Securing information and communications systems: principles, technologies, and applications
Gespeichert in:
| Format: | Buch |
|---|---|
| Sprache: | English |
| Veröffentlicht: |
Boston [u.a.]
Artech House
2008
|
| Schriftenreihe: | Artech House information security and privacy series
Artech House computer security series |
| Schlagworte: | |
| Online-Zugang: | Inhaltsverzeichnis |
| Beschreibung: | Literaturangaben |
| Beschreibung: | XIV, 362 S. Ill., graph. Darst. |
| ISBN: | 1596932287 9781596932289 |
Internformat
MARC
| LEADER | 00000nam a2200000zc 4500 | ||
|---|---|---|---|
| 001 | BV035046533 | ||
| 003 | DE-604 | ||
| 005 | 20130822 | ||
| 007 | t | ||
| 008 | 080910s2008 xxuad|| |||| 00||| eng d | ||
| 010 | |a 2008271231 | ||
| 020 | |a 1596932287 |9 1-59693-228-7 | ||
| 020 | |a 9781596932289 |9 978-1-59693-228-9 | ||
| 035 | |a (OCoLC)213468741 | ||
| 035 | |a (DE-599)BVBBV035046533 | ||
| 040 | |a DE-604 |b ger |e aacr | ||
| 041 | 0 | |a eng | |
| 044 | |a xxu |c US | ||
| 049 | |a DE-355 |a DE-703 |a DE-91G | ||
| 050 | 0 | |a QA76.9.A25 | |
| 082 | 0 | |a 005.8 |2 22 | |
| 084 | |a ST 276 |0 (DE-625)143642: |2 rvk | ||
| 084 | |a DAT 461f |2 stub | ||
| 084 | |a DAT 620f |2 stub | ||
| 245 | 1 | 0 | |a Securing information and communications systems |b principles, technologies, and applications |c Steven M. Furnell ... eds. |
| 264 | 1 | |a Boston [u.a.] |b Artech House |c 2008 | |
| 300 | |a XIV, 362 S. |b Ill., graph. Darst. | ||
| 336 | |b txt |2 rdacontent | ||
| 337 | |b n |2 rdamedia | ||
| 338 | |b nc |2 rdacarrier | ||
| 490 | 0 | |a Artech House information security and privacy series | |
| 490 | 0 | |a Artech House computer security series | |
| 500 | |a Literaturangaben | ||
| 650 | 4 | |a Chiffrement (Informatique) | |
| 650 | 4 | |a Infrastructure à clé publique (Sécurité informatique) | |
| 650 | 4 | |a Réseaux d'ordinateurs - Sécurité - Mesures | |
| 650 | 4 | |a Systèmes informatiques - Sécurité - Mesures | |
| 650 | 4 | |a Sécurité informatique | |
| 650 | 4 | |a Computer networks |x Security measures | |
| 650 | 4 | |a Computer security | |
| 650 | 4 | |a Data encryption (Computer science) | |
| 650 | 0 | 7 | |a Betriebliches Informationssystem |0 (DE-588)4069386-7 |2 gnd |9 rswk-swf |
| 650 | 0 | 7 | |a Computersicherheit |0 (DE-588)4274324-2 |2 gnd |9 rswk-swf |
| 689 | 0 | 0 | |a Betriebliches Informationssystem |0 (DE-588)4069386-7 |D s |
| 689 | 0 | 1 | |a Computersicherheit |0 (DE-588)4274324-2 |D s |
| 689 | 0 | |5 DE-604 | |
| 700 | 1 | |a Furnell, Steven |d 1970- |e Sonstige |0 (DE-588)1038562899 |4 oth | |
| 856 | 4 | 2 | |m Digitalisierung UB Regensburg |q application/pdf |u http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=016715270&sequence=000004&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA |3 Inhaltsverzeichnis |
| 999 | |a oai:aleph.bib-bvb.de:BVB01-016715270 | ||
Datensatz im Suchindex
| _version_ | 1804137983905890304 |
|---|---|
| adam_text | Contents
Preface
xiii
Introduction
Security
Concepts, Services,
and Threats
5
2.1
Definitions
5
2.2
Threats and Vulnerabilities
8
2.2.1
Threat Types
8
2.2.2
Vulnerabilities
8
2.2.3
Attacks and Misuse
9
2.2.4
Impacts and Consequences of Security Breaches
11
2.3
Security Services and Safeguards
12
2.3.1
Identifying Assets and Risks
14
2.3.2
Security Objectives
14
2.3.3
Perspectives on Protection
15
2.4
Conclusions
19
References
20
Business-Integrated Information Security Management
21
3.1
