SSL & TLS Essentials

SSL & TLS Essentials
Author: Stephen A. Thomas
Publisher: John Wiley & Sons
Total Pages: 234
Release: 2000-02-25
Genre: Computers
ISBN:

CD-ROM includes: Full-text, electronic edition of text.

SSL and TLS: Theory and Practice, Second Edition

SSL and TLS: Theory and Practice, Second Edition
Author: Rolf Oppliger
Publisher: Artech House
Total Pages: 301
Release: 2016-03-31
Genre: Computers
ISBN: 1608079996

This completely revised and expanded second edition of SSL and TLS: Theory and Practice provides an overview and a comprehensive discussion of the Secure Sockets Layer (SSL), Transport Layer Security (TLS), and Datagram TLS (DTLS) protocols that are omnipresent in today's e-commerce and e-business applications and respective security solutions. It provides complete details on the theory and practice of the protocols, offering readers a solid understanding of their design principles and modes of operation. Updates to this edition include coverage of the recent attacks against the protocols, newly specified extensions and firewall traversal, as well as recent developments related to public key certificates and respective infrastructures. This book targets software developers, security professionals, consultants, protocol designers, and chief security officers who will gain insight and perspective on the many details of the SSL, TLS, and DTLS protocols, such as cipher suites, certificate management, and alert messages. The book also comprehensively discusses the advantages and disadvantages of the protocols compared to other Internet security protocols and provides the details necessary to correctly implement the protocols while saving time on the security practitioner's side.

Bulletproof SSL and TLS

Bulletproof SSL and TLS
Author: Ivan Ristic
Publisher: Feisty Duck
Total Pages: 528
Release: 2014
Genre: Computers
ISBN: 1907117040

Bulletproof SSL and TLS is a complete guide to using SSL and TLS encryption to deploy secure servers and web applications. Written by Ivan Ristic, the author of the popular SSL Labs web site, this book will teach you everything you need to know to protect your systems from eavesdropping and impersonation attacks. In this book, you’ll find just the right mix of theory, protocol detail, vulnerability and weakness information, and deployment advice to get your job done: - Comprehensive coverage of the ever-changing field of SSL/TLS and Internet PKI, with updates to the digital version - For IT security professionals, help to understand the risks - For system administrators, help to deploy systems securely - For developers, help to design and implement secure web applications - Practical and concise, with added depth when details are relevant - Introduction to cryptography and the latest TLS protocol version - Discussion of weaknesses at every level, covering implementation issues, HTTP and browser problems, and protocol vulnerabilities - Coverage of the latest attacks, such as BEAST, CRIME, BREACH, Lucky 13, RC4 biases, Triple Handshake Attack, and Heartbleed - Thorough deployment advice, including advanced technologies, such as Strict Transport Security, Content Security Policy, and pinning - Guide to using OpenSSL to generate keys and certificates and to create and run a private certification authority - Guide to using OpenSSL to test servers for vulnerabilities - Practical advice for secure server configuration using Apache httpd, IIS, Java, Nginx, Microsoft Windows, and Tomcat This book is available in paperback and a variety of digital formats without DRM.

High Performance Browser Networking

High Performance Browser Networking
Author: Ilya Grigorik
Publisher: "O'Reilly Media, Inc."
Total Pages: 420
Release: 2013-09-11
Genre:
ISBN: 1449344720

How prepared are you to build fast and efficient web applications? This eloquent book provides what every web developer should know about the network, from fundamental limitations that affect performance to major innovations for building even more powerful browser applications—including HTTP 2.0 and XHR improvements, Server-Sent Events (SSE), WebSocket, and WebRTC. Author Ilya Grigorik, a web performance engineer at Google, demonstrates performance optimization best practices for TCP, UDP, and TLS protocols, and explains unique wireless and mobile network optimization requirements. You’ll then dive into performance characteristics of technologies such as HTTP 2.0, client-side network scripting with XHR, real-time streaming with SSE and WebSocket, and P2P communication with WebRTC. Deliver superlative TCP, UDP, and TLS performance Speed up network performance over 3G/4G mobile networks Develop fast and energy-efficient mobile applications Address bottlenecks in HTTP 1.x and other browser protocols Plan for and deliver the best HTTP 2.0 performance Enable efficient real-time streaming in the browser Create efficient peer-to-peer videoconferencing and low-latency applications with real-time WebRTC transports

HTTP Essentials

HTTP Essentials
Author: Stephen A. Thomas
Publisher:
Total Pages: 342
Release: 2001-03-22
Genre: Computers
ISBN:

CD-ROM contains: text in a searchable Adobe Acrobat file (http.pdf); Adobe Acrobat Reader 4.0 for Windows and MacOS.

