This pioneering guide to Internet and intranet security is the first to cover all of the relevant technologies in one comprehensive reference, and enhances the ability to create and deploy secure architectures. It gives users the knowledge needed for improved productivity, whether setting up commerce on line, assembling a firewall, or selecting access controls and cryptographic protocols to secure TCP/IP-based networks.

IPSec, Second Edition is the most authoritative, comprehensive, accessible, and up-to-date guide to IPSec technology. Two leading authorities cover all facets of IPSec architecture, implementation, and deployment; review important technical advances since IPSec was first standardized; and present new case studies demonstrating end-to-end IPSec security. New coverage also includes in-depth guidance on policies, updates on IPSec enhancements for large-scale enterprise environments, and much more.

This completely revised and expanded second edition of SSL and TLS: Theory and Practice provides an overview and a comprehensive discussion of the Secure Sockets Layer (SSL), Transport Layer Security (TLS), and Datagram TLS (DTLS) protocols that are omnipresent in today's e-commerce and e-business applications and respective security solutions. It provides complete details on the theory and practice of the protocols, offering readers a solid understanding of their design principles and modes of operation. Updates to this edition include coverage of the recent attacks against the protocols, newly specified extensions and firewall traversal, as well as recent developments related to public key certificates and respective infrastructures. This book targets software developers, security professionals, consultants, protocol designers, and chief security officers who will gain insight and perspective on the many details of the SSL, TLS, and DTLS protocols, such as cipher suites, certificate management, and alert messages. The book also comprehensively discusses the advantages and disadvantages of the protocols compared to other Internet security protocols and provides the details necessary to correctly implement the protocols while saving time on the security practitioner's side.

Network and System Security provides focused coverage of network and system security technologies. It explores practical solutions to a wide range of network and systems security issues. Chapters are authored by leading experts in the field and address the immediate and long-term challenges in the authors’ respective areas of expertise. Coverage includes building a secure organization, cryptography, system intrusion, UNIX and Linux security, Internet security, intranet security, LAN security; wireless network security, cellular network security, RFID security, and more. Chapters contributed by leaders in the field covering foundational and practical aspects of system and network security, providing a new level of technical expertise not found elsewhere Comprehensive and updated coverage of the subject area allows the reader to put current technologies to work Presents methods of analysis and problem solving techniques, enhancing the reader’s grasp of the material and ability to implement practical solutions

In the last 12 years we have observed amazing growth of electronic communication. From typical local networks through countrywide systems and business-based distributed processing, we have witnessed widespread implementation of computer-controlled transmissions encompassing almost every aspect of our business and private lives.Internet and Intranet Security, Management, Risks and Solutions addresses issues of information security from the managerial, global point of view. The global approach allows us to concentrate on issues that could be influenced by activities happening on opposite sides of the globe.

Foreword by Lars Knudsen Practical Intranet Security focuses on the various ways in which an intranet can be violated and gives a thorough review of the technologies that can be used by an organization to secure its intranet. This includes, for example, the new security architecture SESAME, which builds on the Kerberos authentication system, adding to it both public-key technology and a role-based access control service. Other technologies are also included such as a description of how to program with the GSS-API, and modern security technologies such as PGP, S/MIME, SSH, SSL IPSEC and CDSA. The book concludes with a comparison of the technologies. This book is different from other network security books in that its aim is to identify how to secure an organization's intranet. Previously books have concentrated on the Internet, often neglecting issues relating to securing intranets. However the potential risk to business and the ease by which intranets can be violated is often far greater than via the Internet. The aim is that network administrators and managers can get the information that they require to make informed choices on strategy and solutions for securing their own intranets. The book is an invaluable reference for network managers and network administrators whose responsibility it is to ensure the security of an organization's intranet. The book also contains background reading on networking, network security and cryptography which makes it an excellent research reference and undergraduate/postgraduate text book.