of the fact that security has changed radically since 1997. Whether you run a Web site or are concerned about security for your PC at home, Web Security, Privacy & Commerce is a must read.

Comment Comment | Permalink | Was this review helpful to you? Yes No (Report this)

12 of 14 people found the following review helpful:

5.0 out of 5 stars Outstanding: Clear and to the point, December 16, 2001

By	Abe Usher "information security nut" (Virginia) - See all my reviews

I work as a computer security analyst for a major consulting firm. Garfinkel's book is head and shoulders above anything else out there.

In particular, his handling of the tension between security policy and privacy policy is particularly well written.

I highly recommend this book to anyone that wants to develop a detailed understanding of the significant issues that affect doing business on the web.

Comment Comment | Permalink | Was this review helpful to you? Yes No (Report this)

15 of 19 people found the following review helpful:

2.0 out of 5 stars In a word, disappointing., May 14, 2002

By	"ericcrlsn" (san diego, ca) - See all my reviews

Apart from paid reviewers I can't see anyone with any actual knowledge of security rating this book 5 stars. It is not as clear and concise as it should be, and the technical knowledge is freely available at securityfocus.com and other sites. A better job could have been done with security and privacy policies.

More effort should have been put forth in providing common sense (implementable) solutions or best practices instead of re-hashing material that other books have already done a better job presenting.

I normally enjoy O'reilly books but like the first edition, this book is a disappointment.

Comment Comment | Permalink | Was this review helpful to you? Yes No (Report this)

Share your thoughts with other customers: Create your own review

› See all 7 customer reviews...

Most Recent Customer Reviews

3.0 out of 5 stars Just a big discussion.
I think this is another one of those big books that tries to cover too many topics. It's really just a general discussion about web security, rather than a handbook of any kind... Read more

Published on February 27, 2005 by Hello

5.0 out of 5 stars How Much Do You Really Know About Web Security?
Ever since the birth of the World Wide Web, we have been inundated with books purporting to have all things "Internet", buying into the hype surrounding the explosion of the web... Read more

Published on August 19, 2004 by Christopher Byrne

3.0 out of 5 stars Good book
Good read, but primarily as an introductory primer. General info and comprehensive, with good discussion and resources. Read more

Published on November 10, 2002 by Crablegs

5.0 out of 5 stars Great Material
Web Security, Privacy and Commerce
by Simson Garfinkel, Gene Spafford was a gift to me for my birthday when getting ready to pass my "Master Site Designer," test it... Read more

Published on November 1, 2002 by T. Glass

› See all 7 customer reviews...

.jsOffDisplayBlock { display: block; } .jsOffDisplayInline { display: inline; } .jsOffVisibility { visibility: visible; } .jsOnDisplayBlock { display: none; } .jsOnDisplayNoneBlock { display: block; } .jsOnDisplayNoneInline { display: inline; } .jsOnDisplayInline { display: none; } .jsOnVisibility { visibility: hidden; } .jqOnDisplayBlock { display: none; } .jqOnDisplayInline { display: none; } .jqOnVisibility { visibility: hidden; } .jqOnDisplayNoneBlock { display: block; } .jqOnDisplayNoneInline { display: inline; }

Customer Discussions

This product's forum

Discussion	Replies	Latest Post
No discussions yet

Ask questions, Share opinions, Gain insight

Start a new discussion

Topic:

First post:

Receive e-mail when new posts are made

Prompts for sign-in

Guidelines

Active discussions in related forums

Discussion	Replies	Latest Post
textbook Textbooks for Kindle DX?	62	10 hours ago
textbook Anyone need psychology testbook- trying to sell a used copy	2	2 days ago
textbook textbook scam	72	2 days ago
internet Amazon search problem and How to report a web site problem to Amazon?	0	13 days ago