This completely expanded second edition of SSL and TLS: Theory and Practice provides modernized material and a comprehensive overview of the SSL/TLS and DTLS protocols, including topics such as firewall traversal and public key certificates. SSL (secure socket layer) and TLS (Transport Layer Security) are widely deployed security protocols that are used in all kinds of web-based e-commerce and e-business applications and are part of most contemporary security systems available today. This practical book provides a complete introduction to these protocols, offering readers a solid understanding of their design. Updates to this edition include coverage of recent attacks mounted against SSL/TLS, new broad TLS extensions, and discussions on the importance of public key certificates and Internet PKI.
Index Terms
- SSL and Tls: Theory and Practice, Second Edition
Recommendations
SSL/TLS session-aware user authentication revisited
Man-in-the-middle (MITM) attacks pose a serious threat to SSL/TLS-based e-commerce applications. In Oppliger R, Hauser R, Basin D [SSL/TLS session-aware user authentication - or how to effectively thwart the man-in-the-middle. Computer Communications ...
Using Frankencerts for Automated Adversarial Testing of Certificate Validation in SSL/TLS Implementations
SP '14: Proceedings of the 2014 IEEE Symposium on Security and PrivacyModern network security rests on the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols. Distributed systems, mobile and desktop applications, embedded devices, and all of secure Web rely on SSL/TLS for protection against network ...