Pki: Implementing & Managing E-Security: Implementing and Managing E-security (Rsa Press) [Englisch] [Taschenbuch]

Authored by four RSA Security experts in the field, PKI: Implementing and Managing E-Security aims to explain the vulnerabilities of encryption in today's Internet-based business universe and lay out how the application of PKI can help. While strong encryption methods exist that offer plenty of security for commercial-level protection, issues such as identification, authorisation and reliable issuance of digital signatures require a broader set of standards. Public Key Infrastructure (PKI) is just such a framework, addressing all of the issues for complete solutions.

The authors frankly point out the areas where PKI is still immature in the real world and try to inspire their readers with their zeal to solve the remaining problems.

The book begins with an exploration of cryptography and, in particular, public-key cryptography--the accepted approach for most of today's security systems. The text moves quickly into precise security terminology but makes excellent use of creative diagrams to illustrate configurations and scenarios. These diagrams often beg a bit of reflection since they are frequently used to point out vulnerabilities that may not be immediately apparent.

The heart of the book examines the management of keys and certificates, authentication and the establishment of trust models. There are overviews of current technologies that implement PKI but the focus of the book is to encourage readers to construct their own fully compliant solutions.

PKI: Implementing and Managing E-Security is not light reading. However, it serves double duty as being an overview to the sticky issues of securing information delivery over the Net as well as being a comprehensive look at the scope of PKI for those considering a fully fledged solution for their extranets and e-commerce sites. --Stephen W Plain

While strong encryption methods exist that offer plenty of security for commercial-level protection, issues such as identification, authorization, and reliable issuance of digital signatures require a broader set of standards. Public key infrastructure (PKI) is just such a framework, addressing all of the issues for complete solutions.

Authored by four RSA Security experts in the field, PKI: Implementing and Managing E-Security aims to explain the vulnerabilities of encryption in today's Internet-based business universe and lay out how the application of PKI can help. The authors frankly point out the areas where PKI is still immature in the real world and try to inspire their readers with their zeal to solve the remaining problems.

The book begins with an exploration of cryptography and, in particular, public key cryptography--the accepted approach for most of today's security systems. The text moves quickly into precise security terminology but makes excellent use of creative diagrams to illustrate configurations and scenarios. These diagrams often beg a bit of reflection since they are frequently used to point out vulnerabilities that may not be immediately apparent.

The heart of the book examines the management of keys and certificates, authentication, and the establishment of trust models. There are overviews of current technologies that implement PKI, but the focus of the book is to encourage readers to construct their own fully compliant solutions.

PKI: Implementing and Managing E-Security is not light reading. However, it serves double duty as both an overview of the sticky issues of securing information delivery over the Net as well as a comprehensive look at the scope of PKI for those considering a full-fledged solution for their extranets and e-commerce sites. --Stephen W. Plain

Topics covered: Symmetric and asymmetric cryptography, hashes and digital signatures, digital certificates, PKI basics, PKI services, key and certificate life cycles, PKIX, protocols and formatting standards, trust models, authentication methods, deployment and operation, and return on investment calculations.

Osborne/McGraw-Hill has partnered with the leading E-security company RSA Security to form -- RSA Press. RSA Security is known for their high quality products designed to protect and secure networks. The books are focused on security technologies including PKI, IPsec and Cryptography. Network professionals face daily challenges in keeping the network safe and secure. RSA Press titles give them the detailed technical information needed to meet these daily challenges.

Osborne/McGraw-Hill has partnered with the leading E-security company RSA Security to form -- RSA Press. RSA Security is known for their high quality products designed to protect and secure networks. The books are focused on security technologies including PKI, IPsec and Cryptography. Network professionals face daily challenges in keeping the network safe and secure. RSA Press titles give them the detailed technical information needed to meet these daily challenges.

Andrew Nash (Westford, MA) is the Director of PKI Standards and Technologies at RSA Security. Mr. Nash joined RSA in March of 1997. He was one of the architects for the Keon Advanced PKI products line, and is co-chair of the PKI Forum Technical Working Group. Mr. Nash was a Technical Director for the Digital Equipment Corporation engineering group in Australia that dealt with migrating technologies such as Alta Vista Search, Network Computers and Micro Cash Payment systems from Digital's research labs into product development. His background is in Networking protocols and development of Unix Kernel code. Derek Brink (Bedford, MA) joined RSA Security in April 1999. His work has included market and competitive analysis, strategic planning, and product marketing for the company's public-key infrastructure, authentication, services, and intrusion detection products. He also runs the RSA Security Customer Advisory Council. Bill Duane (Bedford, MA) is a Technical Director at RSA Security Inc. Bill joined SDI (Security Dynamics Incorporated) in June of 1996. He is one the architects behind RSA's Keon PKI solution. Bill is also the architect responsible for new token form factors, including Smart Cards and emerging cryptographic devices.