Computer and information security handbook:
This book presents information on how to analyze risks to your networks and the steps needed to select and deploy the appropriate countermeasures to reduce your exposure to physical and network threats. It also imparts the skills and knowledge needed to identify and counter some fundamental security...
Gespeichert in:
| Format: | Buch |
|---|---|
| Sprache: | English |
| Veröffentlicht: |
Amsterdam [u.a.]
Morgan Kaufmann
2009
|
| Schriftenreihe: | The Morgan Kauffmann series in computer security
|
| Schlagworte: | |
| Online-Zugang: | Inhaltsverzeichnis |
| Zusammenfassung: | This book presents information on how to analyze risks to your networks and the steps needed to select and deploy the appropriate countermeasures to reduce your exposure to physical and network threats. It also imparts the skills and knowledge needed to identify and counter some fundamental security risks and requirements, inlcuding Internet security threats and measures (audit trails IP sniffing/spoofing etc.) and how to implement security policies and procedures. In addition, this book also covers security and network design with respect to particular vulnerabilities and threats. It also covers risk assessment and mitigation and auditing and testing of security systems. --from publisher description |
| Beschreibung: | xxxii, 844 p. ill. 29 cm |
Internformat
MARC
| LEADER | 00000nam a2200000 c 4500 | ||
|---|---|---|---|
| 001 | BV035607466 | ||
| 003 | DE-604 | ||
| 005 | 20090916 | ||
| 007 | t | ||
| 008 | 090708s2009 a||| |||| 00||| eng d | ||
| 015 | |a GBA938836 |2 dnb | ||
| 020 | |z 9780123743541 |9 978-0-12-374354-1 | ||
| 035 | |a (OCoLC)299240534 | ||
| 035 | |a (DE-599)BVBBV035607466 | ||
| 040 | |a DE-604 |b ger |e rakwb | ||
| 041 | 0 | |a eng | |
| 049 | |a DE-473 |a DE-824 |a DE-2070s | ||
| 050 | 0 | |a QA76.9.A25 | |
| 082 | 0 | |a 005.8 |2 22 | |
| 084 | |a ST 276 |0 (DE-625)143642: |2 rvk | ||
| 245 | 1 | 0 | |a Computer and information security handbook |c edited by John R. Vacca |
| 264 | 1 | |a Amsterdam [u.a.] |b Morgan Kaufmann |c 2009 | |
| 300 | |a xxxii, 844 p. |b ill. |c 29 cm | ||
| 336 | |b txt |2 rdacontent | ||
| 337 | |b n |2 rdamedia | ||
| 338 | |b nc |2 rdacarrier | ||
| 490 | 0 | |a The Morgan Kauffmann series in computer security | |
| 520 | 3 | |a This book presents information on how to analyze risks to your networks and the steps needed to select and deploy the appropriate countermeasures to reduce your exposure to physical and network threats. It also imparts the skills and knowledge needed to identify and counter some fundamental security risks and requirements, inlcuding Internet security threats and measures (audit trails IP sniffing/spoofing etc.) and how to implement security policies and procedures. In addition, this book also covers security and network design with respect to particular vulnerabilities and threats. It also covers risk assessment and mitigation and auditing and testing of security systems. --from publisher description | |
| 650 | 4 | |a Computer networks / Security measures | |
| 650 | 4 | |a Computer networks |x Security measures | |
| 650 | 0 | 7 | |a Informationssystem |0 (DE-588)4072806-7 |2 gnd |9 rswk-swf |
| 650 | 0 | 7 | |a Datensicherung |0 (DE-588)4011144-1 |2 gnd |9 rswk-swf |
| 650 | 0 | 7 | |a Computersicherheit |0 (DE-588)4274324-2 |2 gnd |9 rswk-swf |
| 650 | 0 | 7 | |a Rechnernetz |0 (DE-588)4070085-9 |2 gnd |9 rswk-swf |
| 655 | 7 | |0 (DE-588)4143413-4 |a Aufsatzsammlung |2 gnd-content | |
| 689 | 0 | 0 | |a Computersicherheit |0 (DE-588)4274324-2 |D s |
| 689 | 0 | |5 DE-604 | |
| 689 | 1 | 0 | |a Datensicherung |0 (DE-588)4011144-1 |D s |
| 689 | 1 | |5 DE-604 | |
| 689 | 2 | 0 | |a Computersicherheit |0 (DE-588)4274324-2 |D s |
| 689 | 2 | 1 | |a Rechnernetz |0 (DE-588)4070085-9 |D s |
| 689 | 2 | |5 DE-604 | |
| 689 | 3 | 0 | |a Informationssystem |0 (DE-588)4072806-7 |D s |
| 689 | 3 | 1 | |a Datensicherung |0 (DE-588)4011144-1 |D s |
| 689 | 3 | |5 DE-604 | |
| 700 | 1 | |a Vacca, John R. |d 1947- |e Sonstige |0 (DE-588)115294341 |4 oth | |
| 856 | 4 | 2 | |m HBZ Datenaustausch |q application/pdf |u http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=017662656&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA |3 Inhaltsverzeichnis |
| 999 | |a oai:aleph.bib-bvb.de:BVB01-017662656 | ||
Datensatz im Suchindex
| _version_ | 1804139277332774913 |
|---|---|
| adam_text | Titel: Computer and information security handbook
Autor: Vacca, John R.
