• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
  • Tim Cooke
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Liutauras Vilda
  • Rob Spoor
  • Junilu Lacar
  • paul wheaton
Saloon Keepers:
  • Stephan van Hulst
  • Tim Moores
  • Tim Holloway
  • Carey Brown
  • Scott Selikoff
  • Piet Souris
  • Jj Roberts
  • fred rosenberger

"Web Security, Privacy & Commerce, 2nd Ed." Released by O'Reilly

"The Hood"
Posts: 8521
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator


Sebastopol, CA--Although nearly half the population of the United
States uses the Internet on a regular basis, most will agree that using the Web is not without its risks. Yet, in spite of the danger lurking on the Web, we hear relatively few reports of incidents of cyber crime. It may be that we have been incredibly lucky, says Simson Garfinkel, author with Gene Spafford of "Web Security, Privacy & Commerce" (O'Reilly, Second Edition, US $44.95). "Today, most Net-based attackers seem to be satisfied with the publicity that their assaults generate," Garfinkel says. "Although there have been online heists, there are so few that they still make the news. Security is weak, but the vast majority of Internet users still play by the rules."
But, Garfinkel explains, it may be that our luck is running out.
Despite the obvious risks in using the Web, our society and economy have passed a point of no return, say Garfinkel and Spafford, so that having a presence on the Web now seems to be a fundamental requirement for businesses, governments, and other organizations. Understanding how to minimize and neutralize the destructive power of security threats has become a high priority for users, administrators, and organizations. The newly revised and dramatically expanded second edition of "Web Security, Privacy & Commerce" cuts through the sensationalism and examines the real issues and risks inherent in the Web.
"This is a book about how to enhance security, privacy, and commerce on the World Wide Web," says Garfinkel. "We've actually got three books in one. The first is a book for users; the second for service providers, and the third is for content providers, that is, the people who publish information on the Web. There are different issues facing each of these groups.
"For users," Garfinkel continues, "the demise of the dot-com economy means that even more companies are looking for ways to make a buck off Internet users--and frequently, that means trying to find ways to capture and resell personal information. Now more than ever, people need to be concerned about online privacy. For service providers, there has been an increased attention to information security as a result of recent current events. And for content providers, it's clear that issues of content control, copyright, and possibly criminal content are here to stay. This book explains all the key issues."
"Web Security, Privacy & Commerce" is a definitive reference on web security risks and the techniques and technologies that can be used as protection against these risks. Topics in the new edition include:
-Web technology: cryptography, the Secure Sockets Layer (SSL), the Public Key Infrastructure (PKI), passwords, digital signatures, and biometrics.
-Web Privacy and security for users: Cookies, log files, spam, web logs, web bugs, personally-identifiable information, and identity theft, as well as hostile mobile code plug-ins, ActiveX controls, Java applets, and JavaScript, Flash and Shockwave programs.
-Web server security for administrators and content providers: CGI, PHP, SSL certificates, P3P and privacy policies, digital payments, client-side signatures, code signing, pornography filtering, ICS, intellectual property, and legal issues.
What critics said about the first edition:
"Garfinkel and Spafford deal head on with key elements of Internet and enterprise security. 'Web Security and Commerce' addresses modern security technologies and applications in a comprehensive fashion, and is an important work in the explosive, fast-moving, and highly visible security field."
--Eric Greenberg, Group Security Product Manager, Netscape
Communications Corporation
"This is a truly useful book which can help people avoid a lot of the risks in Webware. It is intelligently written, timely, informative, accurate, comprehensive, understandable, and a great pleasure to read.
It is the Web-ster's definitive guide to security."
--Peter G. Neumann, moderator of ACM "RISKS" Forum and author of
"Computer-Related Risks"
"This book is packed with useful information and solid advice for Web users, Webmasters, and developers. Garfinkel and Spafford skip the usual marketing hype and tell us how and why Web security works--or breaks down--in the real world."
--Dr. Edward Felten, head of Princeton University's Secure Internet Programming Group
"If you have a business, and you want to learn how to protect the
security of your Web site, or if you're a Web surfer and want to know more about privacy on the Web, a new book, 'Web Security & Commerce' by Simson Garfinkel with Gene Spafford, is the best I've seen."
--Michael Ketcher, Bull & Bear Financial Report, March 1998
"Garfinkel and Spafford provide a thorough, engrossing, and
disconcerting overview of all the relevant security issues...an
excellent book all around--generous with technical detail and practical examples, yet accessible and fascinating to read. It's recommended for anyone who's interested in the subject."
--John Frazer Dobson, Computer Shopper, June 1998

Chapter 8, "The Web's War on Your Privacy," is available free online at: http://www.oreilly.com/catalog/websec2/chapter/ch08.html
For more information about the book, including Table of Contents,
index, author bio, and samples, see: http://www.oreilly.com/catalog/websec2/
For a cover graphic in jpeg format, go to:

Web Security, Privacy & Commerce
By Simson Garfinkel, with Gene Spafford
Second Edition, November 2001
ISBN 0-596-00045-6, 756 pages, $44.95 (US)
1-800-998-9938 http://www.oreilly.com
About O'Reilly
O'Reilly & Associates is the premier information source for
leading-edge computer technologies. We communicate the knowledge of experts through our books, conferences, and web sites. Our books, known for their animals on the covers, occupy a treasured place on the shelves of the developers building the next generation of software. Our conferences and summits bring innovators together to shape the revolutionary ideas that spark new industries. From the Internet to the Web, Linux, open source, and now peer-to-peer networking, we put technologies on the map. For more information: http://www.oreilly.com
O'Reilly is a registered trademark of O'Reilly & Associates, Inc. All other trademarks are property of their respective owners.
Consider Paul's rocket mass heater.
    Bookmark Topic Watch Topic
  • New Topic