商品描述
Public Key Infrastructure (PKI) is an operational ecosystem that employs key management, cryptography, information technology (IT), information security (cybersecurity), policy and practices, legal matters (law, regulatory, contractual, privacy), and business rules (processes and procedures). A properly managed PKI requires all of these disparate disciplines to function together - coherently, efficiently, effectually, and successfully. Clearly defined roles and responsibilities, separation of duties, documentation, and communications are critical aspects for a successful operation. PKI is not just about certificates, rather it can be the technical foundation for the elusive "crypto-agility," which is the ability to manage cryptographic transitions. The second quantum revolution has begun, quantum computers are coming, and post-quantum cryptography (PQC) transitions will become PKI operation's business as usual.
商品描述(中文翻譯)
公共金鑰基礎設施(PKI)是一個運作生態系統,涉及金鑰管理、密碼學、資訊科技(IT)、資訊安全(網路安全)、政策與實務、法律事務(法律、法規、合約、隱私)以及商業規則(流程與程序)。一個妥善管理的 PKI 需要這些不同領域協同運作——一致、高效、有效且成功。明確定義的角色與責任、職責分離、文件紀錄及溝通是成功運作的關鍵要素。PKI 不僅僅是關於證書,它還可以是難以捉摸的「加密靈活性」(crypto-agility)的技術基礎,這是管理密碼學轉換的能力。第二次量子革命已經開始,量子電腦即將來臨,後量子密碼學(PQC)轉換將成為 PKI 操作的日常業務。
作者簡介
Jeff Stapleton is the author of the Security Without Obscurity five-book series (CRC Press). He has over 30 years' cybersecurity experience, including cryptography, key management, PKI, biometrics, and authentication. Jeff has participated in developing dozens of ISO, ANSI, and X9 security standards for the financial services industry. He has been an architect, assessor, auditor, author, and subject matter expert. His 30-year career includes Citicorp, MasterCard, RSA Security, KPMG, Innové, USAF Crypto Modernization Program Office, Cryptographic Assurance Services (CAS), Bank of America, and Wells Fargo Bank. He has worked with most of the payment brands, including MasterCard, Visa, American Express, and Discover. His areas of expertise include payment systems, cryptography, PKI, PQC, key management, biometrics, IAM, privacy, and zero trust architecture (ZTA). Jeff holds Bachelor of Science and Master of Science degrees in computer science from the University of Missouri. He was an instructor at Washington University (St. Louis) and was an adjunct professor at the University of Texas at San Antonio (UTSA).
W. Clay Epstein currently operates a cybersecurity consulting company Steintech LLC, specializing in Cybersecurity, Encryption Technologies, PKI, and Digital Certificates. He has international experience developing and managing public key infrastructures primarily for the financial services industry. Clay has worked as an independent Cybersecurity and PKI consultant for the past 11 years. Previously, Clay was the VP and Technical Manager at Bank of America responsible for the Bank's global Public Key Infrastructure and Cryptography Engineering Group. Prior to Bank of America, Clay was CIO and Head of Operations at Venafi, a certificate and encryption key management company. Prior to Venafi, Clay was Senior Vice President of Product and Technology at Identrus, a global identity management network based on PKI for international financial institutions. Previously, Clay also served as Head of eCommerce Technologies for Australia and New Zealand Banking Group (ANZ) and was the CTO for Digital Signature Trust Co. Clay holds a Bachelor of Science in Computer Science degree from the University of Utah and a Master of Business Administration in Management Information Systems degree from Westminster College.
作者簡介(中文翻譯)
傑夫·斯塔普頓是無障礙安全五部曲系列(CRC Press)的作者。他擁有超過30年的網路安全經驗,包括密碼學、金鑰管理、公鑰基礎設施(PKI)、生物識別技術和身份驗證。傑夫參與了為金融服務行業開發數十項ISO、ANSI和X9安全標準的工作。他曾擔任架構師、評估師、審計師、作者和主題專家。他的30年職業生涯包括在花旗集團、萬事達卡、RSA Security、KPMG、Innové、美國空軍加密現代化計畫辦公室、加密保證服務(CAS)、美國銀行和富國銀行工作。他與大多數支付品牌合作過,包括萬事達卡、Visa、American Express和Discover。他的專業領域包括支付系統、密碼學、公鑰基礎設施(PKI)、後量子密碼學(PQC)、金鑰管理、生物識別技術、身份與存取管理(IAM)、隱私和零信任架構(ZTA)。傑夫擁有密蘇里大學的計算機科學學士和碩士學位。他曾在華盛頓大學(聖路易斯)擔任講師,並在德克薩斯州聖安東尼奧大學(UTSA)擔任兼任教授。
W. Clay Epstein目前經營一家名為Steintech LLC的網路安全諮詢公司,專注於網路安全、加密技術、公鑰基礎設施(PKI)和數位證書。他在為金融服務行業開發和管理公鑰基礎設施方面擁有國際經驗。Clay在過去11年中擔任獨立的網路安全和PKI顧問。之前,Clay是美國銀行的副總裁和技術經理,負責該銀行的全球公鑰基礎設施和密碼學工程小組。在加入美國銀行之前,Clay是Venafi的首席資訊官和運營主管,該公司專注於證書和加密金鑰管理。在Venafi之前,Clay是Identrus的產品和技術高級副總裁,Identrus是一個基於PKI的全球身份管理網絡,服務於國際金融機構。Clay還曾擔任澳大利亞和新西蘭銀行集團(ANZ)的電子商務技術主管,並擔任數位簽名信託公司的首席技術官。Clay擁有猶他大學的計算機科學學士學位和威斯敏斯特學院的管理資訊系統碩士學位。