Jahr: 2009
Contents
Foreword xxi
Preface xxiii
Acknowledgments xxvii
About the Editor xxix
Contributors xxxi
Part I
Overview of System and Network
Security: A Comprehensive
Introduction
1. Building a Secure Organization 3
John Mallery
1. Obstacles to Security
Security Is Inconvenient
Computers Are Powerful and Complex
Computer Users Are Unsophisticated
Computers Created Without a Thought
to Security
Current Trend Is to Share, Not Protect
Data Accessible from Anywhere
Security Isn t About Hardware
and Software
The Bad Guys Are Very Sophisticated
Management Sees Security as a Drain
on the Bottom Line
2. Ten Steps to Building a Secure Organization
A. Evaluate the Risks and Threats
B. Beware of .Common Misconceptions
C. Provide Security Training for
IT Staff—Now and Forever
D. Think Outside the Box
E. Train Employees: Develop a Culture
of Security
F. Identify and Utilize Built-in Security
Features of the Operating System and
Applications
C. Monitor Systems
H. Hire a Third Party to Audit Security
I. Don t Forget the Basics
J. Patch, Patch, Patch
2. A Cryptography Primer :
Scott R. Ellis
1. What is Cryptography?
What is Encryption?
How Is Cryptography Done?
2. Famous Cryptographic Devices 24
The Lorenz Cipher 24
Enigma 24
3. Ciphers 25
The Substitution Cipher 25
The Shift Cipher 26
The Polyalphabetic Cipher 29
The Kasiski/Kerckhoff Method 30
4. Modern Cryptography 31
The Vernam Cipher (Stream Cipher) 31
The One-Time Pad 32
Cracking Ciphers 33
The XOR Cipher and Logical Operands 34
Block Ciphers 35
5. The Computer Age 36
Data Encryption Standard 36
Theory of Operation 37
Implementation 38
Rivest, Shamir, and Adleman (RSA) 38
Advanced Encryption Standard
(AES or Rijndael) 38
4 A 3 Preventing System Intrusions 39
¦4- Michael West
5 r 1. So, What is an Intrusion? 39
3 2. Sobering Numbers 40
r 3. Know Your Enemy: Hackers Versus
J r Crackers 40
O r 4. Motives 41
D o 5. Tools of the Trade 41
O 6. Bots 42
Q 7. Symptoms of Intrusions 43
y 8. What Can You Do? 43
10 Know Today s Network Needs 44
11 Network Security Best Practices 45
i Z 9. Security Policies 45
10. Risk Analysis 46
1 A Vulnerability Testing 46
I H 1 A Audits 47
I O 1 7 Recovery 47
1 / 11. Tools of Your Trade 47
19 on Firewalls • 47
ZU Intrusion Prevention Systems 47
Application Firewalls 48
»3 Access Control Systems 48
Unified Threat Management 49
12. Controlling User Access 49
Authentication, Authorization,
23 and Accounting 49
24 What the User Knows 49
Ill y Contents
What the User Has 50 6. Safeguarding Vital Data by Securing
The User Is Authenticated, Local and Network File Systems 76
But Is She Authorized? 50 Directory Structure and Partitioning
Accounting 51 for Security 76
Keeping Current 51
13. Conclusion 51 6. Eliminating the Security Weakness
4. Guarding Against Network Intrusions 53 of Linux and Unix Operating Systems 79
Tom Chen and Patrick]. Walsh Mario Santana
1. Traditional Reconnaissance and Attacks 2. Malicious Software Lures and Pull Attacks 3. Defense in Depth 4. Preventive Measures Access Control 53 56 57 58 59 59 1. Introduction to Linux and Unix What Is Unix? What Is Linux? System Architecture 2. Hardening Linux and Unix Network Hardening 79 79 80 82 84 84
Vulnerability Testing and Patching ( Inçino Pnrtç 59 60 Host Hardening Systems Management Security 88 90
v_iU3iiig ruiib uu 3. Proactive Defense for Linux and Unix 90
Firewalls Antivirus and Antispyware Tools Spam Filtering Honeypots bu 61 62 62 Vulnerability Assessment Incident Response Preparation Organizational Considerations 90 91 92
Network Access Control 63
5. Intrusion Monitoring and Detection 63 7. Internet Security 93