Business-Integrated Information Security Management
21
3.2
Applying The PDCA Model to Manage Information Security
22
3.3
Information Security Management Through Business
Process Management
24
3.4
Factors Affecting the Use of Systematic Managerial Tools
in Business-Integrated Information Security Management
27
3.5
Information Security Management Standardization and International
Business Management
28
3.6
Business Continuity Management
31
3.7
Conclusions
33
References
33
v¡
Contents
User
/Authentication
Technologies
35
4.1
Authentication Based On Secret Knowledge
36
4.1.1
Principles of Secret Knowledge Approaches
36
«4.1.2
Passwords
36
4.1.3
Alternative Secret-Knowledge Approaches
40
4.14
Attacks Against Secret Knowledge Approaches
44
4.2
.Authentication Based On Tokens
45
4.2.1
Principles of Token-Based Approaches
45
4.2.2
Token Technologies
45
4.2.3
Two-Factor Authentication
47
4.2.4
Attacks Against Tokens
47
4.3
^Authentication Based On Biometrics
48
4.3.1
Principles of
Biometrie
Technology
48
4.3.2
Biometrie
Technologies
51
4.3.3
Attacks Against Biometrics
55
4.4
Operational Considerations
56
4.5
Conclusions
57
References
58
Authorization and Access Control
61
5.1
Discretionary Access Control
(DAC)
61
5.1.1
Implementation Alternatives
62
5.1.2
Discussion of
DAC
63
5.2
Mandatory Access Control
64
5.2.1
Need-to-Know Model
64
5.2.2
Military Security Model
65
5.2.3
Discussion of MAC
67
5.3
Other Classic Approaches
67
5.3.1
Personal Knowledge Approach
67
5.3.2
Clark and Wilson Model
68
5.3.3
Chinese Wall Policy
69
5.4
Role-Based Access Control
70
5.4.1
Core
RBÂC
71
5.4.2
Hierarchical RBAC
72
5.4.3
Constraint RBAC
73
5.4.4
Discussion of RBAC
74
5.5
Attribute-Based Access Control
74
5*.5.1
ABAC
—
A Unified Model for Attribute-Based Access Control
75
5 .5.2
Designing ABAC Policies with UML
77
5.5.3
Representing Classic Access Control Models
79
5 .5.4
Extensible Access Control Markup Language
80
5.5.5
Discussion of ABAC
84
5.6
Conclusions
§4
References
85
Contents
vii
Data-Centric Applications 87
6.1
Security in
Relational Databases 87
6.1.1
View-Based Protection
88
6.1.2
SQL Grant/Revoke
90
6.1.3
Structural Limitations
93
6.2
Multilevel Secure Databases
94
6.2.1
Polyinstantiation and Side Effects
96
6.2.2
Structural Limitations
97
6.3
Role-Based Access Control in Database Federations
99
6.3.1
Taxonomy of Design Choices
99
6.3.2
Alternatives Chosen in IRO-DB
101
6.4
Conclusions
102
References
103
Modern Cryptology
105
7.1
Introduction
105
7.2
Encryption for Secrecy Protection
106
7.2.1
Symmetric Encryption
108
7.2.2
Public-Key Encryption
114
7.3
Hashing and Signatures for Authentication
121
7.3.1
Symmetric Authentication
121
7.3.2
Digital Signatures
125
7.4
Analysis and Design of Cryptographic Algorithms
127
7.4.1
Different Approaches in Cryptography
127
7.4.2
Life Cycle of a Cryptographic Algorithm
129
7.4.3
Insecure Versus Secure Algorithms
130
7.5
Conclusions
133
References
134
Network Security
139
8.1
Network Security Architectures
139
8.1.1
ISO/OSI Network Security Architecture
140
8.1.2
ISO/OSI Network Security Services
140
8.1.3
Internet Security Architecture
142
8.2
Security at the Network Layer
144
8.2.1
Layer
2
Forwarding Protocol (L2F)
144
8.2.2
Point-to-Point Tunneling Protocol (PPTP)
144
8.2.3
Layer
2
Tunneling Protocol (L2TP)
145
8.3
Security at the Internet Layer
145
8.3.1
IP Security Protocol (IPSP)
146
8.3.2
Internet Key Exchange Protocol
148
8.4
Security at the Transport Layer
149
8.4.1
Secure Shell
150
і
Contents
8.4.2
