Computer Security: Principles and Practice
Search in google:
In recent years, the need for education in computer security and related topics has grown dramatically – and is essential for anyone in the fields of Computer Science or Computer Engineering. This is the only book available that provides integrated, comprehensive, up-to-date coverage of the broad range of topics in this subject.Comprehensive treatment of user authentication and access control. Unified approach to intrusion detection and firewalls, giving readers a solid understanding of the threats and countermeasures. More detailed coverage of software security than other books. Exploration of management issues. Systematic, comprehensive discussion of malicious software and denial of service attacks. Coverage of Linux and Windows Vista. Up-to-date coverage of database security. Thorough overview of cryptography, authentication, and digital signatures. Coverage of Internet security. For system engineers, programmers, system managers, network managers, product marketing personnel, system support specialists; a solid, up-to-date reference or tutorial for self-study.
NotationPrefaceChapter 0 Reader's and Instructor's Guide0.1 Outline of the Book0.2 A Roadmap for Readers and Instructors0.3 Internet and Web Resources0.4 StandardsChapter 1 Overview1.1 Computer Security Concepts1.2 Threats, Attacks, and Assets1.3 Security Functional Requirements1.4 A Security Architecture for Open Systems1.5 The Scope of Computer Security1.6 Computer Security Trends1.7 Computer Security Strategy1.8 Recommended Reading and Web Sites1.9 Key Terms, Review Questions, and ProblemsAppendix 1A Signficant Security Standards and DocumentsPART ONE COMPUTER SECURITY TECHNOLOGY AND PRINCIPLESChapter 2 Cryptographic Tools2.1 Confidentiality with Symmetric Encryption2.2 Message Authentication and Hash Functions2.3 Public-Key Encryption2.4 Digital Signatures and Key Management2.5 Random and Pseudorandom Numbers2.6 Practical Application: Encryption of Stored Data2.7 Recommended Reading and Web Sites2.8 Key Terms, Review Questions, and ProblemsChapter 3 User Authentication3.1 Means of Authentication3.2 Password-Based Authentication3.3 Token-Based Authentication3.4 Biometric Authentication3.5 Remote User Authentication3.6 Security Issues for User Authentication3.7 Practical Application: An Iris Biometric System3.8 Case Study: Security Problems for ATM Systems3.9 Recommended Reading and Web Sites3.10 Key Terms, Review Questions, and ProblemsChapter 4 Access Control4.1 Access Control Principles4.2 Subjects, Objects, and Access Rights4.3 Discretionary Access Control4.4 Example: UNIX File Access Control4.5 Role-Based Access Control4.6 Case Study: RBAC System for a Bank4.7 Recommended Reading and Web Sites4.8 Key Terms, Review Questions, and ProblemsChapter 5 Database Security5.1 Relational Databases5.2 Database Access Control5.3 Inference5.4 Statistical Databases5.5 Database Encryption5.6 Recommended Reading5.7 Key Terms, Review Questions, and ProblemsChapter 6 Intrusion Detection6.1 Intruders6.2 Intrusion Detection6.3 Host-Based Intrusion Detection6.4 Distributed Host-Based Intrusion Detection6.5 Network-Based Intrusion Detection6.6 Distributed Adaptive Intrusion Detection6.7 Intrustion Detection Exchange Format6.8 Honeypots6.9 Example System: Snort6.10 Recommended Reading and Web Sites6.11 Key Terms, Review Questions, and ProblemsAppendix 6A:The Base-Rate FallacyChapter 7 Malicious Software7.1 Types of Malicious Software7.2 Viruses7.3 Virus Countermeasures7.4 Worms7.5 Bots7.6 Rootkits7.7 Recommended Reading and Web Sites7.8 Key Terms, Review Questions, and ProblemsChapter 8 Denial of Service8.1 Denial of Service Attacks8.2 Flooding Attacks8.3 Distributed Denial of Service Attacks8.4 Reflector and Amplifier Attacks8.5 Defenses Against Denial of Service Attacks8.6 Responding to a Denial of Service Attack8.7 Recommended Reading and Web Sites8.8 Key Terms, Review Questions, and ProblemsChapter 9 Firewalls and Intrusion Prevention Systems9.1 The Need for Firewalls9.2 Firewall Characteristics9.3 Types of Firewalls9.4 Firewall Basing9.5 Firewall Location and Configurations9.6 Intrusion Prevention Systems9.7 Example: Unified Threat Management Products9.8 Recommended Reading and Web Sites9.9 Key Terms, Review Questions, and ProblemsChapter 10 Trusted Computing and Multilevel Security10.1 The Bell-LaPadula Model for Computer Security10.2 Other Formal Models for Computer Security10.3 The Concept of Trusted Systems10.4 Application of Multilevel Security10.5 Trusted Computing and the Trusted Platform Module10.6 Common Criteria for Information Technology Security Evaluation10.7 Assurance and Evaluation10.8 Recommended Reading and Web Sites10.9 Key Terms, Review Questions, and ProblemsPART TWO SOFTWARE SECURITYChapter 11 Buffer Overflow11.1 Stack Overflows11.2 Defending Against Buffer Overflows11.3 Other Forms of Overflow