Computer security: principles and practice [Third edition] 9780133773927, 1292066172, 9781292066172, 0133773922

In recent years, the need for education in computer security and related topics has grown dramatically - and is essentia

1,652 134 30MB

English Pages 840 [842] Year 2014;2015

Report DMCA / Copyright

DOWNLOAD PDF FILE

Table of contents :
Cover......Page 1
Title......Page 3
Copyright......Page 4
Contents......Page 7
Online Resources......Page 13
Preface......Page 14
Notation......Page 20
About the Authors......Page 21
Chapter 0 Reader’s and Instructor’s Guide......Page 23
0.2 A Roadmap for Readers and Instructors......Page 24
0.3 Support for Cisp Certification......Page 25
0.4 Support for NSA/DHS Certification......Page 27
0.5 Support for ACM/IEEE Computer Society Computer Science Curricula 2013......Page 28
0.6 Internet and Web Resources......Page 30
0.7 Standards......Page 31
Chapter 1 Overview......Page 33
1.1 Computer Security Concepts......Page 34
1.2 Threats, Attacks, and Assets......Page 41
1.3 Security Functional Requirements......Page 47
1.4 Fundamental Security Design Principles......Page 49
1.5 Attack Surfaces and Attack Trees......Page 53
1.6 Computer Security Strategy......Page 56
1.7 Recommended Reading......Page 58
1.8 Key Terms, Review Questions, and Problems......Page 59
Chapter 2 Cryptographic Tools......Page 62
2.1 Confidentiality with Symmetric Encryption......Page 63
2.2 Message Authentication and Hash Functions......Page 69
2.3 Public-Key Encryption......Page 77
2.4 Digital Signatures and Key Management......Page 82
2.5 Random and Pseudorandom Numbers......Page 86
2.6 Practical Application: Encryption of Stored Data......Page 88
2.7 Recommended Reading......Page 89
2.8 Key Terms, Review Questions, and Problems......Page 90
Chapter 3 User Authentication......Page 94
3.1 Electronic User Authentication Principles......Page 96
3.2 Password-Based Authentication......Page 100
3.3 Token-Based Authentication......Page 112
3.4 Biometric Authentication......Page 118
3.5 Remote User Authentication......Page 122
3.6 Security Issues for User Authentication......Page 125
3.7 Practical Application: An Iris Biometric System......Page 127
3.8 Case Study: Security Problems for ATM Systems......Page 129
3.10 Key Terms, Review Questions, and Problems......Page 132
Chapter 4 Access Control......Page 135
4.1 Access Control Principles......Page 136
4.2 Subjects, Objects, and Access Rights......Page 139
4.3 Discretionary Access Control......Page 140
4.4 Example: UNIX File Access Control......Page 146
4.5 Role-Based Access Control......Page 149
4.6 Attribute-Based Access Control......Page 155
4.7 Identity, Credential, and Access Management......Page 161
4.8 Trust Frameworks......Page 165
4.9 Case Study: RBAC System for a Bank......Page 169
4.10 Recommended Reading......Page 172
4.11 Key Terms, Review Questions, and Problems......Page 173
Chapter 5 Database and Cloud Security......Page 177
5.1 The Need for Database Security......Page 178
5.2 Database Management Systems......Page 179
5.3 Relational Databases......Page 181
5.4 SQL Injection Attacks......Page 185
5.5 Database Access Control......Page 191
5.6 Inference......Page 195
5.7 Database Encryption......Page 198
5.8 Cloud Computing......Page 202
5.9 Cloud Security Risks and Countermeasures......Page 209
5.11 Cloud Security as a Service......Page 211
5.12 Recommended Reading......Page 215
5.13 Key Terms, Review Questions, and Problems......Page 216
Chapter 6 Malicious Software......Page 221
6.1 Types of Malicious Software (Malware)......Page 222
6.2 Advanced Persistent Threat......Page 225
6.3 Propagation—Infected Content—Viruses......Page 226
6.4 Propagation—Vulnerability Exploit—Worms......Page 232
6.5 Propagation—Social Engineering—Spam E-Mail, Trojans......Page 240
6.6 Payload—System Corruption......Page 243
6.7 Payload—Attack Agent—Zombie, Bots......Page 244
6.8 Payload—Information Theft—Keyloggers, Phishing, Spyware......Page 246
