ACCU Home page ACCU Conference Page
Search Contact us ACCU at Flickr ACCU at GitHib ACCU at Facebook ACCU at Linked-in ACCU at Twitter Skip Navigation

ACCU Menu

Advertisement

Advertisement

Membership

Join ACCU

Login

» Create an account

» Password Reminder

ACCU Buttons

Add them to your site:

ACCU: professionalism in programming (116x31 px)
ACCU: professionalism in programming (225x60 px)

Search in Book Reviews

The ACCU passes on review copies of computer books to its members for them to review. The result is a large, high quality collection of book reviews by programmers, for programmers. Currently there are 1949 reviews in the database and more every month.
Search is a simple string search in either book title or book author. The full text search is a search of the text of the review.
    View all alphabetically
Title:
Web Security A Matter of Trust
Author:
Various
ISBN:
1 56592 329 4
Publisher:
O'Reilly
Pages:
272pp
Price:
£21-95
Reviewer:
Francis Glassborow
Subject:
cryptography; security; internet
Appeared in:
10-2
It really does not matter how many layers of cryptography, identity checking etc you place between the human client and the service provider it eventually comes down to a matter of trust. I still do not understand why people who calmly give their credit card to a waiter in a restaurant (it only takes a couple of seconds out of your sight to swipe it through a cloning machine) get so uptight about emailing their credit card number. Much more security is provided by requiring that goods are delivered to the registered address of the owner of the card.

This book presents a sample of papers on all aspects of WWW security rather than the in vogue narrow discussions of strength of cryptography. If commercial use of the Net is to take off those offering services and goods over the Net need to make themselves familiar with such material. Those advising and legislating should also educate themselves by reading this book and those like it.

PGP and other public key cryptographic systems are only a small part of the problem. Quite apart from consideration of how to secure channels there is the wide issue of who should have access to data. This starts you into the subject area of 'trust management.' That is something that needs a much wider understanding than the current one.