Enhanced descriptions from Syndetics:

A plain-language tutorial on the most important security technology for Internet applications
With major efforts underway to standardize a successful public key infrastructure (PKI) system, there is a growing need among network and security managers for authoritative information on PKI technology. This book offers a plain-language tutorial for people with limited technical background but with acute business need to understand how PKI works. Written by a widely recognized expert in the field, Public Key Infrastructure Essentials explains how a successful PKI system can provide both security and privacy for Web-based applications through assigning encrypted keys to individuals or documents. Readers will find extensive business case studies and learn how to qualify vendors, write a Certification Practice Statement (CPS), build directories, and implement mechanisms for issuing, accepting, and revoking digital certificates.

Table of contents provided by Syndetics

• Introduction (p. xv)
• Part 1 Security Basics (p. 1)
• Chapter 1 PKI Explained (p. 3)
• What's a PKI? (p. 6)
• Authentication Basics, Alternatives (p. 8)
• Chapter 2 What's in a PKI? (p. 13)
• Basic Crypto (p. 13)
• Digital Signatures (p. 17)
• Digital Certificates (p. 18)
• Chapter 3 Securing the Environment for PKI (p. 23)
• The Fifty-Thousand-Foot View (p. 23)
• The Thousand-Foot View: Beginning with a Good Security Policy (p. 25)
• Addressing Physical Security (p. 28)
• Planning Ahead for Problems (p. 31)
• Using Standards to Help Select Operating Systems and Security Software (p. 34)
• Summary (p. 36)
• Part 2 PKI Technologies (p. 37)
• Chapter 4 Key Management (p. 39)
• Key Management Axioms (p. 39)
• Key Life Cycle (p. 43)
• Cryptographic Strengths (p. 46)
• Chapter 5 Certificate and Validation Authorities (p. 49)
• Functional Roles (p. 50)
• Related Roles (p. 52)
• Cross-Certification (p. 53)
• Validation Authorities (p. 55)
• The Validation Authority (p. 58)
• Chapter 6 Directories (p. 63)
• What Are Directories? (p. 64)
• Directories in the Enterprise (p. 64)
• Database or Directory? (p. 65)
• Role of Directories in PKI (p. 66)
• Directory Access Protocols (p. 67)
• Schema Considerations (p. 68)
• Directory Services Offerings (p. 70)
• Considerations when Choosing a Directory (p. 72)
• Security Issues (p. 74)
• Summary (p. 75)
• Chapter 7 Time Stamps (p. 77)
• Mechanical Value (p. 78)
• Human versus Machine-Based Trust Models (p. 80)
• What Is Trusted Time, and Why Is It Needed for Time Stamps? (p. 81)
• Traditional Time-Sourcing Methods-Why They Cannot Be Trusted (p. 81)
• Evidentiary Grade Time-Time Sourcing for Trusted Time Stamps (p. 82)
• Operating Policy Advantages of a Trusted Time Base (p. 83)
• Portability in Trust Models (p. 84)
• Summary (p. 85)
• Chapter 8 Hardware Mechanisms (p. 87)
• Secure Private Key Management (p. 87)
• Public Key Performance Improvement (p. 93)
• Interface Standards (p. 95)
• Products (p. 95)
• Hardware Technology to Watch (p. 97)
• Part 3 PKI and Business Issues (p. 99)
• Chapter 9 Getting Certificates (p. 101)
• Introduction (p. 101)
• Procedure (p. 102)
• Chapter 10 Acquiring a PKI (p. 119)
• Qualifying Vendors (p. 119)
• Cost of Ownership (p. 126)
• Chapter 11 Certificate Policy and Certification Practices Statement (p. 129)
• Concepts (p. 131)
• Contents of CP or CPS (p. 136)
• Major Consideration (p. 140)
• Future (p. 140)
• Chapter 12 Auditing a PKI (p. 141)
• About Audits (p. 141)
• Chapter 13 Enabling Legacy Applications (p. 145)
• PKI Solutions for Legacy Applications (p. 145)
• What Needs to Be Done? (p. 146)
• Open PKI Standards (p. 157)
• Key Points (p. 157)
• Part 4 Case Studies (p. 159)
• Chapter 14 Bank of Bermuda (p. 161)
• Background (p. 161)
• Business Requirements (p. 162)
• Business Impact (p. 163)
• Moving Forward (p. 164)
• Measuring Results (p. 164)
• Implementing the PKI (p. 165)
• Achieving Expectations (p. 168)
• Key Points (p. 169)
• Findings (p. 170)
• Chapter 15 Perot Systems (p. 171)
• Background (p. 171)
• Business Requirements (p. 172)
• Business Impact (p. 172)
• Moving Forward (p. 173)
• Measuring Results (p. 173)
• Implementing the PKI (p. 174)
• Achieving Expectations (p. 176)
• Key Points (p. 176)
• Findings (p. 176)
• Chapter 16 Idaho National Engineering and Environmental Laboratory (INEEL) (p. 177)
• Background (p. 177)
• Business Requirements (p. 178)
• Business Impact (p. 179)
• Moving Forward (p. 180)
• Measuring Results (p. 181)
• Implementing the PKI (p. 182)
• Issues and Other Specifics (p. 184)
• Achieving Expectations (p. 185)
• Key Points (p. 186)
• Findings (p. 187)
• Chapter 17 U.S. Patent and Trademark Office (USPTO) (p. 189)
• Background (p. 189)
• Business Requirements (p. 191)
• Business Impact (p. 192)
• Moving Forward (p. 194)
• Measuring Results (p. 196)
• Implementing the PKI (p. 197)
• Achieving Expectations (p. 200)
• Key Points (p. 202)
• Findings (p. 203)
• Chapter 18 Ruesch (p. 205)
• Background (p. 205)
• Business Requirements (p. 205)
• Business Impact (p. 206)
• Moving Forward (p. 207)
• Measuring Results (p. 208)
• Implementing the PKI (p. 208)
• Achieving Expectations (p. 211)
• Key Points (p. 211)
• Findings (p. 212)
• Part 5 PKI Efforts: Present and Future (p. 213)
• Chapter 19 Initiatives, Laws, and Standards (p. 215)
• Initiatives (p. 215)
• Government (p. 216)
• Industry (p. 217)
• Laws and Regulations (p. 222)
• Standards (p. 226)
• Chapter 20 Biometrics and PKI (p. 233)
• Accuracy of Biometrics Technology (p. 234)
• Which Biometrics Technologies Are Best for PKI? (p. 234)
• Risk Factors (p. 235)
• Biometrics and Privacy (p. 236)
• PKI: Sample Biometric Approaches (p. 237)
• Conclusion (p. 240)
• Appendix A Request for Proposal for Public Key Infrastructure (p. 241)
• Selected Definitions (p. 259)
• References and Further Reading (p. 261)
• Index (p. 266)

Author notes provided by Syndetics