Security without Obscurity: A Guide to PKI Operations
Most books on public key infrastructure (PKI) seem to focus on asymmetric cryptography, X.509 certificates, certificate authority (CA) hierarchies, or certificate policy (CP), and certificate practice statements. While algorithms, certificates, and theoretical policy are all excellent discussions, the real-world issues for operating a commercial or private CA can be overwhelming.
Security without Obscurity: A Guide to PKI Operations provides a no-nonsense approach and realistic guide to operating a PKI system. In addition to discussions on PKI best practices, the book supplies warnings against bad PKI practices. Scattered throughout the book are anonymous case studies identifying both good and bad practices.
The highlighted bad practices, based on real-world scenarios from the authors’ experiences, illustrate how bad things are often done with good intentions but cause bigger problems than the original one being solved.
This book offers readers the opportunity to benefit from the authors’ more than 50 years of combined experience in developing PKI-related policies, standards, practices, procedures, and audits, as well as designing and operating various commercial and private PKI systems.
Provides a no-nonsense approach and realistic guide for operating a PKI system
Includes discussions on PKI best practices and contains warnings against PKI bad practices
Presents multiple anonymous case studies that illustrate what not to do when handling particular problems
Out of stock
Understand and implement VMware Virtual SAN: the heart of tomorrow’s Software-Defined Datacenter (SDDC) VMware’s breakthrough Software-Defined Datacenter (SDDC) initiative can help you virtualize your entire datacenter: compute, storage, networks, and associated services. Central to SDDC is VMware Virtual SAN (VSAN): a fully distributed storage architecture seamlessly integrated into the hypervisor and capable of scaling to meet any enterprise storage requirement. Now, the leaders of VMware’s wildly popular Virtual SAN previews have written the first authoritative guide to this pivotal technology. You’ll learn what Virtual SAN is, exactly what it offers, how to implement it, and how to maximize its value. Writing for administrators, consultants, and architects, Cormac Hogan and Duncan Epping show how Virtual SAN implements both object-based storage and a policy platform that simplifies VM storage placement. You’ll learn how Virtual SAN and vSphere work together to dramatically improve resiliency, scale-out storage functionality, and control over QoS. Both an up-to-the-minute reference and hands-on tutorial, Essential Virtual SAN uses realistic examples to demonstrate Virtual SAN’s most powerful capabilities. You’ll learn how to plan, architect, and deploy Virtual SAN successfully, avoid gotchas, and troubleshoot problems once you’re up and running. Coverage includes * Understanding the key goals and concepts of Software-Defined Storage and Virtual SAN technology * Meeting physical and virtual requirements for safe Virtual SAN implementation * Installing and configuring Virtual SAN for your unique environment * Using Storage Policy Based Management to control availability, performance, and reliability * Simplifying deployment with VM Storage Policies * Discovering key Virtual SAN architectural details: caching I/O, VASA, witnesses, pass-through RAID, and more * Ensuring efficient day-to-day Virtual SAN management and maintenance * Interoperating with other VMware features and products * Designing and sizing Virtual SAN clusters * Troubleshooting, monitoring, and performance optimization.
About the Author
Cormac Hogan is a storage architect in the Integration Engineering team at VMware. Cormac was one of the first VMware employees at the EMEA headquarters in Cork, Ireland, back in 2005, and has previously held roles in VMware’s Technical Marketing and Support organizations. Cormac has written a number of storage-related white papers and has given numerous presentations on storage best practices and new features. Cormac is the owner of CormacHogan.com, a blog site dedicated to storage and virtualization. He can be followed on twitter @CormacJHogan. Duncan Epping is a principal architect working for VMware R&D. Duncan is responsible for exploring new possibilities with existing products and features, researching new business opportunities for VMware. Duncan specializes in software-defined storage, hyperconverged platforms, and availability solutions. Duncan was among the first VMware Certified Design Experts (VCDX 007). Duncan is the owner of Yellow-Bricks.com and author of various books, including the VMware vSphere Clustering Technical Deepdive series. He can be followed on twitter @DuncanYB.
About the Author
WADE ALCORN is the creator of the BeEF open source browser exploitation framework, among toolswatch.orgs top 10 security tools. CHRISTIAN FRICHOT is a lead developer of BeEF, as well as a leader of the Perth Open Web Application Security Project. MICHELE ORR is the lead core developer of BeEF, as well as a vulnerability researcher and social engineer.
Security requirements engineering is especially challenging because designers must consider not just the software under design but also interactions among people, organizations, hardware, and software. Taking this broader perspective means designing a secure socio-technical system rather than a merely technical system. This book presents a novel, model-driven approach to designing secure socio-technical systems. It introduces the Socio-Technical Modeling Language (STS-ML) and presents a freely available software tool, STS-Tool, that supports this design approach through graphical modeling, automated reasoning capabilities to verify the models constructed, and the automatic derivation of security requirements documents. After an introduction to security requirements engineering and an overview of computer and information security, the book presents the STS-ML modeling language, introducing the modeling concepts used, explaining how to use STS-ML within the STS method for security requirements, and providing guidelines for the creation of models. The book then puts the STS approach into practice, introducing the STS-Tool and presenting two case studies from industry: an online collaborative platform and an e-Government system. Finally, the book considers other methods that can be used in conjunction with the STS method or that constitute an alternative to it. The book is suitable for course use or as a reference for practitioners. Exercises, review questions, and problems appear at the end of each chapter.
About the Author
Fabiano Dalpiaz is Assistant Professor in the Department of Information and Computing Sciences at Utrecht University, the Netherlands. Elda Paja is a Postdoctoral Research Fellow in the Department of Engineering and Computer Science at the University of Trento, Italy. Paolo Giorgini is Associate Professor in the Department of Engineering and Computer Science at the University of Trento.
GUIDE TO NETWORKING ESSENTIALS provides students with both the knowledge and hands-on skills necessary to work with network operating systems in a network administration environment. By focusing on troubleshooting and computer networking technologies, this book offers a comprehensive introduction to networking and to advances in software, wireless and network security. Challenge Labs and Hands-On Projects are directly integrated in each chapter to allow for a hands-on experience in the classroom. Updated content reflects the latest networking technologies and operating systems including new Ethernet standards, cloud computing, Windows 10, Windows Server 2016, and recent Linux distributions.
About the Author
Greg Tomsho is director of the Computer Networking Technology Department and Cisco Academy at Yavapai College in Prescott, Ariz. He has earned the CCNA, MCTS, MCSA, A , Security and Linux certifications. A former software engineer, technical support manager and IT director, he has more than 30 years of computer and networking experience. His other books include MCTS GUIDE TO WINDOWS SERVER 2008 ACTIVE DIRECTORY CONFIGURATION, MCTS GUIDE TO MICROSOFT WINDOWS SERVER 2008 APPLICATIONS INFRASTRUCTURE CONFIGURATION, GUIDE TO NETWORKING ESSENTIALS, GUIDE TO NETWORK SUPPORT AND TROUBLESHOOTING and A COURSEPREP EXAMGUIDE.