Understanding PKI: Concepts, Standards, and Deployment Considerations (2nd Edition)

3,55 valoración promedio
( 11 valoraciones por Goodreads )
 
9780672323911: Understanding PKI: Concepts, Standards, and Deployment Considerations (2nd Edition)

PKI (public-key infrastructure) enables the secure exchange of data over otherwise unsecured media, such as the Internet. PKI is the underlying cryptographic security mechanism for digital certificates and certificate directories, which are used to authenticate a message sender. Because PKI is the standard for authenticating commercial electronic transactions, Understanding PKI, Second Edition, provides network and security architects with the tools they need to grasp each phase of the key/certificate life cycle, including generation, publication, deployment, and recovery.

"Sinopsis" puede pertenecer a otra edición de este libro.

From the Publisher:

Without doubt, the promise of public-key infrastructure (PKI) technology has attracted a significant amount of attention in the last few years. Hardly a week goes by without some facet of PKI being addressed in a newspaper, trade journal, or conference paper. We hear and read about the promise of authentication and non-repudiation services provided through the use of digital signature techniques and about confidentiality and key management services based on a combination of symmetric and asymmetric cryptography—all facilitated through the realization of a supporting technology referred to as PKI. In fact, many people consider the widespread deployment of PKI technology to be an important enabler of secure global electronic commerce.

Although the foundation for PKI was established over two decades ago with the invention of public-key cryptography, PKI technology has been offered as a commercially viable solution only within the last few years. But what started as a handful of technology vendors a few years ago has seen the birth of dozens, perhaps hundreds, of products that offer one form or another of PKI-related service. Further, the commercial demand for PKI-based services remains strong, and available evidence suggests that this will continue for the foreseeable future.

Still, as a technology, PKI is fairly new. And to many, PKI technology is shrouded in mystery to some extent. This situation appears to be exacerbated by the proliferation of conflicting documentation, standards, and vendor approaches. Furthermore, there are few comprehensive books devoted to PKI that provide a good introduction to its critical concepts and technology fundamentals.

Thus, the authors share a common motivation in writing this book: to provide a vendor-neutral source of information that can be used to establish a baseline for understanding PKI. In this book, we provide answers to many of the fundamental PKI-related questions, including

What exactly is a PKI?
What constitutes a digital signature?
What is a certificate?
What is certificate revocation?
What is a Certification Authority (CA)?
What are the governing standards?
What are the issues associated with large-scale PKI deployment within an enterprise?
These are just some of the questions we explore in this book.

Motivations for PKI
It is important to recognize that PKI is not simply a "neat" technology without tangible benefits.When deployed judiciously, PKI offers certain fundamental advantages to an organization, including the potential for substantial cost savings. PKI can be used as the underlying technology to support authentication, integrity, confidentiality, and non-repudiation. This is accomplished through a combination of symmetric and asymmetric cryptographic techniques enabled through the use of a single, easily managed infrastructure rather than multiple security solutions. (See Chapter 2, Public-Key Cryptography; Chapter 3, The Concept of an Infrastructure; Chapter 4, Core PKI Services: Authentication, Integrity, and Confidentiality; and Chapter 5, PKI-Enabled Services.) PKI offers scalable key management in that the overhead associated with the distribution of keying material to communicating parties is reduced significantly when compared with solutions based solely on symmetric cryptography. (See Chapter 2 for a description of symmetric and asymmetric cryptographic techniques.) Ultimately, however, the primary motivations from a business standpoint are not technical but economic: How can PKI give a positive return on investment? To that end, judicious deployment of a single, unifying PKI technology can help, among other things

Reduce administrative overhead (when compared with the deployment of multiple point solutions)
Reduce the number of passwords required by end users (and, consequently, the administrative and help desk costs associated with managing them)
Reduce paperwork and improve workflow efficiencies through more automated (and more secure) business processes
Optimize work-force productivity (by ensuring that users spend less time contending with the security infrastructure and more time on the job at hand)
Reduce requirements for end-user training related to the use of the security services (because there is one security solution rather than many)
Not only does PKI technology have the potential to realize cost savings, but in some cases it also might even be a source of revenue for an organization (through support for new services that might otherwise not be offered). Benefits and related business considerations associated with PKI technology are discussed further in Part III, Deployment Considerations.

Changes in the Second Edition
The world, and PKI's place in the world, has evolved somewhat since the first edition of this book was written. Like many technologies, PKI has experienced the highs and lows of media attention and analyst focus: In three short years, the descriptions have covered the spectrum from "silver bullet" to "snake oil." There is still confusion regarding naming of entities and the use of PKI in real-world business applications such as e-mail. Occasionally, the long-term viability of PKI is questioned in journals or trade publications. In this second edition, two new chapters have been added to address precisely these areas:

Chapter 14, PKI in Practice, looks at the use of this technology in the real world and tries to clarify where PKI can be beneficial and where it cannot.

Chapter 15, The Future of PKI, is based upon an observation of how the world has been evolving and attempts to answer the question: Will this technology survive and, if so, why?

For the most part, however, the roller coaster of public opinion has now largely stabilized. There is general consensus that PKI is one viable option for a good, solid authentication technology with a number of appealing benefits compared with other technologies. In conjunction with this, PKI itself has matured and evolved to better meet the needs of the environments that might deploy it and rely on it for various services. In this edition, changes and additions have been made throughout the book to capture and explain this evolution. Some specific examples include the following:

Chapter 5, PKI-Enabled Services, now includes a section on privacy as a service that may be enabled by a PKI.

