Synopses & Reviews
A top-level security guru for both eBay and PayPal and a best-selling information systems security author show how to design and develop secure Web commerce systems.
Whether it's online banking or ordering merchandise using your cell phone, the world of online commerce requires a high degree of security to protect you during transactions. This book not only explores all critical security issues associated with both e-commerce and mobile commerce (m-commerce), it is also a technical manual for how to create a secure system. Covering all the technical bases, this book provides the detail that developers, system architects, and system integrators need to design and implement secure, user-friendly, online commerce systems.
- Co-authored by Hadi Nahari, one of the world’s most renowned experts in Web commerce security; he is currently the Principal Security, Mobile and DevicesArchitect at eBay, focusing on the architecture and implementation of eBay and PayPal mobile
- Co-authored by Dr. Ronald Krutz; information system security lecturer and co-author of the best-selling Wiley CISSP Prep Guide Series
- Shows how to architect and implement user-friendly security for e-commerce and especially, mobile commerce
- Covers the fundamentals of designing infrastructures with high availability, large transactional capacity, and scalability
- Includes topics such as understanding payment technologies and how to identify weak security, and how to augment it.
Get the essential information you need on Web commerce security—as well as actual design techniques—in this expert guide.
Real and reasonable solutions to mobile and e-commerce security
Every system designer knows that securing the electronic commerce ecosystem is a nightmare. Each of us puts vital business and personal information at risk every time we use a computer network to make a bank transaction, pay a bill, buy something, or communicate online.
In this book, security experts Hadi Nahari and Ron Krutz provide real security solutions. They show how to analyze and understand both holistic and atomic perspectives, define risk-driven security, explain protection mechanisms and how best to deploy them, and offer ways to implement security that is both effective and user-friendly.
You will learn
How to design strong e-commerce and m-commerce security that users will actually use
Techniques for implementing an adaptive, risk-driven, and scalable security infrastructure
Fundamentals of architecting e- and m-commerce security infrastructure with high availability and large transactional capacity
Important "ilities" your solutions must have
How to identify weak security in a large-scale, transactional system and how to augment it
Specific vulnerabilities and threats and how toassess, detect, and prevent them
About the Author
is a principal security architect at eBay and PayPal. His experience includes large scale, high-end enterprise solutions as well as embedded systems with primary focus on security, cryptography, complex systems design, and vulnerability assessment and threat analysis. He is a popular speaker on security issues.
Ronald L. Krutz, PhD, has worked with computer architecture, real-time systems, and information security for more than 40 years. He is the author or coauthor of more than a dozen books.
Visit our Web site at www.wiley.com/go/webcommercesecurity
Table of Contents
Foreword (John Donahoe
Foreword (Scott Thompson).
Part I Overview of Commerce.
Chapter 1 Internet Era: E-Commerce.
Chapter 2 Mobile Commerce.
Chapter 3 Important "Ilities" in Web Commerce Security.
Part II E-Commerce Security.
Chapter 4 E-Commerce Basics.
Chapter 5 Building Blocks: Your Tools.
Chapter 6 System Components: What You Should Implement.
Chapter 7 Trust but Verify: Checking Security.
Chapter 8 Threats and Attacks: What Your Adversaries Do.
Chapter 9 Certification: Your Assurance.
Appendix A Computing Fundamentals.
Appendix B Standardization and Regulatory Bodies.
Appendix C Glossary of Terms.
Appendix D Bibliography.