Home > Computing and Information Technology > Computer networking and communications > Network security > SSL and TLS: Designing and Building Secure Systems
18%
SSL and TLS: Designing and Building Secure Systems

SSL and TLS: Designing and Building Secure Systems

4       |  4 Reviews 
5
4
3
2
1

Out of Stock


Premium quality
Premium quality
Bookswagon upholds the quality by delivering untarnished books. Quality, services and satisfaction are everything for us!
Easy Return
Easy return
Not satisfied with this product! Keep it in original condition and packaging to avail easy return policy.
Certified product
Certified product
First impression is the last impression! Address the book’s certification page, ISBN, publisher’s name, copyright page and print quality.
Secure Checkout
Secure checkout
Security at its finest! Login, browse, purchase and pay, every step is safe and secured.
Money back guarantee
Money-back guarantee:
It’s all about customers! For any kind of bad experience with the product, get your actual amount back after returning the product.
On time delivery
On-time delivery
At your doorstep on time! Get this book delivered without any delay.
Notify me when this book is in stock
Add to Wishlist

About the Book

Secure Sockets Layer (SSL) is used in virtually every commercial web browser and server. In this book, one of the world's leading network security experts explains how SSL works -- and gives implementers step-by-step guidance and proven design patterns for building secure systems with SSL. Eric Rescorla also provides the first in-depth introduction to Transport Layer Security (TLS), the highly anticipated, maximum-security successor to SSL. Rescorla starts by introducing SSL's fundamentals: how it works, and the threats it is intended to address. One step at a time, he addresses each key SSL concept and technique, including cryptography, SSL performance optimization, designing and coding, and how to work around SSL's limitations. Rescorla demonstrates TLS at work in SMTP-based Internet security applications. The book includes detailed examples of SSL/TLS implementations, with in-depth insight into the key design choices that informed them. For all network and security designers, enterprise developers, system implementers, and suppliers of Internet security products and services.