The Secure Sockets Layer Protocol
151
8.4.3
Transport Layer Security Protocol
152
8.5
Security at the Application Layer
153
8.5.1
Secure Email
153
8.5.2
Web Transactions
154
8.5.3
Domain Name System
155
8.5.4
Network Management
155
8.5.5
Distributed Authentication and Key Distribution Systems
157
8.5.6
Firewalls
158
8.6
Security in Wireless Networks
158
8.7
Network Vulnerabilities
161
8.8
Remote Attacks
162
8.8.1
Types of Attacks
162
8.8.2
Severity of Attacks
164
8.8.3
Typical Attack Scenario
164
8.8.4
Typical Attack Examples
165
8.9
Anti-Intrusion Approaches
165
8.9.1
Intrusion Detection and Prevention Systems
166
8.10
Conclusions
167
References
167
ШееШёШ
Standard Public Key and Privilege Management Infrastructures
171
9.1
Key Management and Authentication
171
9.2
Public Key Infrastructures
172
9.2.1
PKI Services
176
9.2.2
Types of PKI Entities and Their Functionalities
184
9.3
Privilege Management Infrastructures
186
9.4
Conclusions
1.90
References
190
if
Smart Cards and Tokens
193
10.1
New Applications, New Threats
193
10.1.1
Typical Smart Card Application Domains
195
10.1.2
The World of Tokens
196
10.1.3
New Threats for Security and Privacy
197
10.2
Smart Cards
198
10.2.1
Architecture I99
10.2.2
Smart Card Operating System
200
10.2.3
Communication Protocols
201
10.3
Side-Channel Analysis
202
10.3.1
Power-Analysis Attacks
203
10.3.2
Countermeasures Against
DPA 205
10.4
Toward the Internet of Things
206
10.4.1
Advanced Contactless Technology
207
Contents
¡x
10.4.2
Cloning and Authentication
208
10.4.3
Privacy and Espionage
209
10.5
Conclusions
210
References
210
Privacy and Privacy-Enhancing Technologies
213
11.1
The Concept of Privacy
214
11.2
Privacy Challenges of Emerging Technologies
215
11.2.1
Location-Based Services
215
11.2.2
Radio Frequency Identification
217
11.3
Legal Privacy Protection
218
11.3.1 EU Data
Protection Directive 95/46/EC
219
11.3.2 EU
E-Communications Directive 2002/58/EC
221
11.3.3
Data Retention Directive 2006/24/EC
222
11.3.4
Privacy Legislation in the United States
223
11.4
Classification of PETs
224
11.4.1
Class
1:
PETs for Minimizing or Avoiding Personal Data
224
11.4.2
Class
2:
PETs for the Safeguarding of Lawful Data Processing
225
11.4.3
Class
3:
PETs Providing a Combination of Classes
1 & 2 226
11.5
Privacy Enhancing Technologies for Anonymous Communication
227
11.5.1
Broadcast Networks and Implicit Addresses
228
11.5.2
DC-Networks
229
11.5.3
Mix Nets
231
11.5.4
Private Information Retrieval
232
11.5.5
New Protocols Against Local Attacker Model:
Onion Routing, Web Mixes, and P2P Mechanisms
234
11.6
Spyware and Spyware Countermeasures
237
11.7
Conclusions
239
References
239
иадивииииаиииидц»
цщ
іт щці ірі
I
INI ili all I
Content Filtering Technologies and the Law
243
12.1
Filtering: A Technical Solution as a Legal Solution or Imperative?
243
12.1.1
Filtering Categories
244
12.1.2
A Legal Issue
245
12.2
Content Filtering Technologies
246
12.2.1
Blocking at the Content Distribution Mechanism
246
12.2.2
Blocking at the End-User Side
248
12.2.3
Recent Research Trends: The Multistrategy Web
Filtering Approach
253
12.3
Content-Filtering Tools
253
12.4
Under- and Overblocking: Is Filtering Effective?
254
12.5
Filtering: Protection and/or Censorship?
255
12.5.1
The U.S. Approach
255
12.5.2
The European Approach
256
Contents
12.5.3
Filtering
As Privatization of Censorship?
257
12.5.4
ISPs Role and Liability
259
12.6
Filtering As Cross-National Issue
259
12.6.1
Differing Constitutional Values: The Case of Yahoo!
