<< 1 >>
Rating: 
Summary: Do people edit these things?
Review: I am a software developer looking for a quick introduction before I get deep into the guts of PKI systems. This book does provide such an introduction, but you have to be very patient to get it. Mr. Austin hops around from subject to subject, introducing new ideas in the middle of a completely unrelated section. He will begin a paragraph with "in summary" and then move promptly on to throwing out concepts that he neither defines nor uses.Mr. Austin seems to be working very hard to keep the book relatively non-technical, so that anybody can understand it. Unfortunately, he seems to like tossing in technical concepts, explaning part of what they mean, and then moving on without using them. His examples are generally so non-technical that they are mostly worthless, while so poorly contrived that they still don't make any sense. This book might be a valuable resource if someone spent time reorganizing it, editing the grammar, and cleaning up the examples. Until then, however, I recommend you find something else. I'm certainly going to.
Rating: 
Summary: The right brief for a growing audience...
Review: I must say that this book was the right book at the right time for me. After (re)-searching for some time for a book on PKI and finding really not much that could make the subject clear without being readable only by people who are already deploying, developing, or using PKI based solutions, i.e. the book starts on the ground floor; what is it all about, why do I care, and how can I plan for PKI. This book was an easy read on an increasingly important subject, its illustrations worked well for me, and the level of depth for a technical but first time reader on the subject was more than adequate. It is a PKI Brief not a PKI Bible and prospective buyers should keep this in mind. I bought 5 additional copies for managers and technologists in my company to get them started on the subject and to ground future discussion on the subject. Well-done Mr. Austin. I am looking forward to your next tech brief.
Rating:
Summary: I Wish this had been written three years ago!
Review: I think that Austin's Book, a PKI primer is the right book at the right time. It's a good introduction to the whole field of PKI with a great deal of breadth. I wish it had been written three years ago when I first started thinking about implementing PKI. (Full disclosure note: My company was one of the ones profiled in the book, but I hadn't seen any of the text of the book until its publication). It's divided into five parts: Security Basics, PKI Technologies, PKI and Business Issues, Case Studies, and PKI Efforts Present and future. There are a total of 20 chapters spread out among those parts. The chapters in the first two parts are especially clear and offer a great introduction to this still new technology. The diagrams help the text and the text explain well what, in the end, are difficult concepts for the average business manager, even a technical one in charge of IT projects, to understand. At the same time, the inclusion of the non-technological, but organizational related issues such as Certificate Practice Statements, evaluting vendor proposals, PKI audits, and others, rounds out the PKI "big picture". Like most technologies that need to work in the real business world. just buying a PKI solution from a vendor won't even begin to help you if you are not aware of organizational, legal, and implementation issues. From a business perspective, I found the "Vendor Evaluation Matrix" and the inclusion of a sample Request for Proposal(RFP) especially helpful. Also helpful were the references to the current standard work being done by Internet Engineering Task Force (IETF) and the different European regulatory bodies. One minor quibble: the book lists seven "contributors" but does not state who wrote which chapter or section. I hope that this will be corrected in a future edition. If you want to get a very good grounding in PKI and the issues surrounding deploying it, or to answer the question of why you would even want deploy PKI, this book is a very good one to add to your knowledge arsenal. If or as you go implementing your own PKI solution, this book will be a handy "project check list" as well.
Rating:
Summary: PKI: An Excellent Technical and Business Overview
Review: It is difficult to write a book for a technical as well as a business audience. Tom Austin has accomplished this task in his book PKI. Rather than simply present an in-depth technical discussion, Austin brings the technical arguements to a business audience and, for the technical audience, an overview of PKI technology and the business case for such an approach. The book has five major sections. Security Basics places PKI within a larger information system security framework, introducing central concepts of cryptography and related functions. PKI Technologies examines the fundamentals of the PKI approach, including certificate authorities and hardware mechanisms. The PKI and Business Issues section cover a range of issues, such as acquiring PKI and enabling legacy applications. Then he presents Case Studies, where he shows how several large organizations (Bank of Bermuda, Perot Systems, Idaho National Engineering and Environmental Laboratory, U.S. Patent and Trademark Office and Reusch) made their business decisions in support of PKI and the implementation of PKI solutions. In his final chapter, PKI Efforts: Present and Future, the author discusses laws and standards as well as biometrics and PKI. I plan to recommend this book to my consulting clients and those who wish to better understand the importance of PKI. If Tom Austin's book is an example of the Wiley Tech Brief series, I look forward to reading their other offerings. Sanford Sherizen, Ph.D., CISSP
<< 1 >>
| 
