Skip to content

PKI Implementing and Managing E-Security RSA Press

ISBN-10: 0072131233

ISBN-13: 9780072131239

Edition: 2001

Authors: Andrew Nash, Bill Duane, Derek Brink

List price: $49.99
Shipping box This item qualifies for FREE shipping.
Blue ribbon 30 day, 100% satisfaction guarantee!
Buy eBooks
what's this?
Rush Rewards U
Members Receive:
Carrot Coin icon
XP icon
You have reached 400 XP and carrot coins. That is the daily max!

Customers also bought

Book details

List price: $49.99
Copyright year: 2001
Publisher: McGraw-Hill Osborne
Publication date: 3/27/2001
Binding: Hardcover
Pages: 513
Size: 7.25" wide x 9.00" long x 1.25" tall
Weight: 2.398
Language: English

Forewordp. xv
About the Authorsp. xvii
About the Reviewersp. xix
Prefacep. xxi
Introductionp. 1
Security Trendsp. 2
Electronic Commerce and Security Todayp. 3
Security Servicesp. 3
Public Key Infrastructurep. 6
Applicationsp. 7
Audiencep. 7
About this Bookp. 8
About the Authorsp. 10
Introduction to Cryptographyp. 11
My Momp. 11
Is Cryptography Really Needed?p. 12
Cryptographyp. 15
Cryptographic Algorithmsp. 15
Cryptology and Cryptanalysisp. 16
Security by Obscurityp. 17
Cryptography 101p. 18
The Charactersp. 19
Symmetric Cryptographyp. 21
Pick a Number, Any Numberp. 21
Symmetric Cryptography Recapp. 28
Asymmetric Cryptographyp. 29
Public and Private Keysp. 31
The Benefits and Drawbacks of Asymmetric Cryptographyp. 34
Asymmetric Cryptography Recapp. 35
The Best of Both Worldsp. 35
Hashesp. 39
Digital Signaturesp. 41
Digital Certificatesp. 45
Non-Repudiationp. 49
Congratulationslp. 50
Cryptography Recapp. 50
Securing Web Transactionsp. 51
Why Isn't Cryptography Pervasive Yet?p. 56
Standards-Based, Interoperable Solutionsp. 57
Getting Burnedp. 57
Migrationp. 59
The Testp. 60
Referencep. 61
Public Key Infrastructure Basicsp. 63
Public Key Infrastructure Basicsp. 63
Why Isn't Public Key Cryptography Enough?p. 64
The Need for Trusted Identitiesp. 66
Certification Authoritiesp. 68
What Is a Digital Certificate?p. 70
Application Use of Certificatesp. 77
Why Do You Need a Public Key Infrastructure?p. 79
User Authenticationp. 80
Public Key Infrastructure Componentsp. 83
Key and Certificate Life Cycle Managementp. 88
The Role of Authorizationp. 89
Summaryp. 93
Referencesp. 94
PKI Services and Implementationp. 95
Key and Certificate Life Cycle Managementp. 95
Certificate Issuancep. 96
How Long Will that Key Last?p. 103
Certificate Revocationp. 106
Certificate Validationp. 108
Certification Pathsp. 109
Types of Keysp. 115
Certificate Distributionp. 118
Fundamental Requirementsp. 121
Protection of Private Keysp. 122
Deploying PKI Servicesp. 128
Public Certification Authority Servicesp. 129
In-House Enterprise Certification Authoritiesp. 132
Outsourced Enterprise CAsp. 133
How Do You Decide?p. 135
Summaryp. 136
Referencesp. 137
Key and Certificate Life Cyclesp. 139
Non-Repudiation and Key Managementp. 139
Key Managementp. 141
Key Generationp. 141
Key Storesp. 144
Key Transportp. 145
Key Archivalp. 147
Key Recoveryp. 150
Certificate Managementp. 155
Certificate Registrationp. 156
End-Entity Certificate Renewalp. 163
CA Certificate Renewalp. 163
Certificate Revocationp. 165
Summaryp. 178
A PKI Architecture--The PKIX Modelp. 179
Public Key Infrastructure Architecturep. 179
The PKIX Modelp. 179
PKIX Architecturep. 181
PKIX Functionsp. 183
PKIX Specificationsp. 186
PKI Entitiesp. 188
Registration Authorityp. 188
Certification Authorityp. 190
Repositoryp. 191
PKIX Management Protocolsp. 191
CMPp. 192
CMCp. 197
Non-PKIX Management Protocolsp. 200
SCEPp. 200
PKIX Certificate Validation Protocolsp. 202
OCSPp. 203
SCVPp. 205
OCSP-Xp. 207
Summaryp. 208
Referencesp. 208
Application Use of PKIp. 211
PKI-Based Servicesp. 211
