Book description
PKI (public-key infrastructure) enables the secure exchange of data over otherwise unsecured media, such as the Internet. PKI is the underlying cryptographic security mechanism for digital certificates and certificate directories, which are used to authenticate a message sender. Because PKI is the standard for authenticating commercial electronic transactions, Understanding PKI, Second Edition, provides network and security architects with the tools they need to grasp each phase of the key/certificate life cycle, including generation, publication, deployment, and recovery.
Table of contents
- Copyright
- Foreword
- Preface
- About the Authors
-
I. Concepts
- 1. Introduction
- 2. Public-Key Cryptography
- 3. The Concept of an Infrastructure
- 4. Core PKI Services: Authentication, Integrity, and Confidentiality
- 5. PKI-Enabled Services
- 6. Certificates and Certification
- 7. Key and Certificate Management
-
8. Certificate Revocation
-
Periodic Publication Mechanisms
- Certificate Revocation Lists (CRLs)
- Complete CRLs
- Certification Authority Revocation Lists (CARLs)
- End-entity Public-key Certificate Revocation Lists (EPRLs)
- CRL Distribution Points
- Redirect CRLs
- Delta and Indirect Delta CRLs
- Indirect CRLs
- Certificate Revocation Trees (CRTs)
- On-line Query Mechanisms
- Online Certificate Status Protocol (OCSP)
- Simple Certificate Validation Protocol (SCVP)
- Other Revocation Options
- Performance, Scalability, and Timeliness
- Summary
-
Periodic Publication Mechanisms
- 9. Trust Models
- 10. Multiple Certificates per Entity
- 11. PKI Information Dissemination: Repositories and Other Techniques
- 12. PKI Operational Considerations
- 13. Electronic Signature Legislation and Considerations
- 14. PKI in Practice
- 15. The Future of PKI
- 16. Conclusions and Further Reading
- II. Standards
-
III. Deployment Considerations
- 22. Introduction
- 23. Benefits and Costs of a PKI
-
24. Deployment Issues and Decisions
- Trust Models: Hierarchical versus Distributed
- In-sourcing versus Out-sourcing
- Build versus Buy
- Closed versus Open Environment
- X.509 versus Alternative Certificate Formats
- Targeted Applications versus Comprehensive Solution
- Standard versus Proprietary Solutions
- Interoperability Considerations
- On-line versus Off-line Operations
- Peripheral Support
- Facility Requirements
- Personnel Requirements
- Certificate Revocation
- End-Entity Roaming
- Key Recovery
- Repository Issues
- Disaster Planning and Recovery
- Security Assurance
- Mitigating Risk
- Summary
- 25. Barriers to Deployment
- 26. Typical Business Models
- 27. Conclusions and Further Reading
- References
Product information
- Title: Understanding PKI: Concepts, Standards, and Deployment Considerations, Second Edition
- Author(s):
- Release date: November 2002
- Publisher(s): Addison-Wesley Professional
- ISBN: 9780672323911
You might also like
video
CISSP, 3rd Edition
27+ Hours of Video Instruction Overview: CISSP Complete Video Course, 3rd Edition, is your full study …
video
The Complete Cybersecurity Bootcamp, 2nd Edition
26 Hours of Video Instruction 26 Hours of Detailed, Curated Video Training to Take You from …
book
Operating System Concepts, 8th Edition
Keep pace with the fast-developing world of operating systems Open-source operating systems, virtual machines, and clustered …
book
AWS Certified Solutions Architect Associate All-in-One Exam Guide, Second Edition (Exam SAA-C02), 2nd Edition
This up-to-date study guide offers 100% coverage of every objective for the current version of the …