چه کسانی این کتاب را می‌خوانند

دانشجوعلاقه‌مند یادگیری
کتابخوان حرفه‌ایلذت مطالعه
نویسندهالهام‌گیری

SSL & TLS essentials : securing the Web

Stephen A. Thomas

قیمت نهایی

۴۴٬۰۰۰ تومان۴۹٬۰۰۰ تومان۱۰٪ تخفیف
  • تخفیف زمان‌دار−۵٬۰۰۰ تومان

۵٬۰۰۰ تومان صرفه‌جویی نسبت به قیمت اصلی

نسخه اصلی و اورجینال

بلافاصله پس از خرید، فایل کتاب روی دستگاه شما آمادهٔ دانلود است.

تحویل فوری
پرداخت امن
ضمانت فایل
پشتیبانی

مشخصات کتاب

نویسنده
Stephen A. Thomas
سال انتشار
۲۰۰۰
فرمت
PDF
زبان
انگلیسی
حجم فایل
۱٫۴ مگابایت
شابک
9780471383543، 0471383546

دربارهٔ کتاب

"Great writing . . . a clear introduction to the most widely deployed security technology in the Internet."-Paul Lambert, former co-chair of IETF IPSEC working group The Secure Sockets Layer (SSL) and Transport Layer Security(TLS) protocols form the foundation for e-commerce security on the World Wide Web, verifying the authenticity of Web sites, encrypting the transfer of sensitive data, and ensuring the integrity of information exchanged. Now-for the first time the details of these critical security protocols are available in a complete, clear, and concise reference. SSL and TLS Essentials provides complete documentation of the SSL and TLS protocols, including advanced and proprietary extensions never before published. The book thoroughly covers the protocols in operation, including the contents of their messages, message formats, and the cryptographic calculations used to construct them. The text also includes an introduction to cryptography and an explanation of X.509 public key certificates. Stephen Thomas, author of IPng and the TCP/IP Protocols, presents this complex material in a clear and reader-friendly manner. The book includes more than 80 figures and illustrations to supplement its text, and it describes SSL in the context of real-world, practical applications. Readers will immediately understand not only the academic principles behind he security protocols, but how those principles apply to their own network security challenges. The book * Full details of Netscape's SSL and the IETF's TLS protocols, with differences between the two clearl highlighted and explained * A concise tutorial in cryptography * Complete coverage of Netscape's International Step-Up and Microsoft's Server Gated Cryptography implementations * A description of X.509 public key certificates * Details on implementing backwards compatibility among previous versions of SSL and TLS * A thorough security checklist with explanations of all known attacks on SSL implementations, along with appropriate countermeasures. The CD-ROM contains convenient electronic versions of the book * Windows(r) CE handheld computers * Adobe(r) Acrobat Reader for PCs Visit our Web site at (http://www.wiley.com/compbooks/) www.wiley.com/compbooks/ Contents 6 Chapter 1: Introduction 12 1.1 Web Security and Electronic Commerce 13 1.2 History of SSL and TLS 15 1.3 Approaches to Network Security 17 1.3.1 Separate Security Protocol 19 1.3.2 Application-Specific Security 20 1.3.3 Security within Core Protocols 21 1.3.4 Parallel Security Protocol 22 1.4 Protocol Limitations 23 1.4.1 Fundamental Protocol Limitations 23 1.4.2 Tool Limitations 24 1.4.3 Environmental Limitations 25 1.5 Organization of This Book 25 Chapter 2: Basic Cryptography 28 2.1 Using Cryptography 29 2.1.1 Keeping Secrets 29 2.1.2 Proving Identity 30 2.1.3 Verifying Information 31 2.2 Types of Cryptography 32 2.2.1 Secret Key Cryptography 33 2.2.2 Public Key Cryptography 35 2.2.3 Combining Secret and Public Key Cryptography 38 2.3 Key Management 40 2.3.1 Public Key Certificates 40 2.3.2 Certificate Authorities 42 2.3.3 Certificate Hierarchies 44 2.3.4 Certificate Revocation Lists 46 Chapter 3: SSL Operation 48 3.1 SSL Roles 48 3.2 SSL Messages 49 3.3 Establishing Encrypted Communications 50 3.3.1 ClientHello 52 3.3.2 ServerHello 54 3.3.3 ServerKeyExchange 56 3.3.4 ServerHelloDone 56 3.3.5 ClientKeyExchange 56 3.3.6 ChangeCipherSpec 57 3.3.7 Finished 62 3.4 Ending Secure Communications 63 3.5 Authenticating the Server鈥檚 Identity 63 3.5.1 Certificate 66 3.5.2 ClientKeyExchange 67 3.6 Separating Encryption from Authentication 67 3.6.1 Certificate 70 3.6.2 ServerKeyExchange 70 3.6.3 ClientKeyExchange 70 3.7 Authenticating the Client鈥檚 Identity 71 3.7.1 CertificateRequest 72 3.7.2 Certificate 73 3.7.3 CertificateVerify 74 3.8 Resuming a Previous Session 75 Chapter 4: Message Formats 78 4.1 Transport Requirements 79 4.2 Record Layer 80 4.3 ChangeCipherSpec Protocol 82 4.4 Alert Protocol 83 4.4.1 Severity