Host-Based Monitoring 64
Traffic Monitoring 64 yesse Walker
Signature-Based Detection 64 1. Internet Protocol Architecture 93
Behavior Anomalies 65 Communications Architecture Basics 94
Intrusion Prevention Systems 65 Getting More Specific 95
6. Reactive Measures 65 2. An Internet Threat Model 100
Quarantine 65 The Dolev-Yao Adversary Model 101
Traceback 7. Conclusions 66 66 Layer Threats 3. Defending Against Attacks on 101
5. Unix and Linux Security 67 the Internet Layer Session Defenses 105 106
Gerald Beuchelt Session Startup Defenses 113
4. Conclusion 117
1. Unix and Security 67
The Aims of System Security 67 8. The Botnet Problem 119
Achieving Unix Security 67
2. Basic Unix Security Traditional Unix Systems 68 68 Xinyuan Wang and Daniel Ramsbrock
Standard File and Device Access 1. Introduction 119
Semantics 69 2. Botnet Overview 120
4. Protecting User Accounts Origins of Botnets 120
and Strengthening Authentication 71 Botnet Topologies and Protocols 120
Establishing Secure Account Use 71 3. Typical Bot Life Cycle 122
The Unix Login Process 71 4. The Botnet Business Model 123
Controlling Account Access 71 5. Botnet Defense 124
Noninteractive Access 72 Detecting and Removing
Other Network Authentication Individual Bots 124
Mechanisms 73 Detecting C C Traffic 125
Risks of Trusted Hosts and Networks 73 Detecting and Neutralizing
Replacing Telnet, rlogin, and FTP the C C Servers 125
Servers and Clients with SSH 73 Attacking Encrypted C C Channels 126
5. Reducing Exposure to Threats by Locating and Identifying the Botmaster 128
Limiting Superuser Privileges 74 6. Botmaster Traceback 128
Controlling Root Access 74 Traceback Challenges 129
Contents
7.
Traceback Beyond the Internet
Summary
9. Intranet Security
Bill Mansoor
10.
130
132
133
1. Plugging the Caps: NAC
and Access Control 136
2. Measuring Risk: Audits 137
3. Guardian at the Gate: Authentication
and Encryption 138
4. Wireless Network Security 139
5. Shielding the Wire: Network
Protection 141
6. Weakest Link in Security:
User Training 142
7. Documenting the Network:
Change Management 142
8. Rehearse the Inevitable:
Disaster Recovery 143
9. Controlling Hazards: Physical
and Environmental Protection 145
10. Know Your Users:
Personnel Security 146
11. Protecting Data Flow:
Information and System Integrity 146
12. Security Assessments 147
13. Risk Assessments 148
14. Conclusion 148
Local Area Network Security 149
Dr. Pramod Pandya
1. Identify network threats 150
Disruptive 150
Unauthorized Access 150
2. Establish Network Access Controls 150
3. Risk Assessment 151
4. Listing Network Resources 151
5. Threats 151
6. Security Policies 151
7. The Incident-handling Process 152
8. Secure Design Through Network
Access Controls 152
9. Ids Defined 153
10. NIDS: Scope and Limitations 154
11. A Practical Illustration of NIDS 154
UDP Attacks 154
TCP SYN (Half-Open) Scanning 155
Some Not-So-Robust Features
of NIDS 156
12. Firewalls 158
Firewall Security Policy 159
Configuration Script for sf Router 160
13. Dynamic Nat Configuration 160
14. The Perimeter 160
15. Access List Details 162
16. Types of Firewalls 162
17. Packet Filtering: IP Filtering Routers 162
18. Application-layer Firewalls:
Proxy Servers 163
19. Stateful Inspection Firewalls 163
20. NIDS Complements Firewalls 163
21. Monitor and Analyze
System Activities 163
Analysis Levels 164
22. Signature Analysis 164
23. Statistical Analysis 164
24. Signature Algorithms 164
Pattern Matching 164
Stateful Pattern Matching 165
Protocol Decode-based Analysis 165
Heuristic-Based Analysis 166
Anomaly-Based Analysis 166