Digital Signaturep. 211
Authenticationp. 212
Timestampp. 213
Secure Notary Servicep. 213
Non-Repudiationp. 214
PKI-Based Protocolsp. 216
Diffie-Hellman Key Exchangep. 217
Secure Sockets Layerp. 219
IPsecp. 223
S/MIMEp. 228
Time Stamp Protocolp. 229
WTLSp. 229
Formatting Standardsp. 230
X.509p. 230
PKIXp. 231
IEEE P1363p. 231
PKCSp. 232
XMLp. 234
Application Programming Interfacesp. 234
Microsoft CryptoAPIp. 235
Common Data Security Architecturep. 236
Generic Security Service APIp. 238
Lightweight Directory Access Protocolp. 238
Application and PKI Implementationsp. 239
Signed Data Applicationp. 240
Summaryp. 241
Trust Modelsp. 243
What Is a Trust Model?p. 243
Trustp. 244
Trust Domainsp. 245
Trust Anchorsp. 246
Trust Relationshipsp. 247
General Hierarchical Organizationsp. 249
Trust Modelsp. 251
Subordinated Hierarchical Modelsp. 251
Peer-to-Peer Modelsp. 256
Mesh Modelsp. 260
Hybrid Trust Modelsp. 268
Who Manages Trust?p. 273
User Controlp. 273
Local Trust Listsp. 276
Managed Trustp. 278
Certificate Policyp. 280
Constrained Trust Modelsp. 281
Path Lengthp. 281
Certificate Policiesp. 282
Path Construction and Validationp. 286
Path Constructionp. 287
Path Validationp. 289
Implementationsp. 290
Identrus Trust Modelp. 290
ISO Banking Trust Modelp. 292
Bridge CAp. 294
Summaryp. 296
Referencesp. 296
Authentication and PKIp. 299
Who Are You?p. 299
Authenticationp. 299
Authentication and PKIp. 301
Secretsp. 302
Passwordsp. 302
Passwords in the Clearp. 302
Something Derived from Passwordsp. 304
Adding a Little Randomnessp. 306
Password Updatep. 311
Here Come the Problemsp. 312
The Costs of Passwordsp. 315
Passwords Recapp. 316
Passwords and PKIp. 316
Moore's Law Has Got UsIp. 318
Work to Strengthen Passwordsp. 319
Authentication Tokensp. 320
2-Factor Authenticationp. 321
Types of Authentication Tokensp. 322
PIN Managementp. 331
Authentication Token Recapp. 334
Authentication Tokens and PKIp. 334
Smart Cardsp. 337
Smart Card Constructionp. 337
Talking to a Smart Cardp. 339
Smart Card Classificationsp. 341
Non-Crypto Cardsp. 342
Crypto Cardsp. 343
When Are Smart Cards Not Smart Cards?p. 345
Applications on a Smart Cardp. 346
Smart Card Operating Systemsp. 347
Smart Card Tamper Resistancep. 348
Structural Tamper Resistancep. 351
Smart Card Recapp. 354
Smart Cards and PKIp. 355
Biometric Authenticationp. 359
How Biometrics Workp. 359
Biometric Datap. 360
Registrationp. 361
FAR/FRRp. 362
The Biometric Design Centerp. 362
Issues with Biometricsp. 364
Coveragep. 364
Agent-Side Spoofingp. 365
Server-Side Attacksp. 367
Social Issuesp. 368
Cross-System Replayp. 369
Revocationp. 370
Recommendationsp. 371
The Holy Grail: Biometrics and PKIp. 372
Biometric Recapp. 373
Wrapping Up Authenticationp. 374
Deployment and Operationp. 377
PKI Planningp. 377
Business Driversp. 378
Applications Planningp. 380
Architecture Planningp. 381
User Impactp. 384
Support and Administrationp. 386
Infrastructure Impactp. 387
Certificate Content Planningp. 389
Database Integrationp. 391
Legal and Policy Considerationsp. 393
Trust Modelsp. 397
Deployment Considerationsp. 403
Operational Considerationsp. 405
Summaryp. 407
PKI and Return on Investmentp. 409
Total Cost of Ownership: The "I" in ROIp. 410
Products/Technologiesp. 411
Plant (Facilities)p. 413
Peoplep. 413
Processp. 413
Total Cost of Ownership: Summaryp. 414
Financial Returns: The "R" in ROIp. 414
Business Processp. 416
Metricsp. 421
Revenuesp. 421
Costsp. 423
Compliancep. 427
Risksp. 428
Financial Returns: Summaryp. 430
PKI ROI: Summaryp. 431
Referencesp. 433
X.509 Certificatesp. 435
Solution to the Testp. 461
Privilege Management Infrastructurep. 469
Glossaryp. 487
Indexp. 497
Table of Contents provided by Syndetics. All Rights Reserved.