| |||||||||||||||
Did you know you can trade in your old books for an Amazon.co.uk Gift Card to spend on the things you want? Plus, get an extra £5 Gift Certificate when you trade in books worth £10 or more before June 30, 2012. Visit the Books Trade-In Store for more details. |
Frequently Bought Together
Product details
|
More About the Author
Product Description
Industrial Networking & Open Control, Feb 2002
Ben Rothke, UnixReview.com, March 2002
Suggested Tags from Similar Products(What's this?)Be the first one to add a relevant tag (keyword that's strongly related to this product)
|
Customer Reviews
by Simson Garfinkel with Gene Spafford
O'Reilly & Associates 2002
ISBN: 0596000456
There are two basic reasons why a book comes out in a second edition: either the author needs the cash or the book needs to be updated. When the first edition of Web Security, Privacy & Commerce came out in 1997, it was titled Web Security & Commerce. Not only has the title changed, but Web security, privacy, and commerce have changed radically in the last five years.
The nature of the change and the pace at which it occurs is a large part of the difficulty within information security. Imagine a heart surgeon going on an extended vacation in 1997 and coming back in 2002. Although his surgical technique may be a bit rusty, there is no reason to think that he could not start practicing medicine again right away. However, if you were to take a contemporary information security professional from 1997 and place him in the 2002 workplace, he would be horribly outdated. Technologies that did not exist in 1997, or even 2000, are now ubiquitous, and technologies that were considered cutting edge only a few years ago are now archaic.
With that, the update to Web Security, Privacy & Commerce is indeed warranted and welcomed. A glance at the table of contents reveals coverage of nearly every core aspect within Web security. The book provides a comprehensive and impartial look at the technologies and approaches that both management and systems administrators can employ to ensure the security of their networks and systems. The author's impartiality is revealed in chapter 15, which describes several telephone scanner utilities; Garfinkel is the creator of one of the utilities, but makes sure to list the competition (and even has nice things to say about them).
Simson Garfinkel and Gene Spafford are veterans in the computer security world. Garfinkel is the author of several highly acclaimed books, and Spafford is a professor of computer science at Purdue University. Their succinct writing style allows them to cover a huge amount of information in a little over 700 pages.
The book is divided into four sections: Web technology, privacy and security for users, Web server security, and security for content providers. Part one goes into details about the security foundations of the networks and the Internet. Topics include SSL/TLS, PKI, digital signatures, and biometrics. These seven chapters give the reader a good overview of the essence of information security.
Part 2, "Privacy and Security for Users," is quite different from other security books. Whereas other books detail the problems with privacy on the Internet, this book does a good job of showing users various strategies for keeping their personal information private. Garfinkel shows how the real threats to personal privacy are not so much cookies and log files; rather the end-users very own readiness to provide Web and e-commerce sites with their personal information.
Part 3, "Web Server Security," details how service providers and systems administrators can lock down and secure their systems. The authors provide details on topics such as host security, server access methods, and secure CGI/API programming.
Part 4, "Security for Content Providers," is quite interesting, as many content providers and ISPs forget that the onus of security and privacy to a large degree falls on them. This section includes details on how these providers can use various techniques, from filters to PICS and more, to ensure their users' privacy.
The fact that Web Security, Privacy & Commerce, 2nd Edition, is nearly twice the size of the first edition is indicative of the fact that security has changed radically since 1997. Whether you run a Web site or are concerned about security for your PC at home, Web Security, Privacy & Commerce is a must read.
In particular, his handling of the tension between security policy and privacy policy is particularly well written.
I highly recommend this book to anyone that wants to develop a detailed understanding of the significant issues that affect doing business on the web.
More effort should have been put forth in providing common sense (implementable) solutions or best practices instead of re-hashing material that other books have already done a better job presenting.
I normally enjoy O'reilly books but like the first edition, this book is a disappointment.
Listmania!
|
|
Look for similar items by category
- Books > Business, Finance & Law > E-Commerce > E-commerce
- Books > Computing & Internet > Digital Lifestyle > Online Shopping > Amazon
- Books > Computing & Internet > Networking & Security > Security > Network Security
- Books > Computing & Internet > Networking & Security > Security > Privacy
- Books > Computing & Internet > Networking & Security > Security > Web Security
- Books > Computing & Internet > Software & Graphics
Look for similar items by subject
Feedback
- Would you like to update product info or give feedback on images?
- I am the Author, and I want to comment on my book.
- I am the Publisher, and I want to comment on this book.
|
