Authors: Anup K. Ghosh.
Paperback, 304 pages
Publisher: Wiley
Publication Date: 1998-01-21
Edition: 1

Reviews :

    "This is a very important book . . . mandatory reading for anyone thinking about getting into e-commerce."-Peter G. Neumann Moderator of the Risks Forum and author of Computer Related Risks

The World Wide Web is changing the way the world engages in business. With this paradigm shift comes uncertainty about how secure e-commerce transactions are over an inherently insecure medium-the Internet. Businesses have learned the hard way that there is no "silver bullet" solution-not encryption, not firewalls, not even secure protocols. Like a chain, the security of e-commerce is only as strong as its weakest link.

Written by security expert Anup K. Ghosh, E-Commerce Security highlights the weak links and provides best defenses for individuals and enterprises connected to the Internet. This valuable guide addresses vulnerabilities in four essential components of electronic commerce-the data transport protocol, Web server, Web clients, and the network server operating system.

E-Commerce Security:
* Exposes the dangers of new Internet innovations in today's Web browsers, including push technology and desktop integration with the Internet
* Methodically explains the dangers of active content programs downloaded from Web sites, such as Java applets, ActiveX controls, and JavaScript
* Provides a comparison of different secure protocols for e-commerce, including digital cash protocols used in smart cards
* Presents security considerations for Web servers, online databases, and server-side application software
* Details shortcomings in firewall technology and other host security measures.

Visit our website at www.wiley.com/compbooks/

Visit this book's companion website at www.rstcorp.com/EC-security.html....

    Online security investigator and research scientist Anup Ghosh takes a realistic look at the state of security for electronic commerce. He is neither a Pollyanna believing that all is fine, nor a doomsayer predicting catastrophe for transactions lacking virtual plate armor. In fact, he feels that some levels of security are excessive. But he emphasizes that any security system is only as strong as its weakest point. If you're going to trust your money to online transactions, you need to know where your weaknesses lie and how to correct them.

To that end, Ghosh discusses real-life security failures, how they occurred, and how recurrences can be prevented. He then takes a systematic look at the areas of risk. One chapter deals with potential problems in active Web content, such as Java applets, ActiveX controls, and push technology. He examines data protocols to secure transactions with the warning that the data can be vulnerable before and after the secure transmission. The weaknesses of server hardware and software come under scrutiny as well. Ghosh calls for greater attention to security as software is being developed and looks at what advances are likely to be coming down the road. --Elizabeth Lewis...

Authors:
Hardcover, 310 pages
Publisher: Springer
Publication Date: 2008-07-24
Edition: 1

Reviews :

   

This book constitutes the refereed proceedings of the 4th International Conference on Global E-Security, ICGeS 2008, held in London, UK, in June 2008.

The 36 revised full papers presented were carefully reviewed and selected from numerous submissions. The papers are organized in topical sections on cybercrime and digital forensics investigation, voice and video over internet protocols security, computer security, security architecture and authorisations, and IT governance.

...

Authors: Mark Burnett.
Paperback, 472 pages
Publisher: Syngress
Publication Date: 2004-05
Edition: 1

Reviews :

    More of a programmer's guide than a security guide, Hacking the Code explains how certain code can be attacked, shows how you should edit the code, and offers case studies and examples for doing so. The book establishes policies for object input, and shows how to audit existing code for potential security problems.

People constantly ask security expert Mark Burnett for a guide to writing secure code. They don't want a course on security, they want to fix their code. This book is a practical guide on how to maintain session state, how to properly handle cookies, how to get user input, and more. Instead of just telling you how to do it, Burnett shows actual code that can be dropped right into your applications. This book covers almost all security issues known. Burnett has put hundreds of hours of research into his code audit database and is now making that available to you....

Authors: John Chirillo.
Paperback, 800 pages
Publisher: John Wiley & Sons
Publication Date: 2001-04-05
Edition: Bk&CD-Rom

Reviews :

    Network hacking can result in mysterious server crashes, data loss, and other problems that are not only costly to fix but difficult to recognize. This book describes in detail the tools and techniques used by network hackers and how they work to exploit security loopholes....

