Book description
PKI (public-key infrastructure) enables the secure exchange of data over otherwise unsecured media, such as the Internet. PKI is the underlying cryptographic security mechanism for digital certificates and certificate directories, which are used to authenticate a message sender. Because PKI is the standard for authenticating commercial electronic transactions, Understanding PKI, Second Edition, provides network and security architects with the tools they need to grasp each phase of the key/certificate life cycle, including generation, publication, deployment, and recovery.
Table of contents
- Copyright
- Foreword
- Preface
- About the Authors
-
I. Concepts
- 1. Introduction
- 2. Public-Key Cryptography
- 3. The Concept of an Infrastructure
- 4. Core PKI Services: Authentication, Integrity, and Confidentiality
- 5. PKI-Enabled Services
- 6. Certificates and Certification
- 7. Key and Certificate Management
-
8. Certificate Revocation
-
Periodic Publication Mechanisms
- Certificate Revocation Lists (CRLs)
- Complete CRLs
- Certification Authority Revocation Lists (CARLs)
- End-entity Public-key Certificate Revocation Lists (EPRLs)
- CRL Distribution Points
- Redirect CRLs
- Delta and Indirect Delta CRLs
- Indirect CRLs
- Certificate Revocation Trees (CRTs)
- On-line Query Mechanisms
- Online Certificate Status Protocol (OCSP)
- Simple Certificate Validation Protocol (SCVP)
- Other Revocation Options
- Performance, Scalability, and Timeliness
- Summary
-
Periodic Publication Mechanisms
- 9. Trust Models
- 10. Multiple Certificates per Entity
- 11. PKI Information Dissemination: Repositories and Other Techniques
- 12. PKI Operational Considerations
- 13. Electronic Signature Legislation and Considerations
- 14. PKI in Practice
- 15. The Future of PKI
- 16. Conclusions and Further Reading
- II. Standards
-
III. Deployment Considerations
- 22. Introduction
- 23. Benefits and Costs of a PKI
-
24. Deployment Issues and Decisions
- Trust Models: Hierarchical versus Distributed
- In-sourcing versus Out-sourcing
- Build versus Buy
- Closed versus Open Environment
- X.509 versus Alternative Certificate Formats
- Targeted Applications versus Comprehensive Solution
- Standard versus Proprietary Solutions
- Interoperability Considerations
- On-line versus Off-line Operations
- Peripheral Support
- Facility Requirements
- Personnel Requirements
- Certificate Revocation
- End-Entity Roaming
- Key Recovery
- Repository Issues
- Disaster Planning and Recovery
- Security Assurance
- Mitigating Risk
- Summary
- 25. Barriers to Deployment
- 26. Typical Business Models
- 27. Conclusions and Further Reading
- References
Product information
- Title: Understanding PKI: Concepts, Standards, and Deployment Considerations, Second Edition
- Author(s):
- Release date: November 2002
- Publisher(s): Addison-Wesley Professional
- ISBN: 9780672323911
You might also like
book
ISC2 CISSP Certified Information Systems Security Professional Official Study Guide, 10th Edition
CISSP Study Guide - fully updated for the 2024 CISSP Body of Knowledge ISC2 Certified Information …
audiobook
(ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide 9th Edition
(ISC)2 Certified Information Systems Security Professional (CISSP) Official Study Guide, 9th Edition has been completely updated …
book
Fundamentals of Information Systems Security, 3rd Edition
Revised and updated with the latest data in the field, Fundamentals of Information Systems Security, Third …
video
CISSP, 3rd Edition
27+ Hours of Video Instruction Overview: CISSP Complete Video Course, 3rd Edition, is your full study …