Web Security & Commerce (O'Reilly Nutshell)

Since I am currently teaching this course for the very first time I have found it to be well-targeted for the Business Administration undergraduate level students. The prose is pleasant and often entertaining, with the technical information provided with just the right balance of detail and concept, reinforced with recent related anectdotal examples.

While it could stand some some "updating" - (technology is moving at blinding speed in this area) - the authors' basic messages of why security is important, typical techniques employed by the "bad guys", and the emphasis on protection and prevention versus reaction and recovery all strike true, loud and clear.

In my regular day job, as someone involved in the field of Software Quality Assurance for web-based applications, I ordered everyone on my staff a copy for their personal use. At the Amazon price, it is a bargain!

Rating:
Summary: Definitive Guide for Internet Security
Review: This books not only explains system security, it goes into technical detail, something that 95% of books always lack. I shouldn't have to say this book is good, its from O'Reilly. It covers PGP and how it works (not jsut what it is), SSL, TLS, login security, CGI security (they give actual code examples not ideals), hardware based security such with things like smart cards. There is also a chapter that explains what to do after you have been broken into and explains your legal routes of actions also. I also liked the fact that there is a chapter that explains the author's route of actions while working at an ISP . This book is a good buy if you need to learn about security and e-commerence and all the options you have relating to security. I've read alot of books, and its rare to find a book that explains things and also gives technical details. I know I'm not the only person who is sick of seeing every book being written for people who have never used a computer before and do not give code examples and real world implimentation. The only bad thing I have to say about this book is that there isn't a chapter that explains creating your own encryption method for Perl/C/PHP/ASP or the math behind it, but the material they do have does a good job of getting you very near this subject.

Rating:
Summary: Definitive Guide for Internet Security
Review: This books not only explains system security, it goes into technical detail, something that 95% of books always lack. I shouldn't have to say this book is good, its from O'Reilly. It covers PGP and how it works (not jsut what it is), SSL, TLS, login security, CGI security (they give actual code examples not ideals), hardware based security such with things like smart cards. There is also a chapter that explains what to do after you have been broken into and explains your legal routes of actions also. I also liked the fact that there is a chapter that explains the author's route of actions while working at an ISP . This book is a good buy if you need to learn about security and e-commerence and all the options you have relating to security. I've read alot of books, and its rare to find a book that explains things and also gives technical details. I know I'm not the only person who is sick of seeing every book being written for people who have never used a computer before and do not give code examples and real world implimentation. The only bad thing I have to say about this book is that there isn't a chapter that explains creating your own encryption method for Perl/C/PHP/ASP or the math behind it, but the material they do have does a good job of getting you very near this subject.

Rating:
Summary: A must have for everyone interested in security technology
Review: Wrote with plain talk, this book is one of the best resources about security on Internet / Intranet. It probably does not cover SSL in depth and I also miss more talking about NT and IIS security implementations. But anyway, a highly recommended book for anyone.