買這商品的人也買了...
-
$2,620$2,489 -
$2,010$1,910 -
$520$260 -
$480$240 -
$590$466 -
$620$490 -
$450$351 -
$520$199 -
$1,860$1,767 -
$120$95 -
$1,050$1,029 -
$580$458 -
$490$387 -
$590$466 -
$280$218 -
$620$496 -
$240$204 -
$640$506 -
$400$316 -
$860$679 -
$2,700$2,565 -
$199Communication Skills Handbook (Paperback)
-
$4,464CCNP Official Exam Certification Library, 5/e
-
$590$502 -
$520$406
相關主題
商品描述
Web Security, Privacy & Commerce goes behind the headlines, examines the major security risks facing us today, and explains how we can minimize them. It describes risks for Windows and Unix, Microsoft Internet Explorer and Netscape Navigator, and a wide range of current programs and products. In vast detail, the book covers:
- Web technology--The technological underpinnings of the modern
Internet and the cryptographic foundations of e-commerce are discussed, along
with SSL (the Secure Sockets Layer), the significance of the PKI (Public Key
Infrastructure), and digital identification, including passwords, digital
signatures, and biometrics.
- Web privacy and security for users--Learn the real risks to user
privacy, including cookies, log files, identity theft, spam, web logs, and web
bugs, and the most common risk, users' own willingness to provide e-commerce
sites with personal information. Hostile mobile code in plug-ins, ActiveX
controls, Java applets, and JavaScript, Flash, and Shockwave programs are also
covered.
- Web server security--Administrators and service providers
discover how to secure their systems and web services. Topics include CGI,
PHP, SSL certificates, law enforcement issues, and more.
- Web content security--Zero in on web publishing issues for
content providers, including intellectual property, copyright and trademark
issues, P3P and privacy policies, digital payments, client-side digital
signatures, code signing, pornography filtering and PICS, and other controls
on web content.
Nearly double the size of the first edition, this completely updated
volume is destined to be the definitive reference on Web security risks and the
techniques and technologies you can use to protect your privacy, your
organization, your system, and your network.
Table of Contents
Preface
Part I. Web Technology
1. The Web Security Landscape
The Web Security Problem
Risk Analysis and Best Practices2. The Architecture of the World Wide Web
History and Terminology
A Packet's Tour of the Web
Who Owns the Internet?3. Cryptography Basics
Understanding Cryptography
Symmetric Key Algorithms
Public Key Algorithms
Message Digest Functions4. Cryptography and the Web
Cryptography and Web Security
Working Cryptographic Systems and Protocols
What Cryptography Can't Do
Legal Restrictions on Cryptography5. Understanding SSL and TLS
What Is SSL?
SSL: The User's Point of View6. Digital Identification I: Passwords, Biometrics, and Digital Signatures
Physical Identification
Using Public Keys for Identification
Real-World Public Key Examples7. Digital Identification II: Digital Certificates, CAs, and PKI
Understanding Digital Certificates with PGP
Certification Authorities: Third-Party Registrars
Public Key Infrastructure
Open Policy IssuesPart II. Privacy and Security for Users
8. The Web's War on Your Privacy
Understanding Privacy
User-Provided Information
Log Files
Understanding Cookies
Web Bugs
Conclusion9. Privacy-Protecting Techniques
Choosing a Good Service Provider
Picking a Great Password
Cleaning Up After Yourself
Avoiding Spam and Junk Email
Identity Theft10. Privacy-Protecting Technologies
Blocking Ads and Crushing Cookies
Anonymous Browsing
Secure Email11. Backups and Antitheft
Using Backups to Protect Your Data
Preventing Theft12. Mobile Code I: Plug-Ins, ActiveX, and Visual Basic
When Good Browsers Go Bad
Helper Applications and Plug-ins
Microsoft's ActiveX
The Risks of Downloaded Code
Conclusion13. Mobile Code II: Java, JavaScript, Flash, and Shockwave
Java
JavaScript
Flash and Shockwave
ConclusionPart III. Web Server Security
14. Physical Security for Servers
Planning for the Forgotten Threats
Protecting Computer Hardware
Protecting Your Data
Personnel
Story: A Failed Site Inspection15. Host Security for Servers
Current Host Security Problems
Securing the Host Computer
Minimizing Risk by Minimizing Services
Operating Securely
Secure Remote Access and Content Updating
Firewalls and the Web
Conclusion16. Securing Web Applications
A Legacy of Extensibility and Risk
Rules to Code By
Securely Using Fields, Hidden Fields, and Cookies
Rules for Programming Languages
Using PHP Securely
Writing Scripts That Run with Additional Privileges
Connecting to Databases
Conclusion17. Deploying SSL Server Certificates
Planning for Your SSL Server
Creating SSL Servers with FreeBSD
Installing an SSL Certificate on Microsoft IIS
Obtaining a Certificate from a Commercial CA
When Things Go Wrong18. Securing Your Web Service
Protecting Via Redundancy
Protecting Your DNS
Protecting Your Domain Registration19. Computer Crime
Your Legal Options After a Break-In
Criminal Hazards
Criminal Subject MatterPart IV. Security for Content Providers
20. Controlling Access to Your Web Content
Access Control Strategies
Controlling Access with Apache
Controlling Access with Microsoft IIS21. Client-Side Digital Certificates
Client Certificates
A Tour of the VeriSign Digital ID Center22. Code Signing and Microsoft's Authenticode
Why Code Signing?
