SSL (secure socket layer) and TLS (Transport Layer Security) are widely deployed security protocols that are used in all kinds of web-based e-commerce and e-business applications and are part of most contemporary security systems available today. This practical book provides a comprehensive introduction to these protocols, offering you a solid understanding of their design. Practitioners find discussions on the advantages and disadvantages of using SSL/TLS protocols compared to other Internet security protocols. This authoritative resource shows how to properly employ SSL and TLS and configure security solutions that are based on the use of the SSL/TLS protocols.
Did you know you can trade in your old books for an Amazon.co.uk Gift Card to spend on the things you want? Visit the Books Trade-In Store for more details. Learn more. |
Book Description
Product details
Would you like to update product info or give feedback on images?
|
More About the Author
Discover books, learn about writers, and more.
Product Description
About the Author
Rolf Oppliger is the founder and owner of eSECURITY Technologies, works for the Swiss federal administration, and teaches at the University of Zurich. He is also the author of Contemporary Cryptography, Security Technologies for the World Wide Web, Second Edition, Internet and Intranet Security, Second Edition and Secure Messaging with PGP and S/MIME (Artech House 2005, 2003, 2002, 2001) among other titles. Dr. Oppliger received his M.Sc. and Ph.D. in Computer Science from the University of Berne, Switzerland, and the Venia Legendi in Computer Science from the University of Zurich, Switzerland.
Inside This Book
(Learn More)
Sell a Digital Version of This Book in the Kindle Store
If you are a publisher or author and hold the digital rights to a book, you can sell a digital version of it in our Kindle Store.
Learn more
What Other Items Do Customers Buy After Viewing This Item?
Customer Reviews
Most Helpful Customer Reviews
By JanWillem
Format:Hardcover
I needed a book to explain me in a comprehensive way the technologies needed for secure communications over the Internet.
While the summary and the index suggest a complete review of all fundamentals of SSL/TLS it does not answer all of my questions. The book often refers to other publications on the web, standards and other books for more detail. Some trivial techniques are explained fairly extensive whereas other less trivial techniques remain unexplained or are referred externally.
It would benefit from more diagrams and no Wireshark Hex-dumps. Wireshark screen shots would be more useful, but a B&W printed book would not support this well (as mentioned in the introduction). Practical implementation examples are non-existent and little information is found on the performance impacts of various techniques.
The aspirant reader is recommended to brush up on Mathematical notations, curves and sets before starting on this book.
From a pure publishing perspective I would recommend the writer and the publisher to remove the spelling errors and to not introduce new concepts in the concluding chapter in a next print.
While the book did not give me all my answers, it did give me a lot of new knowledge and put much of my existing knowledge in a historical perspective.
While the summary and the index suggest a complete review of all fundamentals of SSL/TLS it does not answer all of my questions. The book often refers to other publications on the web, standards and other books for more detail. Some trivial techniques are explained fairly extensive whereas other less trivial techniques remain unexplained or are referred externally.
It would benefit from more diagrams and no Wireshark Hex-dumps. Wireshark screen shots would be more useful, but a B&W printed book would not support this well (as mentioned in the introduction). Practical implementation examples are non-existent and little information is found on the performance impacts of various techniques.
The aspirant reader is recommended to brush up on Mathematical notations, curves and sets before starting on this book.
From a pure publishing perspective I would recommend the writer and the publisher to remove the spelling errors and to not introduce new concepts in the concluding chapter in a next print.
While the book did not give me all my answers, it did give me a lot of new knowledge and put much of my existing knowledge in a historical perspective.
Most Helpful Customer Reviews on Amazon.com (beta)
Amazon.com:
4.3 out of 5 stars
3 reviews
1 of 1 people found the following review helpful
4.0 out of 5 stars
Worth reading
29 Nov 2011
By Murdoch
- Published on Amazon.com
Format:Hardcover|Amazon Verified Purchase
Definitely worth reading, but you should be aware precisely what it is you are buying. This is an in-depth look at the SSL and TLS protocols -- their history, ideology, and function. Related topics are discussed only briefly. For example, if you are buying this book because you want to be an expert on SSL certificates, you may be slightly disappointed to learn that the subject is treated in only one chapter, at the end of the book. You will get a good foundational understanding of why certificates are important, and some details about how they work, but little will be said about practical subjects, such as how you create them, where you get them signed, what products are the best, and so forth. Likewise, the book purposefully avoids discussing details about specific implementations of SSL; so you won't learn much, for example, about the capabilities of various Web browsers, or how to set up OpenSSL on your Linux server.
Having said that, this book provides a very detailed description of the protocols, so you will gain a good working knowledge of all the terminology, as well as what happens during the actual encryption and authentication. This will give you a good conceptual context for reading elsewhere about subjects such as encryption cyphers, authentication procedures, HTTPS security, and SSL exploits.
The buyer should be aware that the author has a rather dry and condensed writing style, and that a lot of material in the book is couched in mathematical language. In chapter 2 especially, the basics of cryptography are explained almost entirely in set notation and are illustrated with austere block diagrams that really do not illustrate much. The author is also fond of overusing a number of quaint phrases: for example, he will frequently write "It goes without saying..." completed by some statement that you would never have known if he had not said it.
Having said that, this book provides a very detailed description of the protocols, so you will gain a good working knowledge of all the terminology, as well as what happens during the actual encryption and authentication. This will give you a good conceptual context for reading elsewhere about subjects such as encryption cyphers, authentication procedures, HTTPS security, and SSL exploits.
The buyer should be aware that the author has a rather dry and condensed writing style, and that a lot of material in the book is couched in mathematical language. In chapter 2 especially, the basics of cryptography are explained almost entirely in set notation and are illustrated with austere block diagrams that really do not illustrate much. The author is also fond of overusing a number of quaint phrases: for example, he will frequently write "It goes without saying..." completed by some statement that you would never have known if he had not said it.
4.0 out of 5 stars
Great introduction to security
17 Nov 2011
By David Barri
- Published on Amazon.com
Format:Hardcover
This book was pretty good. I knew next to nothing about cryptography or security when I started and now I feel I could implement SSL, TLS and half the crypto algorithms from scratch if I wanted to (albeit with wikipedia as a reference).
The good:
* It gives a good overview on the theoretical side and an insight into the minds of people who focus on security primarily (as opposed to techies like me who thought security summed up to picking an encryption method and off you go). This new perspective will change the way I do future designs.
* Great introduction into the world of cryptography. Covers many popular algorithms in use today.
* Covered SSL and TLS well and in detail.
* Practical examples with real data! Interesting algorithms are walked through step-by-step with real numbers. The raw bytes of an SSL conversation are demonstrated and dissected. Brilliant!
The bad:
* Most concepts and terms are covered before being used but there a handful that are explained chapters after being used, or just not explained (I noted 6 that stumped me).
* Presentation is a little odd and confusing at times. Diagrams in the wrong sections etc.
* Too much of a good thing with detail. I skimmed a lot of Ch 5 for example because it got to the point where it's stuff you only need to know if you're going to implement TLS from scratch, and a lot of information is repeated from ch 4.
Overall, great read. Served me well.
The good:
* It gives a good overview on the theoretical side and an insight into the minds of people who focus on security primarily (as opposed to techies like me who thought security summed up to picking an encryption method and off you go). This new perspective will change the way I do future designs.
* Great introduction into the world of cryptography. Covers many popular algorithms in use today.
* Covered SSL and TLS well and in detail.
* Practical examples with real data! Interesting algorithms are walked through step-by-step with real numbers. The raw bytes of an SSL conversation are demonstrated and dissected. Brilliant!
The bad:
* Most concepts and terms are covered before being used but there a handful that are explained chapters after being used, or just not explained (I noted 6 that stumped me).
* Presentation is a little odd and confusing at times. Diagrams in the wrong sections etc.
* Too much of a good thing with detail. I skimmed a lot of Ch 5 for example because it got to the point where it's stuff you only need to know if you're going to implement TLS from scratch, and a lot of information is repeated from ch 4.
Overall, great read. Served me well.
1 of 8 people found the following review helpful
5.0 out of 5 stars
A powerful technical survey any programmer's library needs
19 April 2010
By Midwest Book Review
- Published on Amazon.com
Format:Hardcover
SSL and TLS Theory and Practice is a pick for any college-level computer library strong in Internet security. It provides a basic and thorough introduction to SSL and TLS protocols, covering their design, development, and comparing them to other Internet security protocols. Tips on how to employ these and configure security solutions make for a powerful technical survey any programmer's library needs.
›
Go to Amazon.com to see all 3 reviews
4.3 out of 5 stars
Were these reviews helpful?
Let us know
Listmania!
Look for similar items by category
Feedback
- Would you like to update product info or give feedback on images?
- I am the Author, and I want to comment on my book.
- I am the Publisher, and I want to comment on this book.
|
