|
Since the first edition of this classic reference was published, World Wide Web use has exploded and ecommerce has become a daily part of business and personal life. As Web use has grown, so have the threats to our security and privacyfrom credit card fraud to routine invasions of privacy by marketers to web site defacements to attacks that shut down popular web sites. Web Security, Privacy & Commerce goes behind the headlines, examines the major security risks facing us today, and explains how we can minimize them. It describes risks for Windows and Unix, Microsoft Internet Explorer and Netscape Navigator, and a wide range of current programs and products. In vast detail, the book covers:Web technologyThe technological underpinnings of the modern Internet and the cryptographic foundations of ecommerce are discussed, along with SSL (the Secure Sockets Layer), the significance of the PKI (Public Key Infrastructure), and digital identification, including passwords, digital signatures, and biometrics. Web privacy and security for usersLearn the real risks to user privacy, including cookies, log files, identity theft, spam, web logs, and web bugs, and the most common risk, users` own willingness to provide ecommerce sites with personal information. Hostile mobile code in plugins, ActiveX controls, Java applets, and JavaScript, Flash, and Shockwave programs are also covered. Web server securityAdministrators and service providers discover how to secure their systems and web services. Topics include CGI, PHP, SSL certificates, law enforcement issues, and more. Web content securityZero in on web publishing issues for content providers, including intellectual property, copyright and trademark issues, P3P and privacy policies, digital payments, clientside digital signatures, code signing, pornography filtering and PICS, and other controls on web content.Nearly double the size of the first edition, this completely updated volume is destined to be the definitive reference on Web security risks and the techniques and technologies you can use to protect your privacy, your organization, your system, and your network.About the AuthorSimson Garfinkel CISSP is a journalist, entrepreneur, and international authority on computer security. Garfinkel is chief technology officer at Sandstorm Enterprises, a Bostonbased firm that develops stateoftheart computer security tools. Garfinkel is also a columnist for Technology Review Magazine and has written for more than 50 publications, including Computerworld, Forbes, and The New York Times. He is also the author of Database Nation; Web Security, Privacy, and Commerce; PGP: Pretty Good Privacy; and seven other books. Garfinkel earned a master`s degree in journalism at Columbia University in 1988 and holds three undergraduate degrees from MIT. He is currently working on his doctorate at MIT`s Laboratory for Computer Science.
|