Chapters 6, Certificates and Certification, and 8, Certificate Revocation, have been updated to reflect new extensions and clarification text that were introduced in the X.509 (2000) standard.

Chapter 9, Trust Models, now incorporates material on several additional trust models that may be appropriate in some environments.

Chapter 13, Electronic Signature Legislation and Considerations, has been revised and updated to reflect the significant progress that has been made in that area since late 1999. * The whole of Part II, Standards, has been updated to incorporate the latest achievements in that area, as well as the new initiatives that have been started, especially in the eXtensible Markup Language (XML) standards bodies. Numerous other, more minor, updates and revisions may be found throughout the book.

Audience
The main purpose of this book is to provide a fairly comprehensive overview that will help the reader better understand the technical and operational considerations behind PKI technology. You will benefit from this book if you are responsible for the planning, deployment, and/or operation of an enterprise PKI. Those who are simply interested in the basic principles behind a PKI should also find this book useful.

We hope that this book will become an educational tool for many and a handy reference guide for others. This book is not intended to resolve extremely detailed implementation questions, although it can serve as a primer for someone who will eventually be more interested in the finer implementation details.

From the Back Cover:

Public-Key Infrastructure (PKI) is the foundation of the four major elements of digital security: authentication, integrity, confidentiality, and non-repudiation. The idea of a public-key infrastructure has existed for more than a decade, but the need for PKI has intensified over the last few years as the Internet has expanded its reach into business, government, the legal system, the military, and other areas that depend on secure communications.

Understanding PKI, Second Edition, is both a guide for software engineers involved in PKI development and a readable resource for technical managers responsible for their organization’s security policies and investments. It is a comprehensive primer to the latest in PKI technology and how it is used today. Taking a non-vendor-specific approach, this book explains fundamental concepts, examines emerging standards, and discusses deployment considerations and strategies that effect success.

This second edition has been updated throughout to incorporate all of the most recent developments in the PKI field. Two new chapters have been added to address the use of PKI in the real world and to explore the technology’s future. This new edition also addresses:

  • The X.509 standard
  • PKI for privacy
  • The emergence of electronic signatures and accompanying legislation
  • New PKI initiatives supported by the XML standards bodies
  • In addition to this specific information, the authors lend their informed opinions on how emerging trends will drive the expansion of PKI.



    0672323915B10162002

    "Sobre este título" puede pertenecer a otra edición de este libro.

    Los mejores resultados en AbeBooks

    1.

    Adams, Carlisle; Lloyd, Steve
    Editorial: Addison-Wesley Professional
    ISBN 10: 0672323915 ISBN 13: 9780672323911
    Nuevos Tapa dura Cantidad: 1
    Librería
    Cloud 9 Books
    (Wellington, FL, Estados Unidos de America)
    Valoración
    [?]

    Descripción Addison-Wesley Professional. Hardcover. Estado de conservación: New. 0672323915 New Condition. Nº de ref. de la librería NEW6.0331936

    Más información sobre esta librería | Hacer una pregunta a la librería

    Comprar nuevo
    EUR 52,90
    Convertir moneda

    Añadir al carrito

    Gastos de envío: EUR 4,27
    A Estados Unidos de America
    Destinos, gastos y plazos de envío

    2.

    Adams, Carlisle, Lloyd, Steve
    Editorial: Addison-Wesley Professional (2002)
    ISBN 10: 0672323915 ISBN 13: 9780672323911
    Nuevos Tapa dura Cantidad: 2
    Librería
    Murray Media
    (North Miami Beach, FL, Estados Unidos de America)
    Valoración
    [?]

    Descripción Addison-Wesley Professional, 2002. Hardcover. Estado de conservación: New. Nº de ref. de la librería P110672323915

    Más información sobre esta librería | Hacer una pregunta a la librería

    Comprar nuevo
    EUR 56,79
    Convertir moneda

    Añadir al carrito

    Gastos de envío: EUR 2,56
    A Estados Unidos de America
    Destinos, gastos y plazos de envío

    3.

    Steve Lloyd and Carlisle Adams
    ISBN 10: 0672323915 ISBN 13: 9780672323911
    Nuevos Cantidad: 1
    Librería
    Castle Rock
    (Pittsford, NY, Estados Unidos de America)
    Valoración
    [?]

    Descripción Estado de conservación: Brand New. Book Condition: Brand New. Nº de ref. de la librería 97806723239111.0

    Más información sobre esta librería | Hacer una pregunta a la librería

    Comprar nuevo
    EUR 105,53
    Convertir moneda

    Añadir al carrito

    Gastos de envío: EUR 3,42
    A Estados Unidos de America
    Destinos, gastos y plazos de envío

    4.

    Carlisle Adams, Steve Lloyd
    Editorial: Addison-Wesley Professional (2002)
    ISBN 10: 0672323915 ISBN 13: 9780672323911
    Nuevos Tapa dura Cantidad: 1
    Librería
    Ergodebooks
    (RICHMOND, TX, Estados Unidos de America)
    Valoración
    [?]

    Descripción Addison-Wesley Professional, 2002. Hardcover. Estado de conservación: New. 2. Nº de ref. de la librería DADAX0672323915

    Más información sobre esta librería | Hacer una pregunta a la librería

    Comprar nuevo
    EUR 149,56
    Convertir moneda

    Añadir al carrito

    Gastos de envío: EUR 3,42
    A Estados Unidos de America
    Destinos, gastos y plazos de envío