Level 83 4.4.2 Alert Description 84 4.5 Handshake Protocol 85 4.5.1 HelloRequest 87 4.5.2 ClientHello 88 4.5.3 ServerHello 90 4.5.4 Certificate 91 4.5.5 ServerKeyExchange 92 4.5.6 CertificateRequest 95 4.5.7 ServerHelloDone 96 4.5.8 ClientKeyExchange 96 4.5.9 CertificateVerify 99 4.5.10 Finished 101 4.6 Securing Messages 103 4.6.1 Message Authentication Code 104 4.6.2 Encryption 106 4.6.3 Creating Cryptographic Parameters 107 4.7 Cipher Suites 113 4.7.1 Key Exchange Algorithms 114 4.7.2 Encryption Algorithms 115 4.7.3 Hash Algorithms 115 Chapter 5: Advanced SSL 116 5.1 Compatibility with Previous Versions 116 5.1.1 Negotiating SSL Versions 117 5.1.2 SSL Version 2.0 ClientHello 120 5.1.3 SSL Version 2.0 Cipher Suites 121 5.2 Netscape International Step-Up 122 5.2.1 Server Components 123 5.2.2 Client Components 123 5.2.3 Controlling Full-Strength Encryption 124 5.3 Microsoft Server Gated Cryptography 126 5.3.1 Server Gated Cryptography Certificates 126 5.3.2 Cipher Suite Renegotiation 126 5.4 The Transport Layer Security Protocol 128 5.4.1 TLS Protocol Version 129 5.4.2 Alert Protocol Message Types 129 5.4.3 Message Authentication 132 5.4.4 Key Material Generation 134 5.4.5 CertificateVerify 136 5.4.6 Finished 137 5.4.7 Baseline Cipher Suites 137 5.4.8 Interoperability with SSL 139 5.5 The Future of SSL and TLS 139 Appendix A: X.509 Certificates 142 A.1 X.509 Certificate Overview 143 A.1.1 Version 143 A.1.2 Serial Number 144 A.1.3 Algorithm Identifier 144 A.1.4 Issuer 144 A.1.5 Period of Validity 144 A.1.6 Subject 145 A.1.7 Subject鈥檚 Public Key 145 A.1.8 Issuer Unique Identifier 145 A.1.9 Subject Unique Identifier 145 A.1.10 Extensions 146 A.1.11 Signature 146 A.2 Abstract Syntax Notation One 146 A.2.1 Primitive Objects 147 A.2.2 Constructed Objects 147 A.2.3 The Object Identifier Hierarchy 148 A.2.4 Tagging 150 A.2.5 Encoding Rules 153 A.3 X.509 Certificate Definition 156 A.3.1 The Certificate Object 156 A.3.2 The Version Object 157 A.3.3 The CertificateSerialNumber Object 158 A.3.4 The AlgorithmIdentifier Object 158 A.3.5 The Validity Object 159 A.3.6 The SubjectPublicKeyInfo Object 159 A.3.7 The Time Object 160 A.3.8 The Extensions Object 160 A.3.9 The UniqueIdentifier Object 161 A.3.10 The Name Object 161 A.4 Example Certificate 163 Appendix B: SSL Security Checklist 172 B.1 Authentication Issues 172 B.1.1 Certificate Authority 173 B.1.2 Certificate Signature 174 B.1.3 Certificate Validity Times 174 B.1.4 Certificate Revocation Status 174 B.1.5 Certificate Subject 174 B.1.6 Diffie-Hellman Trapdoors 175 B.1.7 Algorithm Rollback 175 B.1.8 Dropped ChangeCipherSpec Messages 176 B.2 Encryption Issues 177 B.2.1 Encryption Key Size 177 B.2.2 Traffic Analysis 178 B.2.3 The Bleichenbacher Attack 179 B.3 General Issues 181 B.3.1 RSA Key Size 181 B.3.2 Version Rollback Attacks 182 B.3.3 Premature Closure 182 B.3.4 SessionID Values 183 B.3.5 Random Number Generation 183 B.3.6 Random Number Seeding 184 References 186 Protocol Standards 186 Certificate Formats 187 Cryptographic Algorithms 188 SSL Implementations 189 Glossary 190 Index 202 About the CD-ROM 210 PalmOS 210 Windows CE 210 Other Platforms 210 Electronic Edition License Agreement 212 Copyright,(c),2000,by,Stephen,A.,Thomas Securing the Web The Secure Sockets Layer (SSL) and Transport Layer Security(TLS) protocols form the foundation for e-commerce security on the World Wide Web, verifying the authenticity of Web sites, encrypting the transfer of sensitive data, and ensuring the integrity of information exchanged. Now—for the first time the details of these critical security protocols are available in a complete, clear, and concise reference. SSL and TLS Essentials provides complete documentation of the SSL and TLS protocols, including advanced and proprietary extensions never before published. The book thoroughly covers the protocols in operation, including the contents of their messages, message formats, and the cryptographic calculations used to construct them. The text also includes an introduction to cryptography and an explanation of X.509 public key certificates. Stephen Thomas, author of IPng and the TCP/IP Protocols, presents this complex material in a clear and reader-friendly manner. The book includes more than 80 figures and illustrations to supplement its text, and it describes SSL in the context of real-world, practical applications. Readers will immediately understand not only the academic principles behind he security protocols, but how those principles apply to their own network security challenges.

