SSL and TLS: Theory and Practice, Second Edition

Front Cover
Artech House, Mar 31, 2016 - Computers - 304 pages
0 Reviews

 This completely revised and expanded second edition of SSL and TLS: Theory and Practice provides an overview and a comprehensive discussion of the Secure Sockets Layer (SSL), Transport Layer Security (TLS), and Datagram TLS (DTLS) protocols that are omnipresent in today's e-commerce and e-business applications and respective security solutions. It provides complete details on the theory and practice of the protocols, offering readers a solid understanding of their design principles and modes of operation. Updates to this edition include coverage of the recent attacks against the protocols, newly specified extensions and firewall traversal, as well as recent developments related to public key certificates and respective infrastructures. This book targets software developers, security professionals, consultants, protocol designers, and chief security officers who will gain insight and perspective on the many details of the SSL, TLS, and DTLS protocols, such as cipher suites, certificate management, and alert messages. The book also comprehensively discusses the advantages and disadvantages of the protocols compared to other Internet security protocols and provides the details necessary to correctly implement the protocols while saving time on the security practitioner's side.

 

What people are saying - Write a review

We haven't found any reviews in the usual places.

Contents

Chapter 1 Introduction
1
Chapter 2 SSL Protocol
21
Chapter 3 TLS Protocol
91
Chapter 4 DTLS Protocol
177
Chapter 5 Firewall Traversal
191
Chapter 6 Public Key Certificates and Internet Public Key Infrastructure PKI
201
Chapter 7 Concluding Remarks
233
Appendix A Registered TLS Cipher Suites
237
Appendix B Padding Oracle Attacks
245
Appendix C Abbreviations and Acronyms
263
About the Author
271
Index
273
Copyright

Other editions - View all

Common terms and phrases

About the author (2016)

 Rolf Oppliger leads eSECURITY Technologies, works for the Swiss federal administration, serves as an adjunct professor of computer science at the University of Z¸rich, Switzerland, and is the Information Security and Privacy editor at Artech House. He earned his Ph.D. in computer science from the University of Berne, Switzerland.

Bibliographic information