Attacks11.4 Recommended Reading and Web Sites11.5 Key Terms, Review Questions, and ProblemsChapter 12 Other Software Security Issues12.1 Software Security Issues12.2 Handling Program Input12.3 Writing Safe Program Code12.4 Interacting with the Operating System12.5 Handling Program Input12.6 Recommended Reading and Web Sites12.7 Key Terms, Review Questions, and ProblemsPART THREE MANAGEMENT ISSUESChapter 13 Physical and Infrastructure Security13.1 Overview13.2 Physical Security Threats13.3 Physical Security Prevention and Mitigation Measures13.4 Recovery from Physical Security Breaches13.5 Threat Assessment, Planning, and Plan Implementation13.6 Example: A Corporate Physical Security Policy.13.7 Integration of Physical and Logical Security13.8 Recommended Reading and Web Sites13.9 Key Terms, Review Questions, and ProblemsChapter 14 Human Factors14.1 Security Awareness, Training, and Education14.2 Organizational Security Policy14.3 Employment Practices and Policies14.4 E-Mail and Internet Use Policies14.5 Example: A Corporate Security Policy Document14.6 Recommended Reading and Web Sites14.7 Key Terms, Review Questions, and ProblemsAppendix 14A: Security Awareness Standard of Good PracticeAppendix 14B: Security Policy Standard of Good PracticeChapter 15 Security Auditing15.1 Security Auditing Architecture15.2 The Security Audit Trail15.3 Implementing the Logging Function15.4 Audit Trail Analysis15.5 Example: An Integrated Approach15.6 Recommended Reading and Web Sites15.7 Key Terms, Review Questions, and ProblemsChapter 16 IT Security Management and Risk Assessment16.1 IT Security Management16.2 Organizational Context and Security Policy16.3 Security Risk Assessment16.4 Detailed Security Risk Analysis16.5 Case Study: Silver Star Mines16.6 Recommended Reading and Web Sites16.7 Key Terms, Review Questions, and ProblemsChapter 17 IT Security Controls, Plans and Procedures17.1 IT Security Management Implementation17.2 Security Controls or Safeguards17.3 IT Security Plan17.4 Implementation of Controls17.5 Implementation Followup17.6 Case Study: Silver Star Mines17.7 Recommended Reading and Web Sites17.8 Key Terms, Review Questions, and ProblemsChapter 18 Legal and Ethical Aspects18.1 Cybercrime and Computer Crime18.2 Intellectual Property18.3 Privacy18.4 Ethical Issues18.5 Recommended Reading and Web Sites18.6 Key Terms, Review Questions, and ProblemsAppendix 18A: Information Privacy Standard of Good PracticePART FOUR CRYPTOGRAPHIC ALGORITHMSChapter 19 Symmetric Encryption and Message Confidentiality19.1 Symmetric Encryption and Message Confidentiality19.2 Data Encryption Standard19.3 Advanced Encryption Standard19.4 Stream Ciphers and RC419.5 Cipher Block Modes of Operation19.6 Location of Symmetric Encryption Devices19.7 Key Distribution19.8 Recommended Reading and Web Sites19.9 Key Terms, Review Questions, and ProblemsChapter 20 Public-Key Cryptography and Message Authentication20.1 Secure Hash Functions20.2 HMAC20.3 The RSA Public-Key Encryption Algorithm20.4 Diffie-Hellman and Other Asymmetric Algorithms20.5 Recommended Reading and Web Sites20.6 Key Terms, Review Questions, and ProblemsPART FIVE INTERNET SECURITYChapter 21 Internet Security Protocols and Standards21.1 Secure Sockets Layer (SSL) and Transport Layer Security (TLS)21.2 IPv4 and IPv6 Security21.3 Secure Email and S/MIME21.4 Recommended Reading and Web Sites21.5 Key Terms, Review Questions, and ProblemsAppendix 21A Radix-64 ConversionChapter 22 Internet Authentication Applications22.1 Kerberos22.2 X.50922.3 Public-Key Infrastructure22.4 Federated Identity Management22.5 Recommended Reading and Web Sites22.6 Key Terms, Review Questions, and ProblemsPART SIX OPERATING SYSTEM SECURITY*Chapter 23 Linux Security23.1 Introduction23.2 Linux's Security Model23.3 The Linux DAC in Depth: Filesystem Security23.4 Linux Vulnerabilities23.5 Linux System Hardening23.6 Application Security23.7 Mandatory Access Controls23.8 Recommended Reading and Web Sites23.9 Key Terms, Review Questions, and ProblemsChapter 24 Windows Security–Windows Overview–Windows Security Basics–Windows User Security–Windows Network SecurityAPPENDICESAppendix A Some Aspects of Number TheoryA.1 Prime and Relatively Prime NumbersA.2 Modular ArithmeticA.3 Fermat's and Euler's TheoremsAppendix B Random and Pseudorandom Number GenerationB.1 The Use of Random NumbersB.2 Pseudorandom Number Generators (PRNGs)B.3 True Random Number GeneratorsAppendix C Projects for Teaching Computer SecurityC.1 Research ProjectsC.2 Programming ProjectsC.3 Laboratory ExercisesC.4 Writing AssignmentsC.5 Reading/Report AssignmentsREFERENCESINDEXLIST OF ACRONYMSONLINE APPENDICESAppendix D Standards and Standard-Setting OrganizationsA.1 The Importance of StandardsA.2 Internet Standards and the Internet SocietyA.3 National Institute of Standards and TechnologyA.4 ITU-TA.5 ISOAppendix E TCP/IP Protocol ArchitectureAppendix F Glossary
