Introduction to the Public Key Infrastructure for the Internet

Introduction to the Public Key Infrastructure for the Internet

3 (2 ratings by Goodreads)
By (author) 

List price: US$58.99

Currently unavailable

Add to wishlist

AbeBooks may have this title (opens in new window).

Try AbeBooks


The practical, results-focused PKI primer for every security developer and IT manager!-- Easy-to-understand explanations of the key concepts behind PKI and PKIX.-- Answers the most important questions about PKI deployment, operation, and administration.-- Covers trust models, certificate validation, credentials management, key rollover, and much more.The Public Key Infrastructure (PKI) and related standards are gaining powerful momentum as a solution for a wide range of security issues associated with electronic commerce. This book represents the first complete primer on PKI for both technical and non-technical professionals. Unlike academic treatises on PKI, this book is focused on getting results -- and on answering the critical questions implementers and managers have about PKI deployment, operation, and administration. The book begins with an overview of the security problems PKI is intended to solve; the fundamentals of secret key cryptography, and the significant challenges posed by key distribution. Messaoud Benantar introduces the foundations of public key cryptography, and the essential role played by public key assurance systems. Once you understand the basics, he introduces PKIX, the Internet Public Key Infrastructure standard, and shows how to leverage it in constructing secure Internet solutions. Benantar covers PKIX standards, notational language, and data encoding schemes; the Internet PKI technology; PKI trust models; certificate validation; credentials management; key rollover issues, and more. For every security developer, administrator, IT manager, and decision-maker concerned with securing Internet and e-commerce applications.
show more

Product details

  • Hardback | 272 pages
  • 184.2 x 244.3 x 24.4mm | 707.62g
  • Prentice Hall
  • Upper Saddle River, United States
  • English
  • w. figs.
  • 0130609277
  • 9780130609274

Table of contents


1. Secret Key Cryptography.

Introduction. Background. Basic XOR. About the Key Space. Common Secret Key Algorithms. Security Services of Secret Key Encryption. Secret Key Cryptography and Nonrepudiation. Origin Authenticity. Data Integrity.

2.Secret Key Distribution and Management.

Introduction. Sharing Secret Keys: Topology Effect.Central Secret Key Management. The Needham-Schroeder Scheme. A Note about Secret Key Distribution.

3. Public Key Cryptography.

Foundations of Public Key Cryptography. The Fate of Secret Key Cryptography. Public Key Cryptography Services. Trusting a Public Key.

4. Public Key Establishment-the PKIX Way.

Introduction. Background. PKIX Certificates and Certificate Revocation Lists. Elements of PKIX. ASN.1: The PKIX Definition Language. The PKIX Information Mode.

5. X.509 Certificate and CRL Extensions.

Introduction. X.509 v3 Certificate Extensions. About the X.509 Certificate Extensions. X.509 v2 CRL Extensions. Reason Code. Invalidity Date. Certificate Issuer. Hold Instruction Code.

6. Trust Establishment in PKIX.

Introduction. Hierarchical Trust. Cross-Certification. Hybrid Model. Web Trust Model. Certificate Validation. Validation Input. Validation Procedure.

7. PKIX Topology and Operational Protocols.

Introduction. The Infrastructure Topology. Overview of the PKI Management Operations. Certificate Management Protocol (CMP).

8. PKI Certificate and CRL Repositories.

Introduction. FTP. HTTP. Electronic Mail. DNS. LDAP.

9. PKI Credentials Management.

Introduction. PKCS #8. PKCS #12. PKCS #11. PKCS #15.

10. PKI-Based Security Applications.

Introduction. PKCS #7. Content Parameterization. Encrypted Data. Enveloped Data. Signed and Enveloped Data. Digested Data. PKCS #7 Security Services. CMS. CMC. Further Protections of CMS Messages. S/MIME v3. SSL/TLS.


show more

About Messaoud Benantar

MESSAOUD BENANTAR is a senior software engineer in IBM Austin, Texas, U.S.A. He received his Ph.D. degree in Computer Science from Rensselaer Polytechnic Institute in Troy, New York and has over ten years of experience developing security software on various platforms. He holds several U.S. patents on distributed systems security. His interests include systems and network security and all of the aspects of Internet computing. He can be contacted at
show more

Rating details

2 ratings
3 out of 5 stars
5 0% (0)
4 50% (1)
3 0% (0)
2 50% (1)
1 0% (0)
Book ratings by Goodreads
Goodreads is the world's largest site for readers with over 50 million reviews. We're featuring millions of their reader ratings on our book pages to help you find your new favourite book. Close X