260
12.6.2
Territoriality, Sovereignty, and Jurisdiction in the Internet Era
261
12.7
Conclusions
262
References
262
Model for Cybercrime Investigations
267
13.1
Definitions
267
13.2
Comprehensive Model of Cybercrime Investigation
269
13.2.1
Existing Models
270
13.2.2
The Extended Model
272
13.2.3
Comparison with Existing Models
278
13.2.4
Advantages and Disadvantages of the Model
278
13.2.5
Application of the Model
279
13.3
Protecting the Evidence
279
13.3.1
Password Protected
280
13.3.2
Encryption
280
13.3.3
User Authentication
280
13.3.4
Access Control
281
13.3.5
Integrity Check
281
13.4
Conclusions
281
References
282
Systemic-Holistic Approach to ICT Security
283
14.1
Aims and Objectives
283
14.2
Theoretical Background to the Systemic-Holistic Model
283
14.3
The Systemic-Holistic Model and Approach
285
14.4
Security and Control Versus Risk
—
Cybernetics
290
14.5
Example of System Theories As Control Methods
294
14.5.1
Soft System Methodology
294
14.5.2
General Living Systems Theory
299
14.5.3
Beer s %ble Systems Model
302
14.6
Can Theory and Practice Unite?
304
14.7
Conclusions
305
References
305
Ρ
Electronic Voting Systems
307
15.1
Requirements for an Internet-Based E-Voting System
307
15.1.1
Functional Requirements
308
Contents xi
15.2
Cryptography
and E-
Voting Protocols
311
15.2.1
Cryptographic Models for Remote
E-
Voting
312
15.2.2
Cryptographic Protocols for Polling-Place E-Voting
317
15.3
Conclusions
318
References
319
On Mobile Wiki Systems Security
323
16.1
Blending Wiki and Mobile Technology
325
16.2
Background Information
326
16.3
The Proposed Solution
328
16.3.1
General Issues
329
16.3.2
Architecture
330
16.3.3
Authentication and Key Agreement Protocol Description
331
16.3.4
Confidentiality: Integrity of Communication
333
16.4
Conclusions
334
References
334
About the Authors
337
Index
347
|
| adam_txt |
Contents
Preface
xiii
Introduction
Security
Concepts, Services,
and Threats
5
2.1
Definitions
5
2.2
Threats and Vulnerabilities
8
2.2.1
Threat Types
8
2.2.2
Vulnerabilities
8
2.2.3
Attacks and Misuse
9
2.2.4
Impacts and Consequences of Security Breaches
11
2.3
Security Services and Safeguards
12
2.3.1
Identifying Assets and Risks
14
2.3.2
Security Objectives
14
2.3.3
Perspectives on Protection
15
2.4
Conclusions
19
References
20
Business-Integrated Information Security Management
21
3.1
Business-Integrated Information Security Management
21
3.2
Applying The PDCA Model to Manage Information Security
22
3.3
Information Security Management Through Business
Process Management
24
3.4
Factors Affecting the Use of Systematic Managerial Tools
in Business-Integrated Information Security Management
27
3.5
Information Security Management Standardization and International
Business Management
28
3.6
Business Continuity Management
31
3.7
Conclusions
33
References
33
v¡
Contents
User
/Authentication
Technologies
35
4.1
Authentication Based On Secret Knowledge
36
4.1.1
Principles of Secret Knowledge Approaches
36
«4.1.2
Passwords
36
4.1.3
Alternative Secret-Knowledge Approaches
40
4.14
Attacks Against Secret Knowledge Approaches
44
4.2
.Authentication Based On Tokens
45
4.2.1
Principles of Token-Based Approaches
45
4.2.2
Token Technologies
45
4.2.3
Two-Factor Authentication
47
4.2.4
Attacks Against Tokens
47
4.3
^Authentication Based On Biometrics
48
4.3.1
Principles of
Biometrie
Technology
48
4.3.2
Biometrie
Technologies
51
4.3.3
Attacks Against Biometrics
55
4.4
Operational Considerations
56
4.5
Conclusions
57
References
58
Authorization and Access Control
61
5.1
Discretionary Access Control
(DAC)
61
5.1.1
Implementation Alternatives
62
5.1.2
Discussion of
DAC
63
5.2
Mandatory Access Control
64
5.2.1
Need-to-Know Model
64
5.2.2
Military Security Model
65
5.2.3
Discussion of MAC
67
5.3
Other Classic Approaches
67
5.3.1
Personal Knowledge Approach
67
5.3.2
Clark and Wilson Model
68
5.3.3
Chinese Wall Policy
69
5.4
Role-Based Access Control
70
5.4.1
Core
RBÂC
71
5.4.2
Hierarchical RBAC
72
5.4.3
Constraint RBAC
73
5.4.4
Discussion of RBAC
74
5.5
Attribute-Based Access Control
74
5*.5.1
ABAC
—
A Unified Model for Attribute-Based Access Control
75
5 .5.2
Designing ABAC Policies with UML
77
5.5.3
Representing Classic Access Control Models
79
5 .5.4
Extensible Access Control Markup Language
80
5.5.5
Discussion of ABAC
84
5.6
Conclusions
§4
References
85
Contents
vii
Data-Centric Applications 87
6.1
Security in
Relational Databases 87
6.1.1
View-Based Protection
88
6.1.2
SQL Grant/Revoke
90
6.1.3
Structural Limitations
93
6.2
Multilevel Secure Databases
94
6.2.1
Polyinstantiation and Side Effects
96
6.2.2
Structural Limitations
97
6.3
Role-Based Access Control in Database Federations
99
6.3.1
Taxonomy of Design Choices
99
6.3.2
Alternatives Chosen in IRO-DB
101
6.4
Conclusions
102
References
103
Modern Cryptology
105
7.1
Introduction
105
7.2
Encryption for Secrecy Protection
106
7.2.1
Symmetric Encryption
108
7.2.2
Public-Key Encryption
114
7.3
Hashing and Signatures for Authentication
121
7.3.1
Symmetric Authentication
121
7.3.2
Digital Signatures
125
7.4
Analysis and Design of Cryptographic Algorithms
127
7.4.1
Different Approaches in Cryptography
127
7.4.2
Life Cycle of a Cryptographic Algorithm
129
7.4.3
Insecure Versus Secure Algorithms
130
7.5
Conclusions
133
References
134
Network Security
139
8.1
Network Security Architectures
139
8.1.1
ISO/OSI Network Security Architecture
140
8.1.2
ISO/OSI Network Security Services
140
8.1.3
Internet Security Architecture
142
8.2
Security at the Network Layer
144
8.2.1
Layer
2
Forwarding Protocol (L2F)
144
8.2.2
Point-to-Point Tunneling Protocol (PPTP)
144
8.2.3
Layer
2
Tunneling Protocol (L2TP)
145
8.3
Security at the Internet Layer
145
8.3.1
IP Security Protocol (IPSP)
146
8.3.2
Internet Key Exchange Protocol
148
8.4
Security at the Transport Layer
149
8.4.1
Secure Shell
150
і
Contents
8.4.2
The Secure Sockets Layer Protocol
151
8.4.3
Transport Layer Security Protocol
152
8.5
Security at the Application Layer
153
8.5.1
Secure Email
153
8.5.2
Web Transactions
154
8.5.3
Domain Name System
155
8.5.4
Network Management
155
8.5.5
Distributed Authentication and Key Distribution Systems
157
8.5.6
Firewalls
158
8.6
Security in Wireless Networks
158
8.7
Network Vulnerabilities
161
8.8
Remote Attacks
162
8.8.1
Types of Attacks
162
8.8.2
Severity of Attacks
164
8.8.3
Typical Attack Scenario
164
8.8.4
Typical Attack Examples
165
8.9
Anti-Intrusion Approaches
165
8.9.1
Intrusion Detection and Prevention Systems
166
8.10
Conclusions
167
References
167
ШееШёШ
Standard Public Key and Privilege Management Infrastructures
171
9.1
Key Management and Authentication
171
9.2
Public Key Infrastructures
172
9.2.1
PKI Services
176
9.2.2
Types of PKI Entities and Their Functionalities
184
9.3
Privilege Management Infrastructures
186
9.4
Conclusions
1.90
References
190
if
Smart Cards and Tokens
193
10.1
New Applications, New Threats
193
10.1.1
Typical Smart Card Application Domains
195
10.1.2
The World of Tokens
196
10.1.3
New Threats for Security and Privacy
197
10.2
Smart Cards
198
10.2.1
Architecture I99
10.2.2
Smart Card Operating System
200
10.2.3
Communication Protocols
201
10.3
Side-Channel Analysis
202
10.3.1
Power-Analysis Attacks
203
10.3.2
Countermeasures Against
DPA 205
10.4
Toward the Internet of Things
206
10.4.1
Advanced Contactless Technology
207
Contents
¡x
10.4.2
Cloning and Authentication
208
10.4.3
Privacy and Espionage
209
10.5
Conclusions
210
References
210
Privacy and Privacy-Enhancing Technologies
213
11.1
The Concept of Privacy
214
11.2
Privacy Challenges of Emerging Technologies
215
11.2.1
Location-Based Services
215
11.2.2
Radio Frequency Identification
217
11.3
Legal Privacy Protection
218
11.3.1 EU Data
Protection Directive 95/46/EC
219
11.3.2 EU
E-Communications Directive 2002/58/EC
221
11.3.3
Data Retention Directive 2006/24/EC
222
11.3.4
Privacy Legislation in the United States
223
11.4
Classification of PETs
224
11.4.1
Class
1:
PETs for Minimizing or Avoiding Personal Data
224
11.4.2
Class
2:
PETs for the Safeguarding of Lawful Data Processing
225
11.4.3
Class
3:
PETs Providing a Combination of Classes
1 & 2 226
11.5
Privacy Enhancing Technologies for Anonymous Communication
227
11.5.1
Broadcast Networks and Implicit Addresses
228
11.5.2
DC-Networks
229
11.5.3
Mix Nets
231
11.5.4
Private Information Retrieval
232
11.5.5
New Protocols Against Local Attacker Model:
Onion Routing, Web Mixes, and P2P Mechanisms
234
11.6
Spyware and Spyware Countermeasures
237
11.7
Conclusions
239
References
239
иадивииииаиииидц»
цщ
іт'щці ірі
I
INI ili all'I
Content Filtering Technologies and the Law
243
12.1
Filtering: A Technical Solution as a Legal Solution or Imperative?
243
12.1.1
Filtering Categories
244
12.1.2
A Legal Issue
245
12.2
Content Filtering Technologies
246
12.2.1
Blocking at the Content Distribution Mechanism
246
12.2.2
Blocking at the End-User Side
248
12.2.3
Recent Research Trends: The Multistrategy Web
Filtering Approach
253
12.3
Content-Filtering Tools
253
12.4
Under- and Overblocking: Is Filtering Effective?
254
12.5
Filtering: Protection and/or Censorship?
255
12.5.1
The U.S. Approach
255
12.5.2
The European Approach
256
Contents
12.5.3
Filtering
As Privatization of Censorship?
257
12.5.4
ISPs' Role and Liability
259
12.6
Filtering As Cross-National Issue
259
12.6.1
Differing Constitutional Values: The Case of Yahoo!
260
12.6.2
Territoriality, Sovereignty, and Jurisdiction in the Internet Era
261
12.7
Conclusions
262
References
262
Model for Cybercrime Investigations
267
13.1
Definitions
267
13.2
Comprehensive Model of Cybercrime Investigation
269
13.2.1
Existing Models
270
13.2.2
The Extended Model
272
13.2.3
Comparison with Existing Models
278
13.2.4
Advantages and Disadvantages of the Model
278
13.2.5
Application of the Model
279
13.3
Protecting the Evidence
279
13.3.1
Password Protected
280
13.3.2
Encryption
280
13.3.3
User Authentication
280
13.3.4
Access Control
281
13.3.5
Integrity Check
281
13.4
Conclusions
281
References
282
Systemic-Holistic Approach to ICT Security
283
14.1
Aims and Objectives
283
14.2
Theoretical Background to the Systemic-Holistic Model
283
14.3
The Systemic-Holistic Model and Approach
285
14.4
Security and Control Versus Risk
—
Cybernetics
290
14.5
Example of System Theories As Control Methods
294
14.5.1
Soft System Methodology
294
14.5.2
General Living Systems Theory
299
14.5.3
Beer's \%ble Systems Model
302
14.6
Can Theory and Practice Unite?
304
14.7
Conclusions
305
References
305
Ρ
Electronic Voting Systems
307
15.1
Requirements for an Internet-Based E-Voting System
307
15.1.1
Functional Requirements
308
Contents xi
15.2
Cryptography
and E-
Voting Protocols
311
15.2.1
Cryptographic Models for Remote
E-
Voting
312
15.2.2
Cryptographic Protocols for Polling-Place E-Voting
317
15.3
Conclusions
318
References
319
On Mobile Wiki Systems Security
323
16.1
Blending Wiki and Mobile Technology
325
16.2
Background Information
326
16.3
The Proposed Solution
328
16.3.1
General Issues
329
16.3.2
Architecture
330
16.3.3
Authentication and Key Agreement Protocol Description
331
16.3.4
Confidentiality: Integrity of Communication
333
16.4
Conclusions
334
References
334
About the Authors
337
Index
347 |
| any_adam_object | 1 |
| any_adam_object_boolean | 1 |
| author_GND | (DE-588)1038562899 |
| building | Verbundindex |
| bvnumber | BV035046533 |
| callnumber-first | Q - Science |
| callnumber-label | QA76 |
| callnumber-raw | QA76.9.A25 |
| callnumber-search | QA76.9.A25 |
| callnumber-sort | QA 276.9 A25 |
| callnumber-subject | QA - Mathematics |
| classification_rvk | ST 276 |
| classification_tum | DAT 461f DAT 620f |
| ctrlnum | (OCoLC)213468741 (DE-599)BVBBV035046533 |
| dewey-full | 005.8 |
| dewey-hundreds | 000 - Computer science, information, general works |
| dewey-ones | 005 - Computer programming, programs, data, security |
| dewey-raw | 005.8 |
| dewey-search | 005.8 |
| dewey-sort | 15.8 |
| dewey-tens | 000 - Computer science, information, general works |
| discipline | Informatik |
| discipline_str_mv | Informatik |
| format | Book |
| fullrecord | <?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>02220nam a2200553zc 4500</leader><controlfield tag="001">BV035046533</controlfield><controlfield tag="003">DE-604</controlfield><controlfield tag="005">20130822 </controlfield><controlfield tag="007">t</controlfield><controlfield tag="008">080910s2008 xxuad|| |||| 00||| eng d</controlfield><datafield tag="010" ind1=" " ind2=" "><subfield code="a">2008271231</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">1596932287</subfield><subfield code="9">1-59693-228-7</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9781596932289</subfield><subfield code="9">978-1-59693-228-9</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)213468741</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)BVBBV035046533</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-604</subfield><subfield code="b">ger</subfield><subfield code="e">aacr</subfield></datafield><datafield tag="041" ind1="0" ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="044" ind1=" " ind2=" "><subfield code="a">xxu</subfield><subfield code="c">US</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-355</subfield><subfield code="a">DE-703</subfield><subfield code="a">DE-91G</subfield></datafield><datafield tag="050" ind1=" " ind2="0"><subfield code="a">QA76.9.A25</subfield></datafield><datafield tag="082" ind1="0" ind2=" "><subfield code="a">005.8</subfield><subfield code="2">22</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">ST 276</subfield><subfield code="0">(DE-625)143642:</subfield><subfield code="2">rvk</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">DAT 461f</subfield><subfield code="2">stub</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">DAT 620f</subfield><subfield code="2">stub</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Securing information and communications systems</subfield><subfield code="b">principles, technologies, and applications</subfield><subfield code="c">Steven M. Furnell ... eds.</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="a">Boston [u.a.]</subfield><subfield code="b">Artech House</subfield><subfield code="c">2008</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">XIV, 362 S.</subfield><subfield code="b">Ill., graph. Darst.</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="b">n</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="b">nc</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="490" ind1="0" ind2=" "><subfield code="a">Artech House information security and privacy series</subfield></datafield><datafield tag="490" ind1="0" ind2=" "><subfield code="a">Artech House computer security series</subfield></datafield><datafield tag="500" ind1=" " ind2=" "><subfield code="a">Literaturangaben</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Chiffrement (Informatique)</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Infrastructure à clé publique (Sécurité informatique)</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Réseaux d'ordinateurs - Sécurité - Mesures</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Systèmes informatiques - Sécurité - Mesures</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Sécurité informatique</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Computer networks</subfield><subfield code="x">Security measures</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Computer security</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Data encryption (Computer science)</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Betriebliches Informationssystem</subfield><subfield code="0">(DE-588)4069386-7</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Computersicherheit</subfield><subfield code="0">(DE-588)4274324-2</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="689" ind1="0" ind2="0"><subfield code="a">Betriebliches Informationssystem</subfield><subfield code="0">(DE-588)4069386-7</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2="1"><subfield code="a">Computersicherheit</subfield><subfield code="0">(DE-588)4274324-2</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2=" "><subfield code="5">DE-604</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Furnell, Steven</subfield><subfield code="d">1970-</subfield><subfield code="e">Sonstige</subfield><subfield code="0">(DE-588)1038562899</subfield><subfield code="4">oth</subfield></datafield><datafield tag="856" ind1="4" ind2="2"><subfield code="m">Digitalisierung UB Regensburg</subfield><subfield code="q">application/pdf</subfield><subfield code="u">http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=016715270&sequence=000004&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA</subfield><subfield code="3">Inhaltsverzeichnis</subfield></datafield><datafield tag="999" ind1=" " ind2=" "><subfield code="a">oai:aleph.bib-bvb.de:BVB01-016715270</subfield></datafield></record></collection> |
| id | DE-604.BV035046533 |
| illustrated | Illustrated |
| index_date | 2024-07-02T21:54:58Z |
| indexdate | 2024-07-09T21:20:58Z |
| institution | BVB |
| isbn | 1596932287 9781596932289 |
| language | English |
| lccn | 2008271231 |
| oai_aleph_id | oai:aleph.bib-bvb.de:BVB01-016715270 |
| oclc_num | 213468741 |
| open_access_boolean | |
| owner | DE-355 DE-BY-UBR DE-703 DE-91G DE-BY-TUM |
| owner_facet | DE-355 DE-BY-UBR DE-703 DE-91G DE-BY-TUM |
| physical | XIV, 362 S. Ill., graph. Darst. |
| publishDate | 2008 |
| publishDateSearch | 2008 |
| publishDateSort | 2008 |
| publisher | Artech House |
| record_format | marc |
| series2 | Artech House information security and privacy series Artech House computer security series |
| spelling | Securing information and communications systems principles, technologies, and applications Steven M. Furnell ... eds. Boston [u.a.] Artech House 2008 XIV, 362 S. Ill., graph. Darst. txt rdacontent n rdamedia nc rdacarrier Artech House information security and privacy series Artech House computer security series Literaturangaben Chiffrement (Informatique) Infrastructure à clé publique (Sécurité informatique) Réseaux d'ordinateurs - Sécurité - Mesures Systèmes informatiques - Sécurité - Mesures Sécurité informatique Computer networks Security measures Computer security Data encryption (Computer science) Betriebliches Informationssystem (DE-588)4069386-7 gnd rswk-swf Computersicherheit (DE-588)4274324-2 gnd rswk-swf Betriebliches Informationssystem (DE-588)4069386-7 s Computersicherheit (DE-588)4274324-2 s DE-604 Furnell, Steven 1970- Sonstige (DE-588)1038562899 oth Digitalisierung UB Regensburg application/pdf http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=016715270&sequence=000004&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA Inhaltsverzeichnis |
| spellingShingle | Securing information and communications systems principles, technologies, and applications Chiffrement (Informatique) Infrastructure à clé publique (Sécurité informatique) Réseaux d'ordinateurs - Sécurité - Mesures Systèmes informatiques - Sécurité - Mesures Sécurité informatique Computer networks Security measures Computer security Data encryption (Computer science) Betriebliches Informationssystem (DE-588)4069386-7 gnd Computersicherheit (DE-588)4274324-2 gnd |
| subject_GND | (DE-588)4069386-7 (DE-588)4274324-2 |
| title | Securing information and communications systems principles, technologies, and applications |
| title_auth | Securing information and communications systems principles, technologies, and applications |
| title_exact_search | Securing information and communications systems principles, technologies, and applications |
| title_exact_search_txtP | Securing information and communications systems principles, technologies, and applications |
| title_full | Securing information and communications systems principles, technologies, and applications Steven M. Furnell ... eds. |
| title_fullStr | Securing information and communications systems principles, technologies, and applications Steven M. Furnell ... eds. |
| title_full_unstemmed | Securing information and communications systems principles, technologies, and applications Steven M. Furnell ... eds. |
| title_short | Securing information and communications systems |
| title_sort | securing information and communications systems principles technologies and applications |
| title_sub | principles, technologies, and applications |
| topic | Chiffrement (Informatique) Infrastructure à clé publique (Sécurité informatique) Réseaux d'ordinateurs - Sécurité - Mesures Systèmes informatiques - Sécurité - Mesures Sécurité informatique Computer networks Security measures Computer security Data encryption (Computer science) Betriebliches Informationssystem (DE-588)4069386-7 gnd Computersicherheit (DE-588)4274324-2 gnd |
| topic_facet | Chiffrement (Informatique) Infrastructure à clé publique (Sécurité informatique) Réseaux d'ordinateurs - Sécurité - Mesures Systèmes informatiques - Sécurité - Mesures Sécurité informatique Computer networks Security measures Computer security Data encryption (Computer science) Betriebliches Informationssystem Computersicherheit |
| url | http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=016715270&sequence=000004&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA |
| work_keys_str_mv | AT furnellsteven securinginformationandcommunicationssystemsprinciplestechnologiesandapplications |