6.9 Payload—Stealthing—Backdoors, Rootkits......Page 248
6.10 Countermeasures......Page 251
6.11 Recommended Reading......Page 257
6.12 Key Terms, Review Questions, and Problems......Page 258
Chapter 7 Denial-of-Service Attacks......Page 262
7.1 Denial-of-Service Attacks......Page 263
7.2 Flooding Attacks......Page 270
7.3 Distributed Denial-of-Service Attacks......Page 272
7.4 Application-Based Bandwidth Attacks......Page 274
7.5 Reflector and Amplifier Attacks......Page 276
7.6 Defenses Against Denial-of-Service Attacks......Page 281
7.7 Responding to a Denial-of-Service Attack......Page 285
7.9 Key Terms, Review Questions, and Problems......Page 286
Chapter 8 Intrusion Detection......Page 289
8.1 Intruders......Page 290
8.2 Intrusion Detection......Page 294
8.3 Analysis Approaches......Page 297
8.4 Host-Based Intrusion Detection......Page 300
8.5 Network-Based Intrusion Detection......Page 305
8.6 Distributed or Hybrid Intrusion Detection......Page 311
8.7 Intrusion Detection Exchange Format......Page 313
8.8 Honeypots......Page 316
8.9 Example System: Snort......Page 318
8.11 Key Terms, Review Questions, and Problems......Page 322
Chapter 9 Firewalls and Intrusion Prevention Systems......Page 326
9.1 The Need for Firewalls......Page 327
9.2 Firewall Characteristics and Access Policy......Page 328
9.3 Types of Firewalls......Page 330
9.4 Firewall Basing......Page 336
9.5 Firewall Location and Configurations......Page 339
9.6 Intrusion Prevention Systems......Page 344
9.7 Example: Unified Threat Management Products......Page 348
9.8 Recommended Reading......Page 352
9.9 Key Terms, Review Questions, and Problems......Page 353
Chapter 10 Buffer Overflow......Page 358
10.1 Stack Overflows......Page 360
10.2 Defending Against Buffer Overflows......Page 381
10.3 Other Forms of Overflow Attacks......Page 387
10.5 Key Terms, Review Questions, and Problems......Page 394
Chapter 11 Software Security......Page 397
11.1 Software Security Issues......Page 398
11.2 Handling Program Input......Page 402
11.3 Writing Safe Program Code......Page 414
11.4 Interacting with the Operating System and Other Programs......Page 418
11.5 Handling Program Output......Page 431
11.6 Recommended Reading......Page 433
11.7 Key Terms, Review Questions, and Problems......Page 434
Chapter 12 Operating System Security......Page 438
12.1 Introduction to Operating System Security......Page 440
12.3 Operating Systems Hardening......Page 441
12.4 Application Security......Page 446
12.5 Security Maintenance......Page 447
12.6 Linux/Unix Security......Page 448
12.7 Windows Security......Page 452
12.8 Virtualization Security......Page 454
12.9 Recommended Reading......Page 458
12.10 Key Terms, Review Questions, and Problems......Page 459
Chapter 13 Trusted Computing and Multilevel Security......Page 461
13.1 The Bell-LaPadula Model for Computer Security......Page 462
13.2 Other Formal Models for Computer Security......Page 472
13.3 The Concept of Trusted Systems......Page 478
13.4 Application of Multilevel Security......Page 481
13.5 Trusted Computing and the Trusted Platform Module......Page 487
13.6 Common Criteria for Information Technology Security Evaluation......Page 491
13.7 Assurance and Evaluation......Page 497
13.8 Recommended Reading......Page 502
13.9 Key Terms, Review Questions, and Problems......Page 503
Chapter 14 IT Security Management and Risk Assessment......Page 507
14.1 IT Security Management......Page 508
14.2 Organizational Context and Security Policy......Page 511
14.3 Security Risk Assessment......Page 514
14.4 Detailed Security Risk Analysis......Page 517
14.5 Case Study: Silver Star Mines......Page 529
14.6 Recommended Reading......Page 534
14.7 Key Terms, Review Questions, and Problems......Page 535
Chapter 15 IT Security Controls, Plans, and Procedures......Page 537
15.2 Security Controls or Safeguards......Page 538
15.3 IT Security Plan......Page 546
15.4 Implementation of Controls......Page 547
15.5 Monitoring Risks......Page 548
15.6 Case Study: Silver Star Mines......Page 551
15.8 Key Terms, Review Questions, and Problems......Page 554
Chapter 16 Physical and Infrastructure Security......Page 556
16.1 Overview......Page 557
16.2 Physical Security Threats......Page 558
16.3 Physical Security Prevention and Mitigation Measures......Page 565
16.5 Example: A Corporate Physical Security Policy......Page 568
16.6 Integration of Physical and Logical Security......Page 569
16.7 Recommended Reading......Page 575
16.8 Key Terms, Review Questions, and Problems......Page 576
Chapter 17 Human Resources Security......Page 578
17.1 Security Awareness, Training, and Education......Page 579
17.2 Employment Practices and Policies......Page 585
17.3 E-Mail and Internet Use Policies......Page 588
17.4 Computer Security Incident Response Teams......Page 589
17.5 Recommended Reading......Page 596
17.6 Key Terms, Review Questions, and Problems......Page 597
Chapter 18 Security Auditing......Page 599
18.1 Security Auditing Architecture......Page 601
18.2 Security Audit Trail......Page 606
18.3 Implementing the Logging Function......Page 610
18.4 Audit Trail Analysis......Page 622
18.5 Example: An Integrated Approach......Page 626
18.6 Recommended Reading......Page 629
18.7 Key Terms, Review Questions, and Problems......Page 630
Chapter 19 Legal and Ethical Aspects......Page 632
19.1 Cybercrime and Computer Crime......Page 633
19.2 Intellectual Property......Page 637
19.3 Privacy......Page 643
19.4 Ethical Issues......Page 648
19.5 Recommended Reading......Page 655
19.6 Key Terms, Review Questions, and Problems......Page 656
Chapter 20 Symmetric Encryption and Message Confidentiality......Page 659
20.1 Symmetric Encryption Principles......Page 660
20.2 Data Encryption Standard......Page 665
20.3 Advanced Encryption Standard......Page 667
20.4 Stream Ciphers and RC4......Page 673
20.5 Cipher Block Modes of Operation......Page 677
20.6 Location of Symmetric Encryption Devices......Page 682
20.7 Key Distribution......Page 684
20.9 Key Terms, Review Questions, and Problems......Page 686
Chapter 21 Public-Key Cryptography and Message Authentication......Page 691
21.1 Secure Hash Functions......Page 692
21.2 HMAC......Page 697
21.3 The RSA Public-Key Encryption Algorithm......Page 701
21.4 Diffie-Hellman and Other Asymmetric Algorithms......Page 706
21.6 Key Terms, Review Questions, and Problems......Page 711
Chapter 22 Internet Security Protocols and Standards......Page 715
22.1 Secure E-Mail and S/MIME......Page 716
22.2 DomainKeys Identified Mail......Page 719
22.3 Secure Sockets Layer (SSL) and Transport Layer Security (TLS)......Page 722
22.4 HTTPS......Page 729
22.5 IPv4 and IPv6 Security......Page 730
22.7 Key Terms, Review Questions, and Problems......Page 736
Chapter 23 Internet Authentication Applications......Page 739
23.1 Kerberos......Page 740
23.2 X.509......Page 746
23.3 Public-Key Infrastructure......Page 749
23.4 Recommended Reading......Page 751
23.5 Key Terms, Review Questions, and Problems......Page 752
Chapter 24 Wireless Network Security......Page 755
24.1 Wireless Security......Page 756
24.2 Mobile Device Security......Page 759
24.3 IEEE 802.11 Wireless LAN Overview......Page 763
24.4 IEEE 802.11i Wireless LAN Security......Page 769
24.5 Recommended Reading......Page 784
24.6 Key Terms, Review Questions, and Problems......Page 785
A.1 Hacking Project......Page 787
A.3 Security Education (SEED) Projects......Page 788
A.4 Research Projects......Page 790
A.7 Firewall Projects......Page 791
A.10 Writing Assignments......Page 792
A.11 Webcasts for Teaching Computer Security......Page 793
Acronyms......Page 794
References......Page 795
Index......Page 813
Credits......Page 837

Computer security: principles and practice [Third edition]
 9780133773927, 1292066172, 9781292066172, 0133773922

  • 0 0 0
  • Like this paper and download? You can publish your own PDF file online for free in a few minutes! Sign Up
File loading please wait...
Recommend Papers