SSL and TLS : theory and practice / Rolf Oppliger.

Format:

Book

Author/Creator:

Oppliger, Rolf.

Series:

Artech House information security and privacy series.

Artech House information security and privacy series

Language:

English

Subjects (All):

Computer network protocols.

Computer networks--Security measures.

Computer networks.

Internet--Security measures.

Internet.

Physical Description:

1 online resource (280 p.)

Edition:

1st ed.

Place of Publication:

Boston : Artech House, c2009.

Language Note:

English

Summary:

SSL (secure socket layer) and TLS (Transport Layer Security) are widely deployed security protocols that are used in all kinds of web-based e-commerce and e-business applications and are part of most contemporary security systems available today. This practical book provides a comprehensive introduction to these protocols, offering you a solid understanding of their design. You find discussions on the advantages and disadvantages of using SSL/TLS protocols compared to other Internet security protocols. This authoritative resource shows how to properly employ SSL and TLS and configure security solutions that are based on the use of the SSL/TLS protocols. Publisher abstract.

Contents:

SSL and TLS: Theory and Practice; Contents; Foreword; Preface; Acknowledgments; Chapter 1 Introduction; 1.1 OSI SECURITY ARCHITECTURE; 1.1.1 Security Services; 1.1.2 Security Mechanisms; 1.2 SECURITY DEFINITION; 1.3 FINAL REMARKS; References; Chapter 2 Cryptography Primer; 2.1 INTRODUCTION; 2.1.1 Preliminary Remarks; 2.1.2 Cryptographic Systems; 2.1.3 Classes of Cryptographic Systems; 2.1.4 Secure Cryptosystems; 2.1.5 Historical Background Information; 2.1.6 Legal Situation; 2.2 CRYPTOSYSTEMS OVERVIEW; 2.2.1 Unkeyed Cryptosystems; 2.2.2 Secret Key Cryptosystems; 2.2.3 Public Key Cryptosystems

2.3 FINAL REMARKSReferences; Chapter 3 Transport Layer Security; 3.1 INTRODUCTION; 3.2 PROTOCOL EVOLUTION; 3.3 FINAL REMARKS; References; Chapter 4 SSL Protocol; 4.1 INTRODUCTION; 4.2 PROTOCOLS; 4.2.1 SSL Record Protocol; 4.2.2 SSL Handshake Protocol; 4.2.3 SSL Change Cipher Spec Protocol; 4.2.4 SSL Alert Protocol; 4.2.5 SSL Application Data Protocol; 4.3 TRAFFIC ANALYSIS OF AN SSL SESSION; 4.4 SECURITY ANALYSIS; 4.5 FINAL REMARKS; References; Chapter 5 TLS Protocol; 5.1 INTRODUCTION; 5.1.1 TLS PRF; 5.1.2 Generation of KeyingMaterial; 5.2 TLS 1.0; 5.2.1 Cipher Suites

5.2.2 CertificateManagement5.2.3 Alert Messages; 5.2.4 Other Differences; 5.3 TLS 1.1; 5.3.1 Preliminary Remarks; 5.3.2 Cipher Suites; 5.3.3 CertificateManagement; 5.3.4 Alert Messages; 5.3.5 Other Differences; 5.4 TLS 1.2; 5.4.1 TLS Extensions; 5.4.2 Cipher Suites; 5.4.3 CertificateManagement; 5.4.4 Alert Messages; 5.4.5 Other Differences; 5.5 TRAFFIC ANALYSIS OF A TLS SESSION; 5.6 SECURITY ANALYSIS; 5.7 FINAL REMARKS; References; Chapter 6 DTLS Protocol; 6.1 INTRODUCTION; 6.2 DTLS 1.0; 6.2.1 Record Protocol; 6.2.2 Handshake Protocol; 6.3 DTLS 1.2; 6.4 SECURITY ANALYSIS; 6.5 FINAL REMARKS

ReferencesChapter 7 Firewall Traversal; 7.1 INTRODUCTION; 7.2 SSL/TLS TUNNELING; 7.3 SSL/TLS PROXYING; 7.4 FINAL REMARKS; References; Chapter 8 Public Key Certificates and PKIs; 8.1 INTRODUCTION; 8.1.1 PGP Certificates; 8.1.2 X.509 Certificates; 8.2 SERVER CERTIFICATES; 8.2.1 Wildcard Certificates; 8.2.2 International Step-Up and SGC Certificates; 8.2.3 Extended Validation Certificates; 8.3 CLIENT CERTIFICATES; 8.4 FINAL REMARKS; References; Chapter 9 Conclusions and Outlook; 9.1 DEPLOYMENT; 9.2 RESEARCH CHALLENGES; 9.2.1 Performance Optimization; 9.2.2 Protection Against MITM Attacks

9.2.3 Trust Management9.3 FUTURE DEVELOPMENTS; References; Appendix Standardized TLS Cipher Suites; Abbreviations and Acronyms; About the Author; Index

Notes:

Description based upon print version of record.

Print version record.

Includes bibliographical references and index.

ISBN:

1-59693-448-4

OCLC:

796382943