Network Security with OpenSSL

Network Security with OpenSSL
Author: John Viega
Publisher: "O'Reilly Media, Inc."
Total Pages: 387
Release: 2002-06-17
Genre: Computers
ISBN: 0596551975

Most applications these days are at least somewhat network aware, but how do you protect those applications against common network security threats? Many developers are turning to OpenSSL, an open source version of SSL/TLS, which is the most widely used protocol for secure network communications.The OpenSSL library is seeing widespread adoption for web sites that require cryptographic functions to protect a broad range of sensitive information, such as credit card numbers and other financial transactions. The library is the only free, full-featured SSL implementation for C and C++, and it can be used programmatically or from the command line to secure most TCP-based network protocols.Network Security with OpenSSL enables developers to use this protocol much more effectively. Traditionally, getting something simple done in OpenSSL could easily take weeks. This concise book gives you the guidance you need to avoid pitfalls, while allowing you to take advantage of the library?s advanced features. And, instead of bogging you down in the technical details of how SSL works under the hood, this book provides only the information that is necessary to use OpenSSL safely and effectively. In step-by-step fashion, the book details the challenges in securing network communications, and shows you how to use OpenSSL tools to best meet those challenges.As a system or network administrator, you will benefit from the thorough treatment of the OpenSSL command-line interface, as well as from step-by-step directions for obtaining certificates and setting up your own certification authority. As a developer, you will further benefit from the in-depth discussions and examples of how to use OpenSSL in your own programs. Although OpenSSL is written in C, information on how to use OpenSSL with Perl, Python and PHP is also included.OpenSSL may well answer your need to protect sensitive data. If that?s the case, Network Security with OpenSSL is the only guide available on the subject.

Bulletproof TLS and PKI, Second Edition: Understanding and Deploying SSL/TLS and PKI to Secure Servers and Web Applications

Bulletproof TLS and PKI, Second Edition: Understanding and Deploying SSL/TLS and PKI to Secure Servers and Web Applications
Author: Ivan Ristic
Publisher: Feisty Duck
Total Pages: 512
Release: 2022-01-10
Genre: Computers
ISBN: 9781907117091

Bulletproof TLS and PKI is a complete guide to using TLS encryption and PKI to deploy secure servers and web applications. Written by Ivan Ristic, author of the popular SSL Labs web site, this book will teach you everything you need to know to protect your systems from eavesdropping and impersonation attacks. In this book, you'll find just the right mix of theory, protocol detail, vulnerability and weakness information, and deployment advice to get your job done: Comprehensive coverage of the ever-changing field of SSL/TLS and Internet PKI, with updates to the digital version For IT professionals, help to understand security risks For system administrators, help to deploy systems securely For developers, help to secure web applications Practical and concise, with added depth as needed Introduction to cryptography and the Internet threat model Coverage of TLS 1.3 as well as earlier protocol versions Discussion of weaknesses at every level, covering implementation issues, HTTP and browser problems, and protocol vulnerabilities Coverage of the latest attacks, such as BEAST, CRIME, BREACH, Lucky 13, RC4 biases, Triple Handshake Attack, and Heartbleed Thorough deployment advice, including advanced technologies, such as Strict Transport Security, Content Security Policy, and pinning Guide to using OpenSSL to generate keys and certificates and to create and run a private certification authority Guide to using OpenSSL to test servers for vulnerabilities This book is also available in a variety of digital formats directly from the publisher. Visit us at www.feistyduck.com.

Advances in Cryptology – CRYPTO 2013

Advances in Cryptology – CRYPTO 2013
Author: Ran Canetti
Publisher: Springer
Total Pages: 605
Release: 2013-08-15
Genre: Computers
ISBN: 3642400418

The two volume-set, LNCS 8042 and LNCS 8043, constitutes the refereed proceedings of the 33rd Annual International Cryptology Conference, CRYPTO 2013, held in Santa Barbara, CA, USA, in August 2013. The 61 revised full papers presented in LNCS 8042 and LNCS 8043 were carefully reviewed and selected from numerous submissions. Two abstracts of the invited talks are also included in the proceedings. The papers are organized in topical sections on lattices and FHE; foundations of hardness; cryptanalysis; MPC - new directions; leakage resilience; symmetric encryption and PRFs; key exchange; multi linear maps; ideal ciphers; implementation-oriented protocols; number-theoretic hardness; MPC - foundations; codes and secret sharing; signatures and authentication; quantum security; new primitives; and functional encryption.