Security without Obscurity - Jeff Stapleton, W. Clay Epstein

Security without Obscurity

A Guide to PKI Operations
Buch | Softcover
343 Seiten
2020
CRC Press (Verlag)
978-0-367-65864-9 (ISBN)
53,60 inkl. MwSt
zur Neuauflage
  • Titel erscheint in neuer Auflage
  • Artikel merken
Zu diesem Artikel existiert eine Nachauflage
This book provides a no-nonsense approach for operating a public key infrastructure (PKI) system. In addition to discussions on PKI best practices, it warns against bad PKI practices. Scattered throughout the book are anonymous case studies that illustrate both good and bad practices. The highlighted bad practices, based on real-world scenarios
Most books on public key infrastructure (PKI) seem to focus on asymmetric cryptography, X.509 certificates, certificate authority (CA) hierarchies, or certificate policy (CP), and certificate practice statements. While algorithms, certificates, and theoretical policy are all excellent discussions, the real-world issues for operating a commercial or private CA can be overwhelming.
Security without Obscurity: A Guide to PKI Operations provides a no-nonsense approach and realistic guide to operating a PKI system. In addition to discussions on PKI best practices, the book supplies warnings against bad PKI practices. Scattered throughout the book are anonymous case studies identifying both good and bad practices.

The highlighted bad practices, based on real-world scenarios from the authors’ experiences, illustrate how bad things are often done with good intentions but cause bigger problems than the original one being solved.

This book offers readers the opportunity to benefit from the authors’ more than 50 years of combined experience in developing PKI-related policies, standards, practices, procedures, and audits, as well as designing and operating various commercial and private PKI systems.

Jeff J. Stapleton is the author of Security without Obscurity: A Guide to Confidentiality, Authentication, and Integrity (CRC Press). Stapleton began his career at Citicorp Information Resources, St. Louis, Missouri, in 1982, as a software engineer writing 8-bit assembler code for a turnkey savings and loan teller system. He continued his work in the financial service industry at MasterCard International (St. Louis, Missouri), maintaining and developing credit card and debit card transaction applications on its global network, Banknet. His introduction to cryptography began when he was assigned to develop a global key management system for MasterCard, and as part of that assignment, he began attending an Accredited Standards Committee (ASC) X9 Workgroup for retail banking security in 1989. During his career, he has spoken at many conferences; participated in the development of numerous ANSI and ISO standards; and published various papers, articles, chapters, and his first book—Security without Obscurity. W. Clay Epstein holds a bachelor of science in computer science from the University of Utah and a master of business administration in management information systems from Westminster College (Salt Lake City, Utah). He has international experience developing and managing public key infrastructures primarily for the financial services industry. Epstein was the CTO for Digital Signature Trust Co., a start-up company formed to address the legal and technical issues of secure electronic commerce across the Internet, and one of the first licensed Certificate Authorities (CAs) in the United States. He was the third employee, responsible for the overall operations and strategic technology development, implementation, and maintenance of the various CA systems.

Introduction. Cryptography Basics. PKI Building Blocks. PKI Management and Security. PKI Roles and Responsibilities. Security Considerations. Operational Considerations. Incident Management. PKI Governance, Risk, and Compliance. Advanced PKI. Bibliography. Index.

Erscheinungsdatum
Verlagsort London
Sprache englisch
Maße 156 x 234 mm
Gewicht 670 g
Themenwelt Informatik Netzwerke Sicherheit / Firewall
Mathematik / Informatik Informatik Theorie / Studium
Recht / Steuern Privatrecht / Bürgerliches Recht IT-Recht
ISBN-10 0-367-65864-X / 036765864X
ISBN-13 978-0-367-65864-9 / 9780367658649
Zustand Neuware
Haben Sie eine Frage zum Produkt?
Mehr entdecken
aus dem Bereich
Das Lehrbuch für Konzepte, Prinzipien, Mechanismen, Architekturen und …

von Norbert Pohlmann

Buch | Softcover (2022)
Springer Vieweg (Verlag)
34,99
Management der Informationssicherheit und Vorbereitung auf die …

von Michael Brenner; Nils gentschen Felde; Wolfgang Hommel

Buch (2024)
Carl Hanser (Verlag)
69,99

von Chaos Computer Club

Buch | Softcover (2024)
KATAPULT Verlag
28,00