"This is a very important book . . . mandatory reading for anyone thinking about getting into e-commerce."-Peter G. Neumann Moderator of the Risks Forum and author of Computer Related Risks
The World Wide Web is changing the way the world engages in business. With this paradigm shift comes uncertainty about how secure e-commerce transactions are over an inherently insecure medium-the Internet. Businesses have learned the hard way that there is no "silver bullet" solution-not encryption, not firewalls, not even secure protocols. Like a chain, the security of e-commerce is only as strong as its weakest link.
Written by security expert Anup K. Ghosh, E-Commerce Security highlights the weak links and provides best defenses for individuals and enterprises connected to the Internet. This valuable guide addresses vulnerabilities in four essential components of electronic commerce-the data transport protocol, Web server, Web clients, and the network server operating system.
• Exposes the dangers of new Internet innovations in today's Web browsers, including push technology and desktop integration with the Internet
• Provides a comparison of different secure protocols for e-commerce, including digital cash protocols used in smart cards
• Presents security considerations for Web servers, online databases, and server-side application software
• Details shortcomings in firewall technology and other host security measures.
Visit our website at www.wiley.com/compbooks/
Visit this book's companion website at www.rstcorp.com/EC-security.html.
|Product dimensions:||7.34(w) x 9.09(h) x 0.66(d)|
About the Author
ANUP K. GHOSH, PhD, is a research scientist with Reliable Software Technologies (www.rstcorp.com). He is an expert in security analysis of web-based applications and web servers. At RST, he is a principal investigator on a research contract with the National Institute of Standards and Technology investigating the security of the software components used in electronic commerce. He is also a principal investigator on a research contract with the U.S. Dept. of Defense investigating how to protect desktop systems from information warfare attacks.