Protocols for Secure Electronic Commerce, Third Edition presents a compendium of protocols for securing electronic commerce, or e-commerce, in consumer- and business-to-business applications. Attending to a variety of electronic payment systems currently in use around the globe, this edition: Updates all chapters to reflect the latest technical advances and developments in areas such as mobile commerce Adds a new chapter on Bitcoin and other cryptocurrencies that did not exist at the time of the previous edition's publication Increases the coverage of PayPal in accordance with PayPal’s amplified role for consumers and businesses Expands the discussion of bank cards, dedicating a full chapter to magnetic stripe cards and a full chapter to chip-and-PIN technology Protocols for Secure Electronic Commerce, Third Edition offers a state-of-the-art overview of best practices for the security of e-commerce, complete with end-of-chapter review questions and an extensive bibliography of specialized references. A Solutions Manual and PowerPoint slides are available with qualifying course adoption.

Protocols for Secure Electronic Commerce, Third Edition presents a compendium of protocols for securing electronic commerce, or e-commerce, in consumer- and business-to-business applications. Attending to a variety of electronic payment systems currently in use around the globe, this edition: Updates all chapters to reflect the latest technical advances and developments in areas such as mobile commerce Adds a new chapter on Bitcoin and other cryptocurrencies that did not exist at the time of the previous edition's publication Increases the coverage of PayPal in accordance with PayPal’s amplified role for consumers and businesses Expands the discussion of bank cards, dedicating a full chapter to magnetic stripe cards and a full chapter to chip-and-PIN technology Protocols for Secure Electronic Commerce, Third Edition offers a state-of-the-art overview of best practices for the security of e-commerce, complete with end-of-chapter review questions and an extensive bibliography of specialized references. A Solutions Manual and PowerPoint slides are available with qualifying course adoption.

The continued growth of e-commerce mandates the emergence of new technical standards and methods that will securely integrate online activities with pre-existing infrastructures, laws and processes. Protocols for Secure Electronic Commerce, Second Edition addresses the security portion of this challenge. It is a full compendium of the protocols for securing online commerce and payments, serving as an invaluable resource for students and professionals in the fields of computer science and engineering, IT security, and financial and banking technology. The initial sections provide a broad overview of electronic commerce, money, payment systems, and business-to-business commerce, followed by an examination of well-known protocols (SSL, TLS, WTLS, and SET). The book also explores encryption algorithms and methods, EDI, micropayment, and multiple aspects of digital money. Like its predecessor, this edition is a general analysis that provides many references to more technical resources. It delivers extensive revisions of previous chapters, along with new chapters on electronic commerce in society, new e-commerce systems, and the security of integrated circuit cards.

The headline-grabbing financial scandals of recent years have led to a great urgency regarding organizational governance and security. Information technology is the engine that runs modern organizations, and as such, it must be well-managed and controlled. Organizations and individuals are dependent on network environment technologies, increasing the importance of security and privacy. The field has answered this sense of urgency with advances that have improved the ability to both control the technology and audit the information that is the lifeblood of modern business. Reflects the Latest Technological Advances Updated and revised, this third edition of Information Technology Control and Audit continues to present a comprehensive overview for IT professionals and auditors. Aligned to the CobiT control objectives, it provides a fundamental understanding of IT governance, controls, auditing applications, systems development, and operations. Demonstrating why controls and audits are critical, and defining advances in technology designed to support them, this volume meets the increasing need for audit and control professionals to understand information technology and the controls required to manage this key resource. A Powerful Primer for the CISA and CGEIT Exams Supporting and analyzing the CobiT model, this text prepares IT professionals for the CISA and CGEIT exams. With summary sections, exercises, review questions, and references for further readings, it promotes the mastery of the concepts and practical implementation of controls needed to effectively manage information technology resources. New in the Third Edition: Reorganized and expanded to align to the CobiT objectives Supports study for both the CISA and CGEIT exams Includes chapters on IT financial and sourcing management Adds a section on Delivery and Support control objectives Includes additional content on audit and control of outsourcing, change management, risk management, and compliance

Now in its Third Edition, this completely revised and updated reference provides a thorough and comprehensive introduction into the SSL, TLS, and DTLS protocols, explaining all the details and technical subtleties and showing how the current design helps mitigate the attacks that have made press headlines in the past. The book tells the complete story of TLS, from its earliest incarnation (SSL 1.0 in 1994), all the way up to and including TLS 1.3. Detailed descriptions of each protocol version give you a full understanding of why the protocol looked like it did, and why it now looks like it does. You will get a clear, detailed introduction to TLS 1.3 and understand the broader context of how TLS works with firewall and network middleboxes, as well the key topic of public infrastructures and their role in securing TLS. You will also find similar details on DTLS, a close sibling of TLS that is designed to operate over UDP instead of TCP. The book helps you fully understand the rationale behind the design of the SSL, TLS, and DTLS protocols and all of its extensions. It also gives you an in-depth and accessible breakdown of the many vulnerabilities in earlier versions of TLS, thereby more fully equipping you to properly configure and use the protocols in the field and protect against specific (network-based) attacks. With its thorough discussion of widely deployed network security technology, coupled with its practical applications you can utilize today, this is a must-have book for network security practitioners and software/web application developers at all levels.

Your expert guide to information security As businesses and consumers become more dependent on complexmultinational information systems, the need to understand anddevise sound information security systems has never been greater.This title takes a practical approach to information security byfocusing on real-world examples. While not sidestepping the theory,the emphasis is on developing the skills and knowledge thatsecurity and information technology students and professionals needto face their challenges. The book is organized around four majorthemes: * Cryptography: classic cryptosystems, symmetric key cryptography,public key cryptography, hash functions, random numbers,information hiding, and cryptanalysis * Access control: authentication and authorization, password-basedsecurity, ACLs and capabilities, multilevel and multilateralsecurity, covert channels and inference control, BLP and Biba'smodels, firewalls, and intrusion detection systems * Protocols: simple authentication protocols, session keys, perfectforward secrecy, timestamps, SSL, IPSec, Kerberos, and GSM * Software: flaws and malware, buffer overflows, viruses and worms,software reverse engineering, digital rights management, securesoftware development, and operating systems security Additional features include numerous figures and tables toillustrate and clarify complex topics, as well as problems-rangingfrom basic to challenging-to help readers apply their newlydeveloped skills. A solutions manual and a set of classroom-testedPowerPoint(r) slides will assist instructors in their coursedevelopment. Students and professors in information technology,computer science, and engineering, and professionals working in thefield will find this reference most useful to solve theirinformation security issues. An Instructor's Manual presenting detailed solutions to all theproblems in the book is available from the Wiley editorialdepartment. An Instructor Support FTP site is also available.

As the computer industry moves into the 21st century, the long-running Advances in Computers is ready to tackle the challenges of the new century with insightful articles on new technology, just as it has since 1960 in chronicling the advances in computer technology from the last century. As the longest-running continuing series on computers, Advances in Computers presents those technologies that will affect the industry in the years to come. In this volume, the 53rd in the series, we present 8 relevant topics. The first three represent a common theme on distributed computing systems -using more than one processor to allow for parallel execution, and hence completion of a complex computing task in a minimal amount of time. The other 5 chapters describe other relevant advances from the late 1990s with an emphasis on software development, topics of vital importance to developers today- process improvement, measurement and legal liabilities. - Longest running series on computers - Contains eight insightful chapters on new technology - Gives comprehensive treatment of distributed systems - Shows how to evaluate measurements - Details how to evaluate software process improvement models - Examines how to expand e-commerce on the Web - Discusses legal liabilities in developing software—a must-read for developers