Publisher: O'Reilly Media Released: June 2002 Pages: 384
Most applications these days are at least somewhat network aware, but how do you protect those applications against common network security threats? Many developers are turning to OpenSSL, an open source version of SSL/TLS, which is the most widely used protocol for secure network communications. The OpenSSL library is seeing widespread adoption for web sites that require cryptographic functions to protect a broad range of sensitive information, such as credit card numbers and other financial transactions. The library is the only free, full-featured SSL implementation for C and C++, and it can be used programmatically or from the command line to secure most TCP-based network protocols.
Network Security with OpenSSL enables developers to use this protocol much more effectively. Traditionally, getting something simple done in OpenSSL could easily take weeks. This concise book gives you the guidance you need to avoid pitfalls, while allowing you to take advantage of the library?s advanced features. And, instead of bogging you down in the technical details of how SSL works under the hood, this book provides only the information that is necessary to use OpenSSL safely and effectively. In step-by-step fashion, the book details the challenges in securing network communications, and shows you how to use OpenSSL tools to best meet those challenges. As a system or network administrator, you will benefit from the thorough treatment of the OpenSSL command-line interface, as well as from step-by-step directions for obtaining certificates and setting up your own certification authority. As a developer, you will further benefit from the in-depth discussions and examples of how to use OpenSSL in your own programs. Although OpenSSL is written in C, information on how to use OpenSSL with Perl, Python and PHP is also included. OpenSSL may well answer your need to protect sensitive data. If that?s the case, Network Security with OpenSSL is the only guide available on the subject. |
-
Chapter 1 Introduction -
Cryptography for the Rest of Us -
Overview of SSL -
Problems with SSL -
What SSL Doesn't Do Well -
OpenSSL Basics -
Securing Third-Party Software -
Chapter 2 Command-Line Interface -
The Basics -
Message Digest Algorithms -
Symmetric Ciphers -
Public Key Cryptography -
S/MIME -
Passwords and Passphrases -
Seeding the Pseudorandom Number Generator -
Chapter 3 Public Key Infrastructure (PKI) -
Certificates -
Obtaining a Certificate -
Setting Up a Certification Authority -
Chapter 4 Support Infrastructure -
Multithread Support -
Internal Error Handling -
Abstract Input/Output -
Random Number Generation -
Arbitrary Precision Math -
Using Engines -
Chapter 5 SSL/TLS Programming -
Programming with SSL -
Advanced Programming with SSL -
Chapter 6 Symmetric Cryptography -
Concepts in Symmetric Cryptography -
Encrypting with the EVP API -
General Recommendations -
Chapter 7 Hashes and MACs -
Overview of Hashes and MACs -
Hashing with the EVP API -
Using MACs -
Secure HTTP Cookies -
Chapter 8 Public Key Algorithms -
When to Use Public Key Cryptography -
Diffie-Hellman -
Digital Signature Algorithm (DSA) -
RSA -
The EVP Public Key Interface -
Encoding and Decoding Objects -
Chapter 9 OpenSSL in Other Languages -
Net::SSLeay for Perl -
M2Crypto for Python -
OpenSSL Support in PHP -
Chapter 10 Advanced Programming Topics -
Object Stacks -
Configuration Files -
X.509 -
PKCS#7 and S/MIME -
PKCS#12 -
Appendix A Command-Line Reference -
Colophon |
- Title:
- Network Security with OpenSSL
- By:
- John Viega, Matt Messier, Pravir Chandra
- Publisher:
- O'Reilly Media
- Formats:
-
- Print
- Ebook
- Safari Books Online
- Print:
- June 2002
- Ebook:
- February 2009
- Pages:
- 384
- Print ISBN:
- 978-0-596-00270-1
- | ISBN 10:
- 0-596-00270-X
- Ebook ISBN:
- 978-0-596-10345-3
- | ISBN 10:
- 0-596-10345-X
|
-
John Viega John Viega, Founder and Chief Scientist of Secure Software (www.securesoftware.com), is a well-known security expert, and coauthor of Building Secure Software (Addison-Wesley) and Network Security with OpenSSL (O'Reilly). John is responsible for numerous software security tools, and is the original author of Mailman, the GNU mailing list manager. He holds a B.A. and M.S. in Computer Science from the University of Virginia. Mr. Viega is also an Adjunct Professor of Computer Science at Virginia Tech (Blacksburg, VA) and a Senior Policy Researcher at the Cyberspace Policy Institute, and he serves on the Technical Advisory Board for the Open Web Applications Security Project. He also founded a Washington, D.C. area security interest group that conducts monthly lectures presented by leading experts in the field. He is the author or coauthor of nearly 80 technical publications, including numerous refereed research papers and trade articles. View John Viega's full profile page. -
Matt Messier Matt Messier, Director of Engineering at Secure Software, is a security authority who has been programming for nearly two decades. Besides coauthoring Network Security with OpenSSL, Matt coauthored the Safe C String Library, RATS, and EGADS, an Entropy Gathering and Distribution System used for securely seeding pseudo-random number generators. Prior to joining Secure Software, Matt worked for IBM and Lotus, on source and assembly level debugging techniques, and operating system concepts. View Matt Messier's full profile page. -
Pravir Chandra Pravir Chandra, Research Scientist at Secure Software Solutions, is an expert in language-level security. Most recently, he co-authored the DARPA-funded "catscan" tool for static security analysis of C source code. Pravir holds a B.S. in Computer Science from Case Western Reserve University, and wants you to know that Cleveland rocks! View Pravir Chandra's full profile page. |
Colophon Our look is the result of reader comments, our own experimentation, and feedback from distribution channels. Distinctive covers complement our distinctive approach to technical topics, breathing personality and life into potentially dry subjects. The animals on the cover of Network Security with OpenSSL are seals and sea lions. Seals and sea lions are related; both are marine mammals belonging to the order Pinnipedia. Sea lions, alongwith fur seals, are members of the eared seal family. Eared seals, as their name implies, have external ears on either side of the head. These ears are covered by small flaps. All other seals, or true seals, lack external ears, having only small, wrinkled openings where their ears would otherwise be. Another principle difference between eared seals and true seals is the functionality of their rear flippers. Eared seals can turn their rear flippers forward to move about on land. True seals cannot, and can move on land only by rolling, sliding, or wriggling from place to place. Despite the awkwardness of both seals and sea lions on land, both swim very gracefully using undulating motions of their front flippers. Fish and squid are the main staples of the seal and sea lion diet. These mammals can dive to great depths-- up to 2,000 feet in some species-- in search of food. Seals and sea lions have long been hunted for their blubber and their fur. There are eighteen living species of seal and four major species of sea lion in existence. Some species are endangered or threatened. All are currently protected. Colleen Gorman was the production editor and the copyeditor for Network Security with OpenSSL. Matt Hutchinson, Linley Dolby, and Jane Ellin provided quality control. Sue Willing, Sarah Sherman, and Phil Dangler provided production support. John Bickelhaupt wrote the index. Ellie Volckhausen designed the cover of this book, based on a series design by Edie Freedman. The cover image is a 19th-century engraving from the Dover Pictorial Archive. Emma Colby produced the cover layout with QuarkXPress 4.1 using Adobe's ITC Garamond font. David Futato designed the interior layout. This book was converted into FrameMaker 5.5.6 with a format conversion tool created by Erik Ray, Jason McIntosh, Neil Walls, and Mike Sierra that uses Perl and XML technologies. The text font is Linotype Birka; the heading font is Adobe Myriad Condensed; and the code font is LucasFont's TheSans Mono Condensed. The illustrations that appear in the book were produced by Robert Romano and Jessamyn Read using Macromedia FreeHand 9 and Adobe Photoshop 6. The tip and warning icons were drawn by Christopher Bing. This colophon was written by Clairemarie Fisher O'Leary. |
|
Description
|
Table of Contents
|
Product Details
|
About the Author
|
Colophon
|
 |
|
|
|
|
|
Recommended for You
|
Recently Viewed
|
|
|
By Ken Lunde
September 1993
By George Reese
April 2009
Ebook: $23.99
Print & Ebook: $32.99
Print: $29.99
By Mikkel Aaland
July 2007
|
Customer Reviews
1/16/2004 (2 of 2 customers found this review helpful) 4.0Network Security with OpenSSL Review By Terry Horsnell from Undisclosed 9/3/2003 3.0Network Security with OpenSSL Review By Eric Kampman from Undisclosed 4/29/2003 5.0Network Security with OpenSSL Review By Antonio Rodriguez of the Columbia Java Users Group from Undisclosed 3/29/2003 5.0Network Security with OpenSSL Review By Martin Cooper from Undisclosed 10/1/2002 (0 of 1 customers found this review helpful) 5.0Network Security with OpenSSL Review By Kevin J. Schmidt from Undisclosed 9/19/2002 (3 of 4 customers found this review helpful) 1.0Network Security with OpenSSL Review By Peter Grossman from Undisclosed |
|
|