Table of Contents:
Preface. 1. Security Concepts. Introduction. The Internet Threat Model. The Players. The Goals of Security. Tools of the Trade. Putting It All Together. A Simple Secure Messaging System. A Simple Secure Channel. The Export Situation. Real Cryptographic Algorithms. Symmetric Encryption: Stream Ciphers. Symmetric Encryption: Block Ciphers. Digest Algorithms. Key Establishment. Digital Signature. MACs. Key Length. Summary. 2. Introduction to SSL. Introduction. Standards and Standards Bodies. SSL Over view. SSL/TLS Design Goals. SSL and the TCP/IP Suite. SSL History. SSL for the Web. Everything over SSL. Getting SSL. Summary. 3. Basic SSL. Introduction. SSL Over view. Handshake. SSL Record Protocol. Putting the Pieces Together. A Real Connection. Some More Connection Details. SSL Specification Language. Handshake Message Structure. Handshake Messages. Key Derivation. Record Protocol. Alerts and Closure. Summary. 4. Advanced SSL. Introduction. Session Resumption. Client Authentication. Ephemeral RSA. Rehandshake. Server Gated Cryptography. DSS and DH. Elliptic Curve Cipher Suites. Kerberos. FORTEZZA. The Story So Far. Session Resumption Details. Client Authentication Details. Ephemeral RSA Details. SGC Details. DH/DSS Details. FORTEZZA Details. Error Alerts. SSLv2 Backward Compatibility. Summary. 5. SSL Security. Introduction. What SSL Provides. Protect the master_secret. Protect the Server's Private Key. Use Good Randomness. Check the Certificate Chain. Algorithm Selection. The Story So Far. Compromise of the master_secret. Protecting Secrets in Memory. Securing the Server's Private Key. Random Number Generation. Certificate Chain Verification. Partial Compromise. Known Attacks. Timing Cryptanalysis. Million Message Attack. Small-Subgroup Attack. Downgrade to Export. Summary. 6. SSL Performance. Introduction. SSL Is Slow. Performance Principles. Cryptography Is Expensive. Session Resumption. Handshake Algorithm and Key Choice. Bulk Data Transfer. Basic SSL Performance Rules. The Story So Far. Handshake Time Allocation. Normal RSA Mode. RSA with Client Authentication. Ephemeral RSA. DSS/DHE. DSS/DHE with Client Authentication. Performance Improvements with DH. Record Processing. Java. SSL Servers under Load. Hardware Acceleration. Inline Hardware Accelerators. Network Latency. The Nagle Algorithm. Handshake Buffering. Advanced SSL Performance Rules. Summary. 7. Designing with SSL. Introduction. Know What You Want to Secure. Client Authentication Options. Reference Integrity. Inappropriate Tasks. Protocol Selection. Reducing Handshake Overhead. Design Strategy. The Story So Far. Separate Ports. Upward Negotiation. Downgrade Attacks. Reference Integrity. Username/Password Authentication. SSL Client Authentication. Mutual Username/Password Authentication. Rehandshake. Secondary Channels. Closure. Summary. 8. Coding with SSL. Introduction. SSL Implementations. Sample Programs. Context Initialization. Client Connect. Server Accept. Simple I/O Handling. Multiplexed I/O Using Threads. Multiplexed I/O with select(). Closure. Session Resumption. What's Missing? Summary. 9. HTTP over SSL. Introduction. Securing the Web. HTTP. HTML. URLs. HTTP Connection Behavior. Proxies. Virtual Hosts. Protocol Selection. Client Authentication. Reference Integrity. HTTPS. HTTPS Overview. URLs and Reference Integrity. Connection Closure. Proxies. Virtual Hosts. Client Authentication. Referrer. Substitution Attacks. Upgrade. Programming Issues. Proxy CONNECT. Handling Multiple Clients. Summary. 10. SMTP over TLS. Introduction. Internet Mail Security. Internet Messaging Overview. SMTP. RFC 822 and MIME. E-Mail Addresses. Mail Relaying. Virtual Hosts. MX Records. Client Mail Access. Protocol Selection. Client Authentication. Reference Integrity. Connection Semantics. STARTTLS. STARTTLS Overview. Connection Closure. Requiring TLS. Virtual Hosts. Security Indicators. Authenticated Relaying. Originator Authentication. Reference Integrity Details. Why Not CONNECT? What's STARTTLS Good For? Programming Issues. Implementing STARTTLS. Server Startup. Summary. 11. Contrasting Approaches. Introduction. The End-to-End Argument. The End-to-End Argument and SMTP. Other Protocols. IPsec. Security Associations. ISAKMP and IKE. AH and ESP. Putting It All Together: IPsec. IPsec versus SSL. Secure HTTP. CMS. Message Format. Cryptographic Options. Putting It All Together: S-HTTP. S-HTTP versus HTTPS. S/MIME. Basic S/MIME Formatting. Signing Only. Algorithm Choice. Putting It All Together: S/MIME. Implementation Barriers. S/MIME versus SMTP/TLS. Choosing the Appropriate Solution. Summary. Appendix A: Example Code. Chapter 8. Examples. Java Examples. Chapter 9. HTTPS Examples. mod_ssl Session Caching. Appendix B: SSLv2. Introduction. SSLv2 Overview. Missing Features. Security Problems. PCT. What about SSLv1? Bibliography. Index. 0201615983T04062001


Best Sellers


Product Details
  • ISBN-13: 9780201615982
  • Publisher: Pearson Education Limited
  • Publisher Imprint: Addison Wesley
  • Depth: 32
  • Height: 232 mm
  • No of Pages: 528
  • Series Title: English
  • Sub Title: Designing and Building Secure Systems
  • Width: 188 mm
  • ISBN-10: 0201615983
  • Publisher Date: 01 Nov 2000
  • Binding: Paperback
  • Edition: 1
  • Language: English
  • Returnable: N
  • Spine Width: 24 mm
  • Weight: 820 gr


Similar Products

How would you rate your experience shopping for books on Bookswagon?

Add Photo
Add Photo

Customer Reviews

4       |  4 Reviews 
out of (%) reviewers recommend this product
Top Reviews
Rating Snapshot
Select a row below to filter reviews.
5
4
3
2
1
Average Customer Ratings
4       |  4 Reviews 
00 of 0 Reviews
Sort by :
Active Filters

00 of 0 Reviews
SEARCH RESULTS
1–2 of 2 Reviews
    BoxerLover2 - 5 Days ago
    A Thrilling But Totally Believable Murder Mystery

    Read this in one evening. I had planned to do other things with my day, but it was impossible to put down. Every time I tried, I was drawn back to it in less than 5 minutes. I sobbed my eyes out the entire last 100 pages. Highly recommend!

    BoxerLover2 - 5 Days ago
    A Thrilling But Totally Believable Murder Mystery

    Read this in one evening. I had planned to do other things with my day, but it was impossible to put down. Every time I tried, I was drawn back to it in less than 5 minutes. I sobbed my eyes out the entire last 100 pages. Highly recommend!


