Features:
Description:
Garfinkel and Spafford, longtime Net veterans, overturn a lot of misconceptions about online security in a commonsense book that is easily accessible to even nontechnical readers. They make it clear that any commercial Web site requires careful attention to security-even if the site doesn't carry any sensitive information. Furthermore, the authors show that there's a lot more to security than merely encrypting transmissions. Their goal is to lay the foundation for securing the three parts of a system: the Web server and its data; the information that travels between server and user; and the user's own computer and the information stored there. Because of the rapidly evolving nature of Web security, Garfinkel and Spafford are not specific in terms of security flaws and tools to fix them. Instead, they emphasize laying out the Web-security principles that will be applicable throughout several generations of hardware and software change. In the process, they give extensive coverage to user safety, digital certificates, cryptography, Web-server security, and the larger issues of commerce and society. Appendix A shows the lessons of the book in action as it details Garfinkel's experience running and securing the Vineyard.net Internet service provider. --Elizabeth Lewis
| 
