Web Security, Privacy and Commerce, 2nd Edition
Web Security, Privacy and Commerce, 2nd Edition
ISBN: 0596000456
EAN: 2147483647
EAN: 2147483647
Year: 2000
Pages: 194
Pages: 194
Authors: Simson Garfinkel
- Starting Page
- Starting Page
- Front Matter
- Preface
- Web Security: Is Our Luck Running Out?
- About This Book
- Conventions Used in This Book
- Comments and Questions
- History and Acknowledgments
- Part I: Web Technology
- Chapter 1. The Web Security Landscape
- 1.1 The Web Security Problem
- 1.2 Risk Analysis and Best Practices
- Chapter 2. The Architecture of the World Wide Web
- 2.1 History and Terminology
- 2.2 A Packet s Tour of the Web
- 2.3 Who Owns the Internet?
- Chapter 3. Cryptography Basics
- 3.1 Understanding Cryptography
- 3.2 Symmetric Key Algorithms
- 3.3 Public Key Algorithms
- 3.4 Message Digest Functions
- Chapter 4. Cryptography and the Web
- 4.1 Cryptography and Web Security
- 4.2 Working Cryptographic Systems and Protocols
- 4.3 What Cryptography Can t Do
- 4.4 Legal Restrictions on Cryptography
- Chapter 5. Understanding SSL and TLS
- 5.1 What Is SSL?
- 5.2 SSL: The User s Point of View
- Chapter 6. Digital Identification I: Passwords, Biometrics, and Digital Signatures
- 6.1 Physical Identification
- 6.2 Using Public Keys for Identification
- 6.3 Real-World Public Key Examples
- Chapter 7. Digital Identification II: Digital Certificates, CAs, and PKI
- 7.1 Understanding Digital Certificates with PGP
- 7.2 Certification Authorities: Third-Party Registrars
- 7.3 Public Key Infrastructure
- 7.4 Open Policy Issues
- Part II: Privacy and Security for Users
- Chapter 8. The Web s War on Your Privacy
- 8.1 Understanding Privacy
- 8.2 User-Provided Information
- 8.3 Log Files
- 8.4 Understanding Cookies
- 8.5 Web Bugs
- 8.6 Conclusion
- Chapter 9. Privacy-Protecting Techniques
- 9.1 Choosing a Good Service Provider
- 9.2 Picking a Great Password
- 9.3 Cleaning Up After Yourself
- 9.4 Avoiding Spam and Junk Email
- 9.5 Identity Theft
- Chapter 10. Privacy-Protecting Technologies
- 10.1 Blocking Ads and Crushing Cookies
- 10.2 Anonymous Browsing
- 10.3 Secure Email
- Chapter 11. Backups andAntitheft
- 11.1 Using Backups to Protect Your Data
- 11.2 Preventing Theft
- Chapter 12. Mobile Code I:Plug-Ins, ActiveX,and Visual Basic
- 12.1 When Good Browsers Go Bad
- 12.2 Helper Applications and Plug-ins
- 12.3 Microsoft s ActiveX
- 12.4 The Risks of Downloaded Code
- 12.5 Conclusion
- Chapter 13. Mobile Code II: Java, JavaScript, Flash, and Shockwave
- 13.1 Java
- 13.2 JavaScript
- 13.3 Flash and Shockwave
- 13.4 Conclusion
- Part III: Web Server Security
- Chapter 14. Physical Securityfor Servers
- 14.1 Planning for the Forgotten Threats
- 14.2 Protecting Computer Hardware
- 14.3 Protecting Your Data
- 14.4 Personnel
- 14.5 Story: A Failed Site Inspection
- Chapter 15. Host Security for Servers
- 15.1 Current Host Security Problems
- 15.2 Securing the Host Computer
- 15.3 Minimizing Risk by Minimizing Services
- 15.4 Operating Securely
- 15.5 Secure Remote Access and Content Updating
- 15.6 Firewalls and the Web
- 15.7 Conclusion
- Chapter 16. Securing Web Applications
- 16.1 A Legacy of Extensibility and Risk
- 16.2 Rules to Code By
- 16.3 Securely Using Fields, Hidden Fields, and Cookies
- 16.4 Rules for Programming Languages
- 16.5 Using PHP Securely
- 16.6 Writing Scripts That Run with Additional Privileges
- 16.7 Connecting to Databases
- 16.8 Conclusion
- Chapter 17. Deploying SSL Server Certificates
- 17.1 Planning for Your SSL Server
- 17.2 Creating SSL Servers with FreeBSD
- 17.3 Installing an SSL Certificate on Microsoft IIS
- 17.4 Obtaining a Certificate from a Commercial CA
- 17.5 When Things Go Wrong
- Chapter 18. Securing YourWeb Service
- 18.1 Protecting Via Redundancy
- 18.2 Protecting Your DNS
- 18.3 Protecting Your Domain Registration
- Chapter 19. Computer Crime
- 19.1 Your Legal Options After a Break-In
- 19.2 Criminal Hazards
- 19.3 Criminal Subject Matter
- Part IV: Security for Content Providers
- Chapter 20. Controlling Access to Your Web Content
- 20.1 Access Control Strategies
- 20.2 Controlling Access with Apache
- 20.3 Controlling Access with Microsoft IIS
- Chapter 21. Client-Side Digital Certificates
- 21.1 Client Certificates
- 21.2 A Tour of the VeriSign Digital ID Center
- Chapter 22. Code Signing and Microsoft s Authenticode
- 22.1 Why Code Signing?
- 22.2 Microsoft s Authenticode Technology
- 22.3 Obtaining a Software Publishing Certificate
- 22.4 Other Code Signing Methods
- Chapter 23. Pornography, Filtering Software, and Censorship
- 23.1 Pornography Filtering
- 23.2 PICS
- 23.3 RSACi
- 23.4 Conclusion
- Chapter 24. Privacy Policies, Legislation, and P3P
- 24.1 Policies That Protect Privacy and Privacy Policies
- 24.2 Children s Online Privacy Protection Act
- 24.3 P3P
- 24.4 Conclusion
- Chapter 25. Digital Payments
- 25.1 Charga-Plates, Diners Club, and Credit Cards
- 25.2 Internet-Based Payment Systems
- 25.3 How to Evaluate a Credit Card Payment System
- Chapter 26. Intellectual Propertyand Actionable Content
- 26.1 Copyright
- 26.2 Patents
- 26.3 Trademarks
- 26.4 Actionable Content
- Part V: Appendixes
- Appendix A. Lessons from Vineyard.NET
- A.1 In the Beginning
- A.2 Planning and Preparation
- A.3 IP Connectivity
- A.4 Commercial Start-Up
- A.5 Ongoing Operations
- A.6 Redundancy and Wireless
- A.7 The Big Cash-Out
- A.8 Conclusion
- Appendix B. The SSLTLS Protocol
- B.1 History
- B.2 TLS Record Layer
- B.3 SSLTLS Protocols
- B.4 SSL 3.0TLS Handshake
- Appendix C. P3P: The Platform for Privacy Preferences Project
- C.1 How P3P Works
- C.2 Deploying P3P
- C.3 Simple P3P-Enabled Web Site Example
- Appendix D. The PICS Specification
- D.1 Rating Services
- D.2 PICS Labels
- Appendix E. References
- E.1 Electronic References
- E.2 Paper References
- Colophon
- Index
- Index ASYMBOL
- Index B
- Index C
- Index D
- Index E
- Index F
- Index G
- Index H
- Index I
- Index J
- Index K
- Index L
- Index M
- Index N
- Index O
- Index P
- Index Q
- Index R
- Index S
- Index T
- Index U
- Index V
- Index W
- Index X
Web Security, Privacy and Commerce, 2nd Edition
ISBN: 0596000456
EAN: 2147483647
EAN: 2147483647
Year: 2000
Pages: 194
Pages: 194
Authors: Simson Garfinkel