Название: Bulletproof TLS and PKI: Understanding and Deploying SSL/TLS and PKI to Secure Servers and Web Applications, 2nd Edition
Автор: Ivan Ristić
Издательство: Feisty Duck
Год: 31 May 2024 (build 1121)
Страниц: 504
Язык: английский
Формат: pdf (true)
Размер: 10.1 MB

You are about to undertake a journey into the mysterious world of cryptography. Bulletproof TLS and PKI is a complete guide to using TLS encryption and PKI to deploy secure servers and web applications. Written by Ivan Ristic, author of the popular SSL Labs web site, this book will teach you everything you need to know to protect your systems from eavesdropping and impersonation attacks.

TLS is a cryptographic protocol designed to provide secure communication over insecure infrastructure. What this means is that if TLS is properly deployed, you can open a communication channel to an arbitrary service on the Internet, be reasonably sure that you’re talking to the correct server, and exchange information safe in knowing that your data won’t fall into someone else’s hands and that it will be received intact. These protocols protect the communication link or transport layer, which is where the name TLS comes from.

Cryptography is the science and art of secure communication. Although we associate encryption with the modern age, we’ve actually been using cryptography for thousands of years. Cryptography as we know it today was largely born in the 20th century for military use. Now it’s part of our everyday lives. When cryptography is correctly deployed, it addresses the three core requirements of security: keeping secrets (confidentiality), verifying identities (authenticity), and ensuring safe transport (integrity). In the rest of this chapter, I will discuss the basic building blocks of cryptography, with the goal of showing where additional security comes from. I will also discuss how cryptography is commonly attacked. Cryptography is a very diverse field and has a strong basis in mathematics, but I will keep my overview at a high level, with the aim of giving you a foundation that will enable you to follow the discussion in the rest of the text. Elsewhere in the book, where the topic demands, I will discuss some parts of cryptography in more detail.

In this book, you'll find just the right mix of theory, protocol detail, vulnerability and weakness information, and deployment advice to get your job done

Comprehensive coverage of the ever-changing field of SSL/TLS and Internet PKI, with updates to the digital version
For IT professionals, help to understand security risks
For system administrators, help to deploy systems securely
For developers, help to secure web applications
Practical and concise, with added depth as needed
Introduction to cryptography and the Internet threat model
Coverage of TLS 1.3 as well as earlier protocol versions
Discussion of weaknesses at every level, covering implementation issues, HTTP and browser problems, and protocol vulnerabilities
Coverage of the latest attacks, such as BEAST, CRIME, BREACH, Lucky 13, RC4 biases, Triple Handshake Attack, and Heartbleed
Thorough deployment advice, including advanced technologies, such as Strict Transport Security, Content Security Policy, and pinning
Guide to using OpenSSL to generate keys and certificates and to create and run a private certification authority
Guide to using OpenSSL to test servers for vulnerabilities




ОТСУТСТВУЕТ ССЫЛКА/ НЕ РАБОЧАЯ ССЫЛКА ЕСТЬ РЕШЕНИЕ, ПИШИМ СЮДА!