Sample text
Photo of
    Media Viewer

    Sample text
    Reviews
    Reader Type:
    BoxerLover2
    00 of 0 review

    Your review was submitted!
    SSL and TLS: Designing and Building Secure Systems
    Pearson Education Limited -
    SSL and TLS: Designing and Building Secure Systems
    Writing guidlines
    We want to publish your review, so please:
    • keep your review on the product. Review's that defame author's character will be rejected.
    • Keep your review focused on the product.
    • Avoid writing about customer service. contact us instead if you have issue requiring immediate attention.
    • Refrain from mentioning competitors or the specific price you paid for the product.
    • Do not include any personally identifiable information, such as full names.

    SSL and TLS: Designing and Building Secure Systems

    Required fields are marked with *

    Review Title*
    Review
      Add Photo Add up to 6 photos
      Would you recommend this product to a friend?
      Tag this Book
      Read more
      Does your review contain spoilers?
      What type of reader best describes you?
      I agree to the terms & conditions
      You may receive emails regarding this submission. Any emails will include the ability to opt-out of future communications.

      CUSTOMER RATINGS AND REVIEWS AND QUESTIONS AND ANSWERS TERMS OF USE

      These Terms of Use govern your conduct associated with the Customer Ratings and Reviews and/or Questions and Answers service offered by Bookswagon (the "CRR Service").


      By submitting any content to Bookswagon, you guarantee that:
      • You are the sole author and owner of the intellectual property rights in the content;
      • All "moral rights" that you may have in such content have been voluntarily waived by you;
      • All content that you post is accurate;
      • You are at least 13 years old;
      • Use of the content you supply does not violate these Terms of Use and will not cause injury to any person or entity.
      You further agree that you may not submit any content:
      • That is known by you to be false, inaccurate or misleading;
      • That infringes any third party's copyright, patent, trademark, trade secret or other proprietary rights or rights of publicity or privacy;
      • That violates any law, statute, ordinance or regulation (including, but not limited to, those governing, consumer protection, unfair competition, anti-discrimination or false advertising);
      • That is, or may reasonably be considered to be, defamatory, libelous, hateful, racially or religiously biased or offensive, unlawfully threatening or unlawfully harassing to any individual, partnership or corporation;
      • For which you were compensated or granted any consideration by any unapproved third party;
      • That includes any information that references other websites, addresses, email addresses, contact information or phone numbers;
      • That contains any computer viruses, worms or other potentially damaging computer programs or files.
      You agree to indemnify and hold Bookswagon (and its officers, directors, agents, subsidiaries, joint ventures, employees and third-party service providers, including but not limited to Bazaarvoice, Inc.), harmless from all claims, demands, and damages (actual and consequential) of every kind and nature, known and unknown including reasonable attorneys' fees, arising out of a breach of your representations and warranties set forth above, or your violation of any law or the rights of a third party.


      For any content that you submit, you grant Bookswagon a perpetual, irrevocable, royalty-free, transferable right and license to use, copy, modify, delete in its entirety, adapt, publish, translate, create derivative works from and/or sell, transfer, and/or distribute such content and/or incorporate such content into any form, medium or technology throughout the world without compensation to you. Additionally,  Bookswagon may transfer or share any personal information that you submit with its third-party service providers, including but not limited to Bazaarvoice, Inc. in accordance with  Privacy Policy


      All content that you submit may be used at Bookswagon's sole discretion. Bookswagon reserves the right to change, condense, withhold publication, remove or delete any content on Bookswagon's website that Bookswagon deems, in its sole discretion, to violate the content guidelines or any other provision of these Terms of Use.  Bookswagon does not guarantee that you will have any recourse through Bookswagon to edit or delete any content you have submitted. Ratings and written comments are generally posted within two to four business days. However, Bookswagon reserves the right to remove or to refuse to post any submission to the extent authorized by law. You acknowledge that you, not Bookswagon, are responsible for the contents of your submission. None of the content that you submit shall be subject to any obligation of confidence on the part of Bookswagon, its agents, subsidiaries, affiliates, partners or third party service providers (including but not limited to Bazaarvoice, Inc.)and their respective directors, officers and employees.

      Accept

      New Arrivals


      Inspired by your browsing history


      Your review has been submitted!

      You've already reviewed this product!
      ASK VIDYA