11. Wireless Network Security 169
Chunming Rong and Erdal Cayirci
1. Cellular Networks 169
Cellular Telephone Networks 170
802.11 Wireless LANs 170
2. Wireless Ad Hoc Networks 171
Wireless Sensor Networks 1 71
Mesh Networks 171
3. Security Protocols 172
WEP 172
WPA and WPA2 173
SPINS: Security Protocols for
Sensor Networks 173
4. Secure Routing 175
SEAD 175
Ariadne 176
ARAN 176
SLSP 177
5. Key Establishment 177
Bootstrapping 177
Key Management 178
References 181
12. Cellular Network Security 183
Peng Liu, Thomas F. LaPorta and
Kameswari Kotapati
1. Introduction 183
2. Overview of Cellular Networks 184
Overall Cellular Network
Architecture 184
Core Network Organization 185
Call Delivery Service 185
3. The State of the Art of Cellular
Network Security 186
Security in the Radio Access
Network 186
Security in Core Network 187
Security Implications of Internet
Connectivity 188
Security Implications of PSTN
Connectivity 188
4. Cellular Network Attack Taxonomy 189
Abstract Model 189
Abstract Model Findings 189
Three-Dimensional Attack
Taxonomy 192
5. Cellular Network Vulnerability
Analysis 193
Cellular Network Vulnerability
Assessment Toolkit (CAT) 195
Advanced Cellular Network
Vulnerability Assessment
Toolkit (aCAT) 1 98
Cellular Network Vulnerability
Assessment Toolkit for evaluation
(eCAT) 199
6. Discussion 201
References 202
13. RFID Security 205
Chunming Rong and Erdal Cayirci
1. RFID Introduction 205
RFID System Architecture 205
RFID Standards 207
RFID Applications 208
2. RFID Challenges 209 15.
Counterfeiting 209
Sniffing 209
Tracking 209
Denial of Service 210
Other Issues 210
Comparison of All Challenges 212
3. RFID Protections 212
Basic RFID System 212
RFID System Using Symmetric-Key
Cryptography 215
RFID System Using Public-key
Cryptography 217
References 219
Partii
Managing Information Security
14. Information Security Essentials
for IT Managers, Protecting
Mission-Critical Systems 225
Albert Caballero
1. Information Security Essentials
for IT Managers, Overview 225
Scope of Information Security
Management 225
CISSPTen Domains of Information
Security 225
What is a Threat? 227
Common Attacks 228
Contents
Impact of Security Breaches 231
2. Protecting Mission-critical Systems 231
Information Assurance 231
Information Risk Management 231
Defense in Depth 233
Contingency Planning 233
3. Information Security from
the Ground Up 236
Physical Security 236
Data Security 237
Systems and Network Security 239
Business Communications Security 241
Wireless Security 242
Web and Application Security 246
Security Policies and Procedures 247
Security Employee Training
and Awareness 248
4. Security Monitoring
and Effectiveness 249
Security Monitoring Mechanisms 250
Incidence Response and Forensic
Investigations 251
Validating Security Effectiveness 251
References 252
Security Management Systems 255
Joe Wright and Jim Harmening
1. Security Management
System Standards 255
2. Training Requirements 256
3. Principles of Information Security 256
4. Roles and Responsibilities
of Personnel 256
5. Security Policies 256
6. Security Controls 257
7. Network Access 257
8. Risk Assessment 257
9. Incident Response 258
0. Summary 258
Information Technology Security
Management 259
Rahul Bhaskerand Bhushan Kapoor
1. Information Security Management
Standards 259
Federal Information Security
Management Act 259
International Standards Organization 260
Other Organizations Involved
in Standards 260
2. Information Technology
security aspects 260
Security Policies and Procedures 261
IT Security Processes 263
3. Conclusion 267
Consents
17. Identity Management
269 19.
18.
Dr. Jean-Marc Seigneur and Dr. Tewfiq El
Malika
1. Introduction 269
2. Evolution of Identity Management
Requirements 269
Digital Identity Definition 270
Identity Management Overview 270
Privacy Requirement 272
User-Centricity 272
Usability Requirement 273
3. The Requirements Fulfilled
by Current Identity Management
Technologies 274
Evolution of Identity Management 274
Identity 2.0 278
4. Identity 2.0 for Mobile Users 286
Mobile Web 2.0 286
Mobility 287
Evolution of Mobile Identity 287
The Future of Mobile User-Centric
Identity Management in an Ambient
Intelligence World 290
Research Directions 292
5. Conclusion 292
Intrusion Prevention and
Detection Systems 293
Christopher Day
1. What is an Intrusion, Anyway? 293
Physical Theft 293
Abuse of Privileges (The Insider Threat) 293
2. Unauthorized Access by an
Outsider 294
3. Malware Infection 294
4. The Role of the 0-day 295
5. The Rogue s Gallery:
Attackers and Motives 296
6. A Brief Introduction to TCP/IP 297
7. The TCP/IP data Architecture and
Data Encapsulation 298
8. Survey of Intrusion Detection
and Prevention Technologies 300
9. Anti-Malware Software 301
10. Network-based Intrusion
Detection Systems 302
11. Network-based Intrusion
Prevention Systems 303
12. Host-based Intrusion
Prevention Systems 304
13. Security Information
Management Systems 304
14. Network Session Analysis 304
15. Digital Forensics 305
16. System Integrity Validation 306
17. Putting it all Together 306
Computer Forensics 307
Scoii R. Ellis
1. What is Computer Forensics? 307
2. Analysis of Data 308
Computer Forensics and Ethics,
Green Home Plate Gallery View 309
Database Reconstruction 310
3. Computer Forensics in the Court
System 310
4. Understanding Internet History 312
5. Temporary Restraining Orders
and Labor Disputes 312
Divorce 313
Patent Infringement 313
When to Acquire, When to
Capture Acquisition 313
Creating Forensic Images Using
Software and Hardware
Write Blockers 313
Live Capture of Relevant Files 314
Redundant Array of Independent
(or Inexpensive) Disks (RAID) 314
File System Analyses 314
NTFS 315
The Role of the Forensic Examiner
in Investigations and File
Recovery 31 5
Password Recovery 31 7
File Carving 318
Things to Know: How Time stamps
Work 320
Experimental Evidence 321
Email Headers and Time stamps,
Email Receipts, and Bounced
Messages 322
Steganography Covered Writing 324
5. First Principles 325
6. Hacking a Windows XP Password 325
Net User Password Hack 325
Lanman Hashes and Rainbow
Tables 325
Password Reset Disk 326
Memory Analysis and the Trojan
Defense 326
User Artifact Analysis 326
Recovering Lost and Deleted Files 327
Email 327
Internet History 327
7. Network Analysis 328
Protocols 328
Analysis 328
8. Computer Forensics Applied 329
Tracking. Inventory, Location
of Files, Paperwork, Backups,
and So On 329
Testimonial 329
Experience Needed 329
Job Description, Technologist 329
Job Description Management 330
Commercial Uses 330
Solid Background 330
Education/Certification 330
Programming and Experience 331
Publications 331
9. Testifying as an Expert 332
Degrees of Certainty 332
Certainty Without Doubt 334
10. Beginning to End in Court 334
Defendants, Plaintiffs,
and Prosecutors 334
Pretrial Motions 335
Trial: Direct and Cross-Examination 335
Rebuttal 335
Surrebuttal 335
Testifying: Rule 702. Testimony
by Experts 335
Correcting Mistakes: Putting Your
Head in the Sand 336
20. Network Forensics 339
Yong Cuan
1. Scientific Overview 339
2. The Principles of Network Forensics 340
3. Attack Traceback and Attribution 341
IPTraceback 341
Stepping-Stone Attack Attribution 344
4. Critical Needs Analysis 346
5. Research Directions 346
VoIP Attribution 346
21. Firewalls 349
Dr. Errin W. Fulp
1. Network Firewalls 349
2. Firewall Securitv Policies 350
Rule-Match Policies 351
3. A Simple Mathematical Model
for Policies, Rules, and Packets 351
4. First-match Firewall Policy
Anomalies 352
5. Policy Optimization 352
Policy Reordering 352
Combining Rules 353
Default Accept or Deny? 353
6. Firewall Types 353
Packet Filter 354
Stdteful Packet Firewalls 354
Application Laver Firewalls 354
7. Host and Network Firewalls 355
8. Software and Hardware Firewall
Implementations 355
9. Choosing the Correct Firewall 355
10. Firewall Placement and
Network Topology 356
Demilitarized Zones 357
Perimeter Networks 357
Contents
Two-Router Configuration 357
Dual-Homed Host 358
Network Configuration Summary 358
11. Firewall Installation and
Configuration 358
12. Supporting Outgoing Services
Through Firