Computer security: principles and practice
Gespeichert in:
| Hauptverfasser: | , |
|---|---|
| Format: | Buch |
| Sprache: | English |
| Veröffentlicht: |
Upper Saddle River, NJ
Pearson, Prentice Hall
2008
|
| Schlagworte: | |
| Online-Zugang: | Inhaltsverzeichnis Klappentext |
| Beschreibung: | XVIII, 798 S. Ill., graph. Darst. |
| ISBN: | 0136004245 9780136004240 |
Internformat
MARC
| LEADER | 00000nam a2200000 c 4500 | ||
|---|---|---|---|
| 001 | BV022576101 | ||
| 003 | DE-604 | ||
| 005 | 20110210 | ||
| 007 | t | ||
| 008 | 070813s2008 ad|| |||| 00||| eng d | ||
| 020 | |a 0136004245 |9 0-13-600424-5 | ||
| 020 | |a 9780136004240 |9 978-0-13-600424-0 | ||
| 035 | |a (OCoLC)166887344 | ||
| 035 | |a (DE-599)BVBBV022576099 | ||
| 040 | |a DE-604 |b ger |e rakwb | ||
| 041 | 0 | |a eng | |
| 049 | |a DE-355 |a DE-29T |a DE-703 |a DE-523 |a DE-706 | ||
| 050 | 0 | |a QA76.9.A25 | |
| 082 | 0 | |a 005.8 |2 22 | |
| 084 | |a ST 276 |0 (DE-625)143642: |2 rvk | ||
| 100 | 1 | |a Stallings, William |d 1945- |e Verfasser |0 (DE-588)130436461 |4 aut | |
| 245 | 1 | 0 | |a Computer security |b principles and practice |c William Stallings ; Lawrie Brown |
| 264 | 1 | |a Upper Saddle River, NJ |b Pearson, Prentice Hall |c 2008 | |
| 300 | |a XVIII, 798 S. |b Ill., graph. Darst. | ||
| 336 | |b txt |2 rdacontent | ||
| 337 | |b n |2 rdamedia | ||
| 338 | |b nc |2 rdacarrier | ||
| 650 | 4 | |a Computer networks |x Security measures | |
| 650 | 4 | |a Computer security | |
| 650 | 0 | 7 | |a Computersicherheit |0 (DE-588)4274324-2 |2 gnd |9 rswk-swf |
| 655 | 7 | |0 (DE-588)4123623-3 |a Lehrbuch |2 gnd-content | |
| 689 | 0 | 0 | |a Computersicherheit |0 (DE-588)4274324-2 |D s |
| 689 | 0 | |C b |5 DE-604 | |
| 700 | 1 | |a Brown, Lawrie |e Verfasser |4 aut | |
| 856 | 4 | 2 | |m Digitalisierung UB Regensburg |q application/pdf |u http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=015782366&sequence=000003&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA |3 Inhaltsverzeichnis |
| 856 | 4 | 2 | |m Digitalisierung UB Regensburg |q application/pdf |u http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=015782366&sequence=000004&line_number=0002&func_code=DB_RECORDS&service_type=MEDIA |3 Klappentext |
| 999 | |a oai:aleph.bib-bvb.de:BVB01-015782366 | ||
Datensatz im Suchindex
| _version_ | 1804136712090157056 |
|---|---|
| adam_text | Contents
Notation
xii
About the Authors
xiii
Preface
xv
Chapter
0
Reader s and Instructor s Guide
1
0.1
Outline of the Book
2
0.2
A Roadmap for Readers and Instructors
3
0.3
Internet and Web Resources
3
0.4
Standards
5
Chapter
1
Overview
6
1.1
Computer Security Concepts
7
1.2
Threats, Attacks, and Assets
14
1.3
Security Functional Requirements
20
1.4
A Security Architecture for Open Systems
22
1.5
The Scope of Computer Security
27
1.6
Computer Security Trends
28
1.7
Computer Security Strategy
32
1.8
Recommended Reading andWeb Sites
34
1.9
KeyTerms, Review Questions, and Problems
36
Appendix:
1
A Significant Security Standards and Documents
37
PART ONE COMPUTER SECURITY TECHNOLOGY AND PRINCIPLES
40
Chapter
2
Cryptographic Tools
41
2.1
Confidentiality with Symmetric Encryption
42
2.2
Message Authentication and Hash Functions
49
2.3
Public-Key Encryption
56
2.4
Digital Signatures and Key Management
61
2.5
Random and Pseudorandom Numbers
65
2.6
Practical Application: Encryption of Stored Data
67
2.7
Recommended Reading and Web Sites
68
2.8
Key Terms, Review Questions, and Problems
69
Chapter
3
User Authentication
74
3.1
Means of Authentication
75
3.2
Password-Based Authentication
76
3.3
Token-Based Authentication
88
3.4
Biometrie
Authentication
92
3.5
Remote User Authentication
97
3.6
Security Issues for User Authentication
99
3.7
Practical Application: An
Iris Biometrie
System
101
VI
CONTENTS
3.8
Case
Study: Security Problems
for ATM Systems
103
3.9
Recommended Reading andWeb Sites
106
3.10
Key Terms, Review Questions, and Problems
107
Chapter
4
Access Control
110
4.1
Access Control Principles 111
4.2
Subjects, Objects, and Access Rights
115
4.3
Discretionary Access Control
116
4.4
Example: UNIX File Access Control
122
4.5
Role-Based Access Control
125
4.6
Case Study: RBAC System for a Bank
134
4.7
Recommended Reading andWeb Sites
137
4.8
Key Terms, Review Questions, and Problems
138
Chapter
5
Database Security
142
5.1
Database Management Systems
143
5.2
Relational Databases
144
5.3
Database Access Control
148
5.4
Inference
153
5.5
Statistical Databases
156
5.6
Database Encryption
166
5.7
Recommended Reading
170
5.8
Key Terms, Review Questions, and Problems
171
Chapter
6
Intrusion Detection
176
6.1
Intruders
177
6.2
Intrusion Detection
181
6.3
Host-Based Intrusion Detection
183
6.4
Distributed Host-Based Intrusion Detection
190
6.5
Network-Based Intrusion Detection
193
6.6
Distributed Adaptive Intrusion Detection
197
6.7
Intrusion Detection Exchange Format
200
6.8
Honeypots
202
6.9
Example System: Snort
204
6.10
Recommended Reading and Web Sites
208
6.11
Key Terms, Review Questions, and Problems
209
Appendix 6A:The Base-Rate Fallacy
211
Chapter
7
Malicious Software
215
7.1
Types of Malicious Software
216
7.2
Viruses
220
7.3
Virus Countermeasures
226
7.4
Worms
231
7.5
Bots
240
7.6
Rootkits
242
7.7
Recommended Reading and Web Sites
245
7.8
Key Terms, Review Questions, and Problems
246
CONTENTS
Vil
Chapter
8
Denial of Service
249
8.1
Denial of Service Attacks
250
8.2
Flooding Attacks
257
8.3
Distributed Denial of Service Attacks
259
8.4
Reflector and Amplifier Attacks
261
8.5
Defenses Against Denial of Service Attacks
265
8.6
Responding to a Denial of Service Attack
269
8.7
Recommended Reading and Web Sites
270
8.8
Key Terms, Review Questions, and Problems
271
Chapter
9
Firewalls and Intrusion Prevention Systems
273
9.1
The Need for Firewalls
274
9.2
Firewall Characteristics
275
9.3
Types of Firewalls
276
9.4
Firewall Basing
283
9.5
FirewaU Location and Configurations
286
9.6
Intrusion Prevention Systems
291
9.7
Example: Unified Threat Management Products
294
9.8
Recommended Reading and Web Sites
298
9.9
Key Terms, Review Questions, and Problems
299
Chapter
10
Trusted Computing and Multilevel Security
303
10.1
The Bell-LaPadula Model for Computer Security
304
10.2
Other Formal Models for Computer Security
314
10.3
The Concept ofTrusted Systems
320
10.4
Application of Multilevel Security
323
10.5
Trusted Computing and the Trusted Platform Module
330
10.6
Common Criteria for Information Technology Security Evaluation
334
10.7
Assurance and Evaluation
340
10.8
Recommended Reading and Web Sites
345
10.9
Key Terms, Review Questions, and Problems
346
PART TWO SOFTWARE SECURITY
349
Chapter
11
Buffer Overflow
350
11.1
Stack Overflows
352
11.2
Defending Against Buffer Overflows
373
11.3
Other Forms of Overflow Attacks
379
11.4
Recommended Reading and Web Sites
385
11.5
Key Terms, Review Questions, and Problems
386
Chapter
12
Other Software Security Issues
388
12.1
Software Security Issues
389
12.2
Handling Program Input
392
12.3
Writing Safe Program Code
403
12.4
Interacting with the Operating System and Other Programs
408
12.5
Handling Program Input
419
12.6
Recommended Reading and Web Sites
422
12.7
Key Terms, Review Questions, and Problems
423
VIU
CONTENTS
PART THREE MANAGEMENT ISSUES
426
Chapter
13
Physical and Infrastructure Security
427
13.1
Overview
428
13.2
Physical Security Threats
429
13.3
Physical Security Prevention and Mitigation Measures
435
13.4
Recovery from Physical Security Breaches
438
13.5
Threat Assessment, Planning, and Plan Implementation
439
13.6
Example: A Corporate Physical Security Policy
440
13.7
Integration of Physical and Logical Security
441
13.8
Recommended Reading and Web Sites
446
13.9
Key Terms, Review Questions, and Problems
447
Chapter
14
Human Factors
449
14.1
Security Awareness, Training, and Education
450
14.2
Organizational Security Policy
455
14.3
Employment Practices and Policies
461
14.4
E-Mail and Internet Use Policies
464
14.5
Example: A Corporate Security Policy Document
465
14.6
Recommended Reading and Web Sites
467
14.7
Key Terms, Review Questions, and Problems
468
Appendix 14A: Security Awareness Standard of Good Practice
469
Appendix 14B: Security Policy Standard of Good Practice
473
Chapter
15
Security Auditing
475
15.1
Security Auditing Architecture
476
15.2
The Security Audit Trail
481
15.3
Implementing the Logging Function
486
15.4
Audit Trail Analysis
497
15.5
Example: An Integrated Approach
501
15.6
Recommended Reading and Web Sites
504
15.7
Key Terms, Review Questions, and Problems
505
Chapter
16
IT Security Management and Risk Assessment
508
16.1
IT Security Management
509
16.2
Organizational Context and Security Policy
512
16.3
Security Risk Assessment
515
16.4
Detailed Security Risk Analysis
518
16.5
Case Study: Silver Star Mines
530
16.6
Recommended Reading andWeb Sites
534
16.7
Key Terms, Review Questions, and Problems
536
Chapter
17
IT Security Controls, Plans and Procedures
538
17.1
IT Security Management Implementation
539
17.2
Security Controls or Safeguards
539
17.3
IT Security Plan
547
17.4
Implementation of Controls
548
17.5
Implementation Followup
550
17.6
Case Study: Silver Star Mines
556
CONTENTS
IX
17.7
Recommended Reading
559
17.8
Key Terms, Review Questions, and Problems
559
Chapter
18
Legal and Ethical Aspects
562
18.1
Cybercrime and Computer Crime
563
18.2
Intellectual Property
567
18.3
Privacy
574
18.4
Ethical Issues
580
18.5
Recommended Reading and Web Sites
586
18.6
Key Terms, Review Questions, and Problems
587
Appendix 18A: Information Privacy Standard of Good Practice
590
PART FOUR CRYPTOGRAPHIC ALGORITHMS
592
Chapter
19
Symmetric Encryption and Message Confidentiality
593
19.1
Symmetric Encryption and Message Confidentiality
594
19.2
Data Encryption Standard
598
19.3
Advanced Encryption Standard
600
19.4
Stream Ciphers and RC4
607
19.5
Cipher Block Modes of Operation
610
19.6
Location of Symmetric Encryption Devices
616
19.7
Key Distribution
618
19.8
Recommended Reading and Web Sites
620
19.9
Key Terms, Review Questions, and Problems
620
Chapter
20
Public-Key Cryptography and Message Authentication
625
20.1
Secure Hash Functions
626
20.2
HMAC
632
20.3
The RSA Public-Key Encryption Algorithm
635
20.4
Diffie-Hellman and Other Asymmetric Algorithms
641
20.5
Recommended Reading and Web Sites
646
20.6
Key Terms, Review Questions, and Problems
646
PART FIVE INTERNET SECURITY
650
Chapter
21
Internet Security Protocols and Standards
651
21.1
Secure Sockets Layer (SSL) and Transport Layer Security (TLS)
652
21.2 IPv4
and
IPv6
Security
656
21.3
Secure Email and S/MIME
662
21.4
Recommended Reading and Web Sites
665
21.5
KeyTerms, Review Questions, and Problems
666
Appendix 21A: Radix-64 Conversion
668
Chapter
22
Internet Authentication Applications
671
22.1 Kerberos 672
22.2
X.509
678
22.3
Public-Key Infrastructure
680
22.4
Federated Identity Management
683
22.5
Recommended Reading and Web Sites
687
22.6
KeyTerms, Review Questions, and Problems
688
X
CONTENTS
PART SIX OPERATING SYSTEM SECURITY
689
Chapter
23
Linux Security
690
23.1
Introduction
691
23.2
Linux s Security Model
691
23.3
The Linux
DAC
in Depth:
Filesystem
Security
693
23.4
Linux Vulnerabilities
699
23.5
Linux System Hardening
701
23.6
Application Security
709
23.7
Mandatory Access Controls
711
23.8
Recommended Reading andWeb Sites
711
23.9
Key Terms, Review Questions, and Problems
718
Chapter
24
Windows and Windows Vista Security
720
24.1
Windows Security Architecture
721
24.2
Windows Vulnerabilities
728
24.3
Windows Security Defenses
729
24.4
Browser Defenses
737
24.5
Cryptographic Services
737
24.6
Common Criteria
738
24.7
Recommended Reading and Web Sites
739
24.8
Key Terms, Review Questions, Problems, and Projects
740
APPENDICES
Appendix A Some Aspects of Number Theory
742
A.1 Prime and Relatively Prime Numbers
743
A.2 Modular Arithmetic
744
A.3
Fermat
s
and Euler s Theorems
746
Appendix
В
Random and Pseudorandom Number Generation
750
B.I The Use of Random Numbers
751
B.2 Pseudorandom Number Generators (PRNGs)
752
B.3 True Random Number Generators
757
Appendix
С
Projects for Teaching Computer Security
759
C.I Research Projects
760
C.2 Hacking Projects
761
C.3 Programming Projects
761
C.4 Laboratory Exercises
762
C.5 Practical Security Assessments
762
C.6 Writing Assignments
762
C.7 Reading/Report Assignments
763
References
765
Index
783
CONTENTS Xl
ONLINE
APPENDICES
Appendix
D
Standards
and Standard-Setting Organizations
D.I The Importance of Standards
D.2 Internet Standards and the Internet Society
D.3 National Institute of Standards and Technology
D.4 The International Telecommunication Union
D.5 The International Organization for Standardization
Appendix
E
TCP/IP Protocol Architecture
E.I TCP/IP Layers
E.2 TCP and
UDP
E.3 Operation ofTCP/IP
E.4 TCP/IP Applications
Appendix
F
Glossary
Computer
Security: Principles and Practice
William Stallings and Lawrie Brown
A thorough, up-to-date survey of the entire discipline of computer security.
Security experts William Stallings and Lawrie Brown provide a comprehensive survey of computer
security threats, technical approaches to the detection and preventioa of security attacks, software
security issues, and management issues.
Throughout, the authors focus on core principles, showing how they unify the field of computer security
and demonstrating their application in real-world systems and networks. They examine alternate desiga
approaches to meeting security requirements and illuminate the standards that are central to today s
security solutions.
Ideal for both academic and professional audiences, Computer Security offers exceptional clarity, careful
organization, and extensive pedagogical support—including hundreds of carefully crafted practice
problems.
COVERAGE
•
Security technologies and principles, including cryptography, authentication, and
access control
•
Threats and countermeasures, from detecting intruders to countering DOS attacks
•
Trusted computing and multilevel security
•
Secure software: avoiding buffer overflows, malicious input, and other weaknesses
•
Linux and Windows security models
•
Managing security: physical security, training, audits, policies, and more
•
Computer crime, intellectual property, privacy, and ethics
•
Cryptographic algorithms, including public-key cryptography
•
Internet security: SSL, TLS, IP security,
S/MIME, Kerberos,
ХЈШ,
and federated
identity management
KEY FEATURES
•
Strong coverage of unifying principles and design techniques
•
Dozens of figures and tables that clarify key concepts
•
Field-tested homework problems
•
Extensive Web support at
WüliamStalltags.corn/CompSec/CoBCSecle.html
•
Keyword/acronym lists, recommended readings, and glossary
About the Authors
William Stallings has won the Best Computer Science and Engineering Textbook award seven times*
His Prentice Hall books include Operating Systems; Cryptography and Network Security,
ява
Data and
Computer Communications. Stallings consults widely with technology providers, customers, and
researchers. He holds a Ph.D. in Computer Science from MIT. Dr. Lawrie Brown is Senior Lecturer at
the School of Information Technology and Electrical Engineering at tbe University of New South
Wil«
at the Australian Defence Force Academy, Canberra, Australia.
;¿¿
j j
, ■;·
|
| adam_txt |
Contents
Notation
xii
About the Authors
xiii
Preface
xv
Chapter
0
Reader's and Instructor's Guide
1
0.1
Outline of the Book
2
0.2
A Roadmap for Readers and Instructors
3
0.3
Internet and Web Resources
3
0.4
Standards
5
Chapter
1
Overview
6
1.1
Computer Security Concepts
7
1.2
Threats, Attacks, and Assets
14
1.3
Security Functional Requirements
20
1.4
A Security Architecture for Open Systems
22
1.5
The Scope of Computer Security
27
1.6
Computer Security Trends
28
1.7
Computer Security Strategy
32
1.8
Recommended Reading andWeb Sites
34
1.9
KeyTerms, Review Questions, and Problems
36
Appendix:
1
A Significant Security Standards and Documents
37
PART ONE COMPUTER SECURITY TECHNOLOGY AND PRINCIPLES
40
Chapter
2
Cryptographic Tools
41
2.1
Confidentiality with Symmetric Encryption
42
2.2
Message Authentication and Hash Functions
49
2.3
Public-Key Encryption
56
2.4
Digital Signatures and Key Management
61
2.5
Random and Pseudorandom Numbers
65
2.6
Practical Application: Encryption of Stored Data
67
2.7
Recommended Reading and Web Sites
68
2.8
Key Terms, Review Questions, and Problems
69
Chapter
3
User Authentication
74
3.1
Means of Authentication
75
3.2
Password-Based Authentication
76
3.3
Token-Based Authentication
88
3.4
Biometrie
Authentication
92
3.5
Remote User Authentication
97
3.6
Security Issues for User Authentication
99
3.7
Practical Application: An
Iris Biometrie
System
101
VI
CONTENTS
3.8
Case
Study: Security Problems
for ATM Systems
103
3.9
Recommended Reading andWeb Sites
106
3.10
Key Terms, Review Questions, and Problems
107
Chapter
4
Access Control
110
4.1
Access Control Principles 111
4.2
Subjects, Objects, and Access Rights
115
4.3
Discretionary Access Control
116
4.4
Example: UNIX File Access Control
122
4.5
Role-Based Access Control
125
4.6
Case Study: RBAC System for a Bank
134
4.7
Recommended Reading andWeb Sites
137
4.8
Key Terms, Review Questions, and Problems
138
Chapter
5
Database Security
142
5.1
Database Management Systems
143
5.2
Relational Databases
144
5.3
Database Access Control
148
5.4
Inference
153
5.5
Statistical Databases
156
5.6
Database Encryption
166
5.7
Recommended Reading
170
5.8
Key Terms, Review Questions, and Problems
171
Chapter
6
Intrusion Detection
176
6.1
Intruders
177
6.2
Intrusion Detection
181
6.3
Host-Based Intrusion Detection
183
6.4
Distributed Host-Based Intrusion Detection
190
6.5
Network-Based Intrusion Detection
193
6.6
Distributed Adaptive Intrusion Detection
197
6.7
Intrusion Detection Exchange Format
200
6.8
Honeypots
202
6.9
Example System: Snort
204
6.10
Recommended Reading and Web Sites
208
6.11
Key Terms, Review Questions, and Problems
209
Appendix 6A:The Base-Rate Fallacy
211
Chapter
7
Malicious Software
215
7.1
Types of Malicious Software
216
7.2
Viruses
220
7.3
Virus Countermeasures
226
7.4
Worms
231
7.5
Bots
240
7.6
Rootkits
242
7.7
Recommended Reading and Web Sites
245
7.8
Key Terms, Review Questions, and Problems
246
CONTENTS
Vil
Chapter
8
Denial of Service
249
8.1
Denial of Service Attacks
250
8.2
Flooding Attacks
257
8.3
Distributed Denial of Service Attacks
259
8.4
Reflector and Amplifier Attacks
261
8.5
Defenses Against Denial of Service Attacks
265
8.6
Responding to a Denial of Service Attack
269
8.7
Recommended Reading and Web Sites
270
8.8
Key Terms, Review Questions, and Problems
271
Chapter
9
Firewalls and Intrusion Prevention Systems
273
9.1
The Need for Firewalls
274
9.2
Firewall Characteristics
275
9.3
Types of Firewalls
276
9.4
Firewall Basing
283
9.5
FirewaU Location and Configurations
286
9.6
Intrusion Prevention Systems
291
9.7
Example: Unified Threat Management Products
294
9.8
Recommended Reading and Web Sites
298
9.9
Key Terms, Review Questions, and Problems
299
Chapter
10
Trusted Computing and Multilevel Security
303
10.1
The Bell-LaPadula Model for Computer Security
304
10.2
Other Formal Models for Computer Security
314
10.3
The Concept ofTrusted Systems
320
10.4
Application of Multilevel Security
323
10.5
Trusted Computing and the Trusted Platform Module
330
10.6
Common Criteria for Information Technology Security Evaluation
334
10.7
Assurance and Evaluation
340
10.8
Recommended Reading and Web Sites
345
10.9
Key Terms, Review Questions, and Problems
346
PART TWO SOFTWARE SECURITY
349
Chapter
11
Buffer Overflow
350
11.1
Stack Overflows
352
11.2
Defending Against Buffer Overflows
373
11.3
Other Forms of Overflow Attacks
379
11.4
Recommended Reading and Web Sites
385
11.5
Key Terms, Review Questions, and Problems
386
Chapter
12
Other Software Security Issues
388
12.1
Software Security Issues
389
12.2
Handling Program Input
392
12.3
Writing Safe Program Code
403
12.4
Interacting with the Operating System and Other Programs
408
12.5
Handling Program Input
419
12.6
Recommended Reading and Web Sites
422
12.7
Key Terms, Review Questions, and Problems
423
VIU
CONTENTS
PART THREE MANAGEMENT ISSUES
426
Chapter
13
Physical and Infrastructure Security
427
13.1
Overview
428
13.2
Physical Security Threats
429
13.3
Physical Security Prevention and Mitigation Measures
435
13.4
Recovery from Physical Security Breaches
438
13.5
Threat Assessment, Planning, and Plan Implementation
439
13.6
Example: A Corporate Physical Security Policy
440
13.7
Integration of Physical and Logical Security
441
13.8
Recommended Reading and Web Sites
446
13.9
Key Terms, Review Questions, and Problems
447
Chapter
14
Human Factors
449
14.1
Security Awareness, Training, and Education
450
14.2
Organizational Security Policy
455
14.3
Employment Practices and Policies
461
14.4
E-Mail and Internet Use Policies
464
14.5
Example: A Corporate Security Policy Document
465
14.6
Recommended Reading and Web Sites
467
14.7
Key Terms, Review Questions, and Problems
468
Appendix 14A: Security Awareness Standard of Good Practice
469
Appendix 14B: Security Policy Standard of Good Practice
473
Chapter
15
Security Auditing
475
15.1
Security Auditing Architecture
476
15.2
The Security Audit Trail
481
15.3
Implementing the Logging Function
486
15.4
Audit Trail Analysis
497
15.5
Example: An Integrated Approach
501
15.6
Recommended Reading and Web Sites
504
15.7
Key Terms, Review Questions, and Problems
505
Chapter
16
IT Security Management and Risk Assessment
508
16.1
IT Security Management
509
16.2
Organizational Context and Security Policy
512
16.3
Security Risk Assessment
515
16.4
Detailed Security Risk Analysis
518
16.5
Case Study: Silver Star Mines
530
16.6
Recommended Reading andWeb Sites
534
16.7
Key Terms, Review Questions, and Problems
536
Chapter
17
IT Security Controls, Plans and Procedures
538
17.1
IT Security Management Implementation
539
17.2
Security Controls or Safeguards
539
17.3
IT Security Plan
547
17.4
Implementation of Controls
548
17.5
Implementation Followup
550
17.6
Case Study: Silver Star Mines
556
CONTENTS
IX
17.7
Recommended Reading
559
17.8
Key Terms, Review Questions, and Problems
559
Chapter
18
Legal and Ethical Aspects
562
18.1
Cybercrime and Computer Crime
563
18.2
Intellectual Property
567
18.3
Privacy
574
18.4
Ethical Issues
580
18.5
Recommended Reading and Web Sites
586
18.6
Key Terms, Review Questions, and Problems
587
Appendix 18A: Information Privacy Standard of Good Practice
590
PART FOUR CRYPTOGRAPHIC ALGORITHMS
592
Chapter
19
Symmetric Encryption and Message Confidentiality
593
19.1
Symmetric Encryption and Message Confidentiality
594
19.2
Data Encryption Standard
598
19.3
Advanced Encryption Standard
600
19.4
Stream Ciphers and RC4
607
19.5
Cipher Block Modes of Operation
610
19.6
Location of Symmetric Encryption Devices
616
19.7
Key Distribution
618
19.8
Recommended Reading and Web Sites
620
19.9
Key Terms, Review Questions, and Problems
620
Chapter
20
Public-Key Cryptography and Message Authentication
625
20.1
Secure Hash Functions
626
20.2
HMAC
632
20.3
The RSA Public-Key Encryption Algorithm
635
20.4
Diffie-Hellman and Other Asymmetric Algorithms
641
20.5
Recommended Reading and Web Sites
646
20.6
Key Terms, Review Questions, and Problems
646
PART FIVE INTERNET SECURITY
650
Chapter
21
Internet Security Protocols and Standards
651
21.1
Secure Sockets Layer (SSL) and Transport Layer Security (TLS)
652
21.2 IPv4
and
IPv6
Security
656
21.3
Secure Email and S/MIME
662
21.4
Recommended Reading and Web Sites
665
21.5
KeyTerms, Review Questions, and Problems
666
Appendix 21A: Radix-64 Conversion
668
Chapter
22
Internet Authentication Applications
671
22.1 Kerberos 672
22.2
X.509
678
22.3
Public-Key Infrastructure
680
22.4
Federated Identity Management
683
22.5
Recommended Reading and Web Sites
687
22.6
KeyTerms, Review Questions, and Problems
688
X
CONTENTS
PART SIX OPERATING SYSTEM SECURITY
689
Chapter
23
Linux Security
690
23.1
Introduction
691
23.2
Linux's Security Model
691
23.3
The Linux
DAC
in Depth:
Filesystem
Security
693
23.4
Linux Vulnerabilities
699
23.5
Linux System Hardening
701
23.6
Application Security
709
23.7
Mandatory Access Controls
711
23.8
Recommended Reading andWeb Sites
711
23.9
Key Terms, Review Questions, and Problems
718
Chapter
24
Windows and Windows Vista Security
720
24.1
Windows Security Architecture
721
24.2
Windows Vulnerabilities
728
24.3
Windows Security Defenses
729
24.4
Browser Defenses
737
24.5
Cryptographic Services
737
24.6
Common Criteria
738
24.7
Recommended Reading and Web Sites
739
24.8
Key Terms, Review Questions, Problems, and Projects
740
APPENDICES
Appendix A Some Aspects of Number Theory
742
A.1 Prime and Relatively Prime Numbers
743
A.2 Modular Arithmetic
744
A.3
Fermat
s
and Euler's Theorems
746
Appendix
В
Random and Pseudorandom Number Generation
750
B.I The Use of Random Numbers
751
B.2 Pseudorandom Number Generators (PRNGs)
752
B.3 True Random Number Generators
757
Appendix
С
Projects for Teaching Computer Security
759
C.I Research Projects
760
C.2 Hacking Projects
761
C.3 Programming Projects
761
C.4 Laboratory Exercises
762
C.5 Practical Security Assessments
762
C.6 Writing Assignments
762
C.7 Reading/Report Assignments
763
References
765
Index
783
CONTENTS Xl
ONLINE
APPENDICES
Appendix
D
Standards
and Standard-Setting Organizations
D.I The Importance of Standards
D.2 Internet Standards and the Internet Society
D.3 National Institute of Standards and Technology
D.4 The International Telecommunication Union
D.5 The International Organization for Standardization
Appendix
E
TCP/IP Protocol Architecture
E.I TCP/IP Layers
E.2 TCP and
UDP
E.3 Operation ofTCP/IP
E.4 TCP/IP Applications
Appendix
F
Glossary
Computer
Security: Principles and Practice
William Stallings and Lawrie Brown
A thorough, up-to-date survey of the entire discipline of computer security.
Security experts William Stallings and Lawrie Brown provide a comprehensive survey of computer
security threats, technical approaches to the detection and preventioa of security attacks, software
security issues, and management issues.
Throughout, the authors focus on core principles, showing how they unify the field of computer security
and demonstrating their application in real-world systems and networks. They examine alternate desiga
approaches to meeting security requirements and illuminate the standards that are central to today's
security solutions.
Ideal for both academic and professional audiences, Computer Security offers exceptional clarity, careful
organization, and extensive pedagogical support—including hundreds of carefully crafted practice
problems.
COVERAGE
•
Security technologies and principles, including cryptography, authentication, and
access control
•
Threats and countermeasures, from detecting intruders to countering DOS attacks
•
Trusted computing and multilevel security
•
Secure software: avoiding buffer overflows, malicious input, and other weaknesses
•
Linux and Windows security models
•
Managing security: physical security, training, audits, policies, and more
•
Computer crime, intellectual property, privacy, and ethics
•
Cryptographic algorithms, including public-key cryptography
•
Internet security: SSL, TLS, IP security,
S/MIME, Kerberos,
ХЈШ,
and federated
identity management
KEY FEATURES
•
Strong coverage of unifying principles and design techniques
•
Dozens of figures and tables that clarify key concepts
•
Field-tested homework problems
•
Extensive Web support at
WüliamStalltags.corn/CompSec/CoBCSecle.html
•
Keyword/acronym lists, recommended readings, and glossary
About the Authors
William Stallings has won the Best Computer Science and Engineering Textbook award seven times*
His Prentice Hall books include Operating Systems; Cryptography and Network Security,
ява
Data and
Computer Communications. Stallings consults widely with technology providers, customers, and
researchers. He holds a Ph.D. in Computer Science from MIT. Dr. Lawrie Brown is Senior Lecturer at
the School of Information Technology and Electrical Engineering at tbe University of New South
Wil«
at the Australian Defence Force Academy, Canberra, Australia.
;¿¿
j'j
, ■;· |
| any_adam_object | 1 |
| any_adam_object_boolean | 1 |
| author | Stallings, William 1945- Brown, Lawrie |
| author_GND | (DE-588)130436461 |
| author_facet | Stallings, William 1945- Brown, Lawrie |
| author_role | aut aut |
| author_sort | Stallings, William 1945- |
| author_variant | w s ws l b lb |
| building | Verbundindex |
| bvnumber | BV022576101 |
| callnumber-first | Q - Science |
| callnumber-label | QA76 |
| callnumber-raw | QA76.9.A25 |
| callnumber-search | QA76.9.A25 |
| callnumber-sort | QA 276.9 A25 |
| callnumber-subject | QA - Mathematics |
| classification_rvk | ST 276 |
| ctrlnum | (OCoLC)166887344 (DE-599)BVBBV022576099 |
| dewey-full | 005.8 |
| dewey-hundreds | 000 - Computer science, information, general works |
| dewey-ones | 005 - Computer programming, programs, data, security |
| dewey-raw | 005.8 |
| dewey-search | 005.8 |
| dewey-sort | 15.8 |
| dewey-tens | 000 - Computer science, information, general works |
| discipline | Informatik |
| discipline_str_mv | Informatik |
| format | Book |
| fullrecord | <?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>01817nam a2200409 c 4500</leader><controlfield tag="001">BV022576101</controlfield><controlfield tag="003">DE-604</controlfield><controlfield tag="005">20110210 </controlfield><controlfield tag="007">t</controlfield><controlfield tag="008">070813s2008 ad|| |||| 00||| eng d</controlfield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">0136004245</subfield><subfield code="9">0-13-600424-5</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9780136004240</subfield><subfield code="9">978-0-13-600424-0</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)166887344</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)BVBBV022576099</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-604</subfield><subfield code="b">ger</subfield><subfield code="e">rakwb</subfield></datafield><datafield tag="041" ind1="0" ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-355</subfield><subfield code="a">DE-29T</subfield><subfield code="a">DE-703</subfield><subfield code="a">DE-523</subfield><subfield code="a">DE-706</subfield></datafield><datafield tag="050" ind1=" " ind2="0"><subfield code="a">QA76.9.A25</subfield></datafield><datafield tag="082" ind1="0" ind2=" "><subfield code="a">005.8</subfield><subfield code="2">22</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">ST 276</subfield><subfield code="0">(DE-625)143642:</subfield><subfield code="2">rvk</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Stallings, William</subfield><subfield code="d">1945-</subfield><subfield code="e">Verfasser</subfield><subfield code="0">(DE-588)130436461</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Computer security</subfield><subfield code="b">principles and practice</subfield><subfield code="c">William Stallings ; Lawrie Brown</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="a">Upper Saddle River, NJ</subfield><subfield code="b">Pearson, Prentice Hall</subfield><subfield code="c">2008</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">XVIII, 798 S.</subfield><subfield code="b">Ill., graph. Darst.</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="b">n</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="b">nc</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Computer networks</subfield><subfield code="x">Security measures</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Computer security</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Computersicherheit</subfield><subfield code="0">(DE-588)4274324-2</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="655" ind1=" " ind2="7"><subfield code="0">(DE-588)4123623-3</subfield><subfield code="a">Lehrbuch</subfield><subfield code="2">gnd-content</subfield></datafield><datafield tag="689" ind1="0" ind2="0"><subfield code="a">Computersicherheit</subfield><subfield code="0">(DE-588)4274324-2</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2=" "><subfield code="C">b</subfield><subfield code="5">DE-604</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Brown, Lawrie</subfield><subfield code="e">Verfasser</subfield><subfield code="4">aut</subfield></datafield><datafield tag="856" ind1="4" ind2="2"><subfield code="m">Digitalisierung UB Regensburg</subfield><subfield code="q">application/pdf</subfield><subfield code="u">http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=015782366&sequence=000003&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA</subfield><subfield code="3">Inhaltsverzeichnis</subfield></datafield><datafield tag="856" ind1="4" ind2="2"><subfield code="m">Digitalisierung UB Regensburg</subfield><subfield code="q">application/pdf</subfield><subfield code="u">http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=015782366&sequence=000004&line_number=0002&func_code=DB_RECORDS&service_type=MEDIA</subfield><subfield code="3">Klappentext</subfield></datafield><datafield tag="999" ind1=" " ind2=" "><subfield code="a">oai:aleph.bib-bvb.de:BVB01-015782366</subfield></datafield></record></collection> |
| genre | (DE-588)4123623-3 Lehrbuch gnd-content |
| genre_facet | Lehrbuch |
| id | DE-604.BV022576101 |
| illustrated | Illustrated |
| index_date | 2024-07-02T18:15:04Z |
| indexdate | 2024-07-09T21:00:45Z |
| institution | BVB |
| isbn | 0136004245 9780136004240 |
| language | English |
| oai_aleph_id | oai:aleph.bib-bvb.de:BVB01-015782366 |
| oclc_num | 166887344 |
| open_access_boolean | |
| owner | DE-355 DE-BY-UBR DE-29T DE-703 DE-523 DE-706 |
| owner_facet | DE-355 DE-BY-UBR DE-29T DE-703 DE-523 DE-706 |
| physical | XVIII, 798 S. Ill., graph. Darst. |
| publishDate | 2008 |
| publishDateSearch | 2008 |
| publishDateSort | 2008 |
| publisher | Pearson, Prentice Hall |
| record_format | marc |
| spelling | Stallings, William 1945- Verfasser (DE-588)130436461 aut Computer security principles and practice William Stallings ; Lawrie Brown Upper Saddle River, NJ Pearson, Prentice Hall 2008 XVIII, 798 S. Ill., graph. Darst. txt rdacontent n rdamedia nc rdacarrier Computer networks Security measures Computer security Computersicherheit (DE-588)4274324-2 gnd rswk-swf (DE-588)4123623-3 Lehrbuch gnd-content Computersicherheit (DE-588)4274324-2 s b DE-604 Brown, Lawrie Verfasser aut Digitalisierung UB Regensburg application/pdf http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=015782366&sequence=000003&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA Inhaltsverzeichnis Digitalisierung UB Regensburg application/pdf http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=015782366&sequence=000004&line_number=0002&func_code=DB_RECORDS&service_type=MEDIA Klappentext |
| spellingShingle | Stallings, William 1945- Brown, Lawrie Computer security principles and practice Computer networks Security measures Computer security Computersicherheit (DE-588)4274324-2 gnd |
| subject_GND | (DE-588)4274324-2 (DE-588)4123623-3 |
| title | Computer security principles and practice |
| title_auth | Computer security principles and practice |
| title_exact_search | Computer security principles and practice |
| title_exact_search_txtP | Computer security principles and practice |
| title_full | Computer security principles and practice William Stallings ; Lawrie Brown |
| title_fullStr | Computer security principles and practice William Stallings ; Lawrie Brown |
| title_full_unstemmed | Computer security principles and practice William Stallings ; Lawrie Brown |
| title_short | Computer security |
| title_sort | computer security principles and practice |
| title_sub | principles and practice |
| topic | Computer networks Security measures Computer security Computersicherheit (DE-588)4274324-2 gnd |
| topic_facet | Computer networks Security measures Computer security Computersicherheit Lehrbuch |
| url | http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=015782366&sequence=000003&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=015782366&sequence=000004&line_number=0002&func_code=DB_RECORDS&service_type=MEDIA |
| work_keys_str_mv | AT stallingswilliam computersecurityprinciplesandpractice AT brownlawrie computersecurityprinciplesandpractice |