1st Edition

Securing E-Business Applications and Communications

By Jonathan S. Held, John Bowers Copyright 2001
    358 Pages 50 B/W Illustrations
    by Auerbach Publications

    Take a walk through the process of setting up a secure E-commerce Web site with Securing E-Business Applications and Communications. In this book, you get a brief but comprehensive look at the fundamental and important cornerstones of E-commerce: from the basics of security to the development and implementation of an actual E-commerce site. Written with the heterogeneous network in mind, it includes implementation examples for Unix (Solaris and Linux), Windows NT 4.0, and Windows 2000. The authors pay particular attention to the security issues involved. They also highlight the plethora of encryption algorithms that are instrumental in securing data.
    Rather than burden you with the intimate details of these algorithms, the authors cover "the pieces" that so many other texts miss. Together, you and the authors develop a site from concept to implementation. Numerous coding examples illustrate the how-tos of the most current technologies - from Microsoft, Sun, and others - to support secure transactions. They also explore the most popular web servers, the technologies that drive them, and commercial utilities that can be used to manage them remotely.
    While there are plenty of expensive, shrink-wrapped packages that claim to do everything you need, nothing is better than rolling up your sleeves, getting your hands dirty, and learning how the technology works. Spend some time doing that now and you'll save yourself a bundle of money over the long haul. There is no other comprehensive, step-by-step guide on how to create a secure e-commerce site than Securing E-Business Applications and Communications. Without it, you will spend countless hours finding the information it contains.

    E-Commerce: The What and the Why
    The Digital Revolution
    Security
    Encryption
    Standards
    Summary
    A Prelude of Things to Come
    The Need for Security: Learning from Other's Mistakes
    A Tangled Web Is Weaved
    CGI by Example
    Hello PHF
    Thinking Like a Hacker
    Adding Automation to the Task
    Properly Handling CGI
    Keep the Noise Down
    Know What Thy Foe Knows
    Passwords: Security's Weakest Link
    The Heart of the Problem
    Contending with the Internet
    Statistics Don't Lie
    The Mathematics of Passwords
    UNIX and Linux
    Windows 95/Windows 98
    Windows NT 4.0
    Windows 2000
    UNIX/Linux
    Recommendations
    Electronic Business (E-Business)
    Arpanet-Precursor of a Digital Revolution
    Awash in Buzzwords
    Business and the Internet
    E-Business Models
    Data Encryption
    Monoalphabetic Substitution
    Polyalphabetic Substitution
    Commercial Encryption Standards
    Closing Thoughts
    Hash Algorithms
    Message Digest (MD) Hash Functions
    SHA-1 Hash Function
    Understanding the Java Hashing Program
    A Practical Web-Based Java Cryptography Example
    Concluding Thoughts
    Authentication Protocols and Pretty Good Privacy (PGP)
    Kerberos History
    X.509 Certificate Introduction and History
    Concluding Thoughts
    Secure Remote Management
    The Windows 2000 Telnet Service
    Secure Shell (SSH-1 And SSH-2)
    FTP, Secure FTP, and SCP
    Virtual Network Comptuer (VNC)
    Virtual Private Networking (VPN)
    Concluding Thoughts
    The Technology That Enables E-Commerce
    Developing Client/Server RDBMS Applications Using Java Servlets and JDBC
    JDBC Applications
    Web Servers
    Microsoft's Active Server
    Command Object
    Concluding Thoughts
    Conclusion
    Some Final Key Points

    Biography

    Jonathan S. Held, John Bowers