Authors: Ryan Fries. Mashrur Chowdhury. Jeffrey Brummond.
Hardcover, 304 pages
Publisher: Wiley
Publication Date: 2008-11-10


Reviews :

    When integrated into the transportation system infrastructure, and in vehicles themselves, Intelligent Transportation Systems, or ITS, help monitor and manage traffic flow, reduce congestion, provide alternate routes to travelers, enhance productivity, and save lives, time, and money. Here is the first comprehensive treatment of techniques to leverage ITS in support of security and safety for surface transportation infrastructure. Case studies of current ITS approaches to security issues such as freight security, disaster and evacuation response, HAZMAT incidents, rail security, and ITS Wide Area Alerts show the reader how to design, model, and implement a variety of projects....

Authors: Robert Merkle.
Paperback, 152 pages
Publisher: Paladin Press
Publication Date: 1998-03


Reviews :

    This is an owner's manual to the "Darkside" of the Web. Read it and weep. Then do what it takes to save yourself from becoming roadkill on the Highway to Hell....

Authors: John Chirillo.
Paperback, 960 pages
Publisher: Wiley
Publication Date: 2002-08-21
Edition: 2

Reviews :

    The much-anticipated second edition of the bestselling book that details network security through the hacker's eye
Since the first edition of Hack Attacks Revealed was published, many new attacks have been made on all operating systems, including UNIX, Windows XP, Mac OS, and Linux, and on firewalls, proxies, and gateways. Security expert John Chirillo is ready to tackle these attacks with you again. He has packed the Second Edition of his all-in-one reference with forty percent new material.
In this fascinating new edition, you'll discover:
* The hacker's perspective on security holes in UNIX, Linux, and Windows networks
* Over 170 new vulnerabilities and exploits
* Advanced discovery techniques
* A crash course in C for compiling hacker tools and vulnerability scanners
* The top seventy-five hack attacks for UNIX and Windows
* Malicious code coverage of Myparty, Goner, Sircam, BadTrans, Nimda, Code Red I/II, and many more
* TigerSuite Professional 3.5 (full suite single license)...

Authors: Carolyn Meinel.
Paperback, 400 pages
Publisher: Amer Eagle Pubns Inc
Publication Date: 1998-10
Edition: 2nd Rev

Authors: Knightmare.
Paperback, 205 pages
Publisher: Loompanics Unlimited
Publication Date: 1994-01


Reviews :

    The Knightmare is the sort of Super Hacker who keeps security guards from sleeping at night. He's not motivated by money or malice. He's in it for the hack. If your computer has any link whatever to the outside world, there is not question. The Knightmare can break in; the only question is whether he wants to. Secrets of a Super Hacker is an extraordinary manual on the methods of hacking. Here are some of the techniques covered in this data-devouring dossier: - Brute Force Attacks: Hurling passwords at a system until it cracks. - Social Engineering and Reverse Social Engineering: Seducing legitimate users into revealing their passwords. - Spoofing: Designing dummy screens; Delivering fake e-mail. - Superuser Abuser: How to get system managers to do your dirty work for you. - Screening Stealing: How to secretly record every image that appears on a computer screen - Data Delivery: How to hide the information you've collected; How to e-mail it to your computer. - Stair Stepping: How to use a low-level account to gain ever-higher levels of access. - And Much More! Including a brief history of hacking lists of likely passwords, a summary of computer crime laws and a glossary. The Super Hacker reveals all his secrets: Trojan Horses, Viruses, Worms, Trap Doors and Dummy Accounts. The how-to text is highlighted with bare-knuckle tales of The Knightmare's hacks, including on-site hacking remote-access hacking and bulletin board busting. No system can withstand the ingenious, unrelenting assaults of The Knightmare. And no person concerned with computer security should miss this amazing manual of mayhem....

Authors: Andrew Blyth. Gerald L. Kovacich.
Paperback, 360 pages
Publisher: Springer
Publication Date: 2001-10-02
Edition: 1

Reviews :

    Looks at corporate security and covers the business, legal, and technical knowledge needed to create secure systems. An ideal reference for IS managers who need help in dealing with day to day security issues. Softcover. ...