Microsoft's Authenticode Technology
Obtaining a Software Publishing Certificate
Other Code Signing Methods23. Pornography, Filtering Software, and Censorship
Pornography Filtering
PICS
RSACi
Conclusion24. Privacy Policies, Legislation, and P3P
Policies That Protect Privacy and Privacy Policies
Children's Online Privacy Protection Act
P3P
Conclusion25. Digital Payments
Charga-Plates, Diners Club, and Credit Cards
Internet-Based Payment Systems
How to Evaluate a Credit Card Payment System26. Intellectual Property and Actionable Content
Copyright
Patents
Trademarks
Actionable ContentPart V. Appendixes
A. Lessons from Vineyard.NET
B. The SSL/TLS Protocol
C. P3P: The Platform for Privacy Preferences Project
D. The PICS Specification
E. References
Index
商品描述(中文翻譯)
自從這本經典參考書的第一版出版以來,全球資訊網的使用已經爆炸性增長,電子商務已成為商業和個人生活的日常一部分。隨著網絡使用的增長,我們的安全和隱私威脅也越來越多,從信用卡詐騙到營銷人員對隱私的例行侵犯,再到網站遭到破壞以及關閉熱門網站的攻擊。《網絡安全、隱私和商業》深入探討這些問題,解釋了我們如何將風險降到最低。書中詳細介紹了Windows和Unix、Microsoft Internet Explorer和Netscape Navigator以及各種當前的程式和產品的風險。該書包括以下內容:
- 網絡技術:討論現代互聯網的技術基礎和電子商務的加密基礎,包括SSL(安全套接層)、PKI(公鑰基礎設施)的重要性,以及密碼、數字簽名和生物識別等數字識別方法。
- 用戶的網絡隱私和安全:了解用戶隱私的真正風險,包括cookie、日誌文件、身份盜竊、垃圾郵件、網絡日誌和網絡漏洞,以及最常見的風險,即用戶自願向電子商務網站提供個人信息。書中還介紹了插件、ActiveX控件、Java小程序和JavaScript、Flash和Shockwave程序中的惡意移動代碼。
- 網絡服務器安全:管理員和服務提供商了解如何保護他們的系統和網絡服務。主題包括CGI、PHP、SSL證書、執法問題等。
- 網絡內容安全:針對內容提供商的網絡發布問題,包括知識產權、版權和商標問題、P3P和隱私政策、數字支付、客戶端數字簽名、代碼簽名、色情篩選和PICS以及其他網絡內容控制。
這本全新更新的第二版幾乎是第一版的兩倍大小,注定成為關於網絡安全風險以及保護隱私、組織、系統和網絡的技術和技術的權威參考資料。
目錄:
前言
第一部分:網絡技術
1. 網絡安全概況
- 網絡安全問題
- 風險分析和最佳實踐
2. 世界廣域網的架構
- 歷史和術語
- 網絡封包的遊覽
- 誰擁有互聯網?
3. 密碼學基礎
- 理解密碼學
- 對稱密鑰算法
- 公鑰算法
- 消息摘要函數
4. 密碼學與網絡
- 密碼學和網絡安全
- 工作中的加密系統和協議
- 密碼學的局限性
- 對密碼學的法律限制
5. 理解SSL和TLS
- 什麼是SSL?
- SSL:用戶的角度
6. 數字識別I:密碼、生物識別和數字簽名
- 物理識別
- 使用公鑰進行識別
- 現實世界的公鑰示例
7. 數字識別II:數字證書、CA和PKI
- 使用PGP理解數字證書
- 認證機構:第三方註冊機構
- 公鑰基礎設施
(以下省略)