DescriptionA top-level security guru for both eBay and PayPal and a best-selling information systems security author show how to design and develop secure Web commerce systems.
Whether it's online banking or ordering merchandise using your cell phone, the world of online commerce requires a high degree of security to protect you during transactions. This book not only explores all critical security issues associated with both e-commerce and mobile commerce (m-commerce), it is also a technical manual for how to create a secure system. Covering all the technical bases, this book provides the detail that developers, system architects, and system integrators need to design and implement secure, user-friendly, online commerce systems.
- Co-authored by Hadi Nahari, one of the world’s most renowned experts in Web commerce security; he is currently the Principal Security, Mobile and DevicesArchitect at eBay, focusing on the architecture and implementation of eBay and PayPal mobile
- Co-authored by Dr. Ronald Krutz; information system security lecturer and co-author of the best-selling Wiley CISSP Prep Guide Series
- Shows how to architect and implement user-friendly security for e-commerce and especially, mobile commerce
- Covers the fundamentals of designing infrastructures with high availability, large transactional capacity, and scalability
- Includes topics such as understanding payment technologies and how to identify weak security, and how to augment it.
Get the essential information you need on Web commerce security—as well as actual design techniques—in this expert guide.
Foreword by John Donahoe xxi
Foreword by Scott Thompson xxiii
Part I Overview of Commerce 1
Chapter 1 Internet Era: E-Commerce 3
Chapter 2 Mobile Commerce 41
Chapter 3 Important “Ilities” in Web Commerce Security 77
Chapter 4 E-Commerce Basics 109
Chapter 5 Building Blocks: Your Tools 119
Chapter 6 System Components: What You Should Implement 193
Chapter 7 Trust but Verify: Checking Security 245
Chapter 8 Threats and Attacks: What Your Adversaries Do 267
Chapter 9 Certification: Your Assurance 293
Appendix A Computing Fundamentals 331
Appendix B Standardization and Regulatory Bodies 365
Appendix C Glossary of Terms 385
Appendix D Bibliography 449