![]()
You might expect that companies would be better off keeping their cards close to their chest. SECURITY OBSCURITY SOFTWARENetflix saw that harnessing the world’s pool of programmers to build its security software actually made the company, and its data, more secure. In response to the Dark Overlord hack, it developed dozens of open-source cybersecurity products that other companies are allowed to use freely. What makes Netflix unusual is how transparent it has become about its cyber defences. Of course, many companies have digital assets to secure. The worst incident occurred in 2017, when a group called Dark Overlord broke in and released some new episodes of Orange is the New Black on the Internet. ![]() SECURITY OBSCURITY SERIESNetflix also wants to keep its popular TV series beyond the reach of those who try to view the content without paying.įor a company with so much digital treasure, Netflix hasn’t had many security mishaps. Tens of millions of households entrust the company with their personal information, including credit card details and the viewing habits of each family member. He was the third employee, responsible for the overall operations and strategic technology development, implementation, and maintenance of the various CA systems.Netflix has a lot of valuable data it needs to protect from hackers. ![]() He has international experience developing and managing public key infrastructures primarily for the financial services industry.Įpstein was the CTO for Digital Signature Trust Co., a start-up company formed to address the legal and technical issues of secure electronic commerce across the Internet, and one of the first licensed Certificate Authorities (CAs) in the United States. Clay Epstein holds a bachelor of science in computer science from the University of Utah and a master of business administration in management information systems from Westminster College (Salt Lake City, Utah). SECURITY OBSCURITY ISOHis introduction to cryptography began when he was assigned to develop a global key management system for MasterCard, and as part of that assignment, he began attending an Accredited Standards Committee (ASC) X9 Workgroup for retail banking security in 1989.ĭuring his career, he has spoken at many conferences participated in the development of numerous ANSI and ISO standards and published various papers, articles, chapters, and his first book- Security without Obscurity. Louis, Missouri), maintaining and developing credit card and debit card transaction applications on its global network, Banknet. He continued his work in the financial service industry at MasterCard International (St. SECURITY OBSCURITY CODELouis, Missouri, in 1982, as a software engineer writing 8-bit assembler code for a turnkey savings and loan teller system. Stapleton began his career at Citicorp Information Resources, St. Stapleton is the author of Security without Obscurity: A Guide to Confidentiality, Authentication, and Integrity (CRC Press). This book offers readers the opportunity to benefit from the authors’ more than 50 years of combined experience in developing PKI-related policies, standards, practices, procedures, and audits, as well as designing and operating various commercial and private PKI systems. The highlighted bad practices, based on real-world scenarios from the authors’ experiences, illustrate how bad things are often done with good intentions but cause bigger problems than the original one being solved. ![]() Scattered throughout the book are anonymous case studies identifying both good and bad practices. ![]() In addition to discussions on PKI best practices, the book supplies warnings against bad PKI practices. Security without Obscurity: A Guide to PKI Operations provides a no-nonsense approach and realistic guide to operating a PKI system. While algorithms, certificates, and theoretical policy are all excellent discussions, the real-world issues for operating a commercial or private CA can be overwhelming. Most books on public key infrastructure (PKI) seem to focus on asymmetric cryptography, X.509 certificates, certificate authority (CA) hierarchies, or certificate policy (CP), and certificate practice statements. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |