Security without Obscurity

Regular price €127.99
Quantity:
In stock with our UK publisher. 14-28 days
Delivery/Collection within 10-20 working days
14 days return policy Shipping & Delivery
A01=J.J. Stapleton
Age Group_Uncategorized
Age Group_Uncategorized
Asymmetric Key Pair
Asymmetric Keys
Asymmetric Private Keys
authentication
authentication mechanisms
Author_J.J. Stapleton
automatic-update
Biometric Template
Category1=Non-Fiction
Category=UR
Category=UTF
Cleartext Message
code
codes
confidentiality
COP=United Kingdom
Covered Entity
Cps
cryptographic
Cryptographic Key
Cryptographic Module
cryptographic protocols
cryptography
Delivery_Delivery within 10-20 working days
digital identity management
ECDSA
enterprise cryptography implementation
Entity Authentication
eq_bestseller
eq_computing
eq_isMigrated=2
eq_nobargain
eq_non-fiction
EU Privacy Directive
hashed
HMAC
HSM
information security management
ISO security standards
key
Key Management Life Cycle
Language_English
Mac
message
NIST Standard
non-repudiation
Non-repudiation Service
PA=Available
party
Pci DSS
Price_€100 and above
privacy
private
Private Key
PS=Active
Public Key
regulatory compliance frameworks
relying
Risk Level
Root CA
secure application design
softlaunch
Symmetric Key
TST

Product details

  • ISBN 9781466592148
  • Weight: 660g
  • Dimensions: 156 x 234mm
  • Publication Date: 02 May 2014
  • Publisher: Taylor & Francis Ltd
  • Publication City/Country: GB
  • Product Form: Hardback
  • Language: English
Secure checkout Fast Shipping Easy returns

The traditional view of information security includes the three cornerstones: confidentiality, integrity, and availability; however the author asserts authentication is the third keystone. As the field continues to grow in complexity, novices and professionals need a reliable reference that clearly outlines the essentials. Security without Obscurity: A Guide to Confidentiality, Authentication, and Integrity fills this need.

Rather than focusing on compliance or policies and procedures, this book takes a top-down approach. It shares the author’s knowledge, insights, and observations about information security based on his experience developing dozens of ISO Technical Committee 68 and ANSI accredited X9 standards. Starting with the fundamentals, it provides an understanding of how to approach information security from the bedrock principles of confidentiality, integrity, and authentication.

The text delves beyond the typical cryptographic abstracts of encryption and digital signatures as the fundamental security controls to explain how to implement them into applications, policies, and procedures to meet business and compliance requirements. Providing you with a foundation in cryptography, it keeps things simple regarding symmetric versus asymmetric cryptography, and only refers to algorithms in general, without going too deeply into complex mathematics.

Presenting comprehensive and in-depth coverage of confidentiality, integrity, authentication, non-repudiation, privacy, and key management, this book supplies authoritative insight into the commonalities and differences of various users, providers, and regulators in the U.S. and abroad.

Jeff J. Stapleton has over 30 years experience developing and assessing payment systems and security techniques, including cryptography and biometrics. His career includes the major card brands (MasterCard, Visa, American Express, and Discover) for payment systems and security assessments; big-four accounting firm experience performing security assessments of applications, systems, and products; working with large and medium-sized financial institutions providing risk assessments and security compliance audits; and developing policies, practices, and procedures for security systems. Jeff has participated in developing ISO and X9 security standards for over 25 years within the financial services industry. For the first five years, he participated on several X9 workgroups and has been an industry liaison and U.S. expert several times for various ISO workgroups. In addition, he has been chair of the X9F4 Cryptographic Protocols and Application Security Workgroup for 15 years. His experience includes participation on several X9 and ISO workgroups and development of over three dozen ISO and X9 standards. Some of the standards have multiple parts, which add to the overall count. Jeff has published articles in various information security journals, IEEE papers, PKI Forum notes, and is a contributing author to several books on biometrics and cryptography. He is also a patent holder for cryptographic solutions. Jeff has also authored various white papers for customers on debit card payments, key management, data loss prevention (DLP) solutions, and format-preserving encryption (FPE). He is a CISSP® and former Certified TG-3 Assessor (CTGA®) and PCI Qualified Security Assessor (QSA®). The CTGA and QSA are only viable for security consultants in active practice. He has also been a frequent public speaker at information security conferences, seminars, and webinars.

More from this author