The book includes:

  • Full details of Netscape's SSL and the IETF's TLS protocols, with differences between the two clearl highlighted and explained
  • A concise tutorial in cryptography
  • Complete coverage of Netscape's International Step-Up and Microsoft's Server Gated Cryptography implementations
  • A description of X.509 public key certificates
  • Details on implementing backwards compatibility among previous versions of SSL and TLS
  • A thorough security checklist with explanations of all known attacks on SSL implementations, along with appropriate countermeasures.

The CD-ROM contains convenient electronic versions of the book for:

  • Windows CE handheld computers
  • Adobe Acrobat Reader for PCs
E-businesses have long used Secure Socket Layer (SSL), a public key cryptography method, to encrypt sensitive information, verify a user's identity before allowing access, and discourage spoofing. However, because it was a closed protocol, Web programmers had no resources for adding advanced security measures -- until now. Written by the author of IPng and the TCP/IP Protocols (also from Wiley), SSL and TLS Essentials contains the complete documentation of SSL, plus coverage of the IETF's Transport Layer Security (TLS) and Microsoft's Server Gated Cryptography (SGC). Thomas also provides a concise tutorial in cryptography using eight real-world scenarios that illustrate protocol operations and details of SSL messaging. Today alone, Dell Computer will sell more than $18 million worth of computer equipment through the Internet.

قیمت نهایی

۴۴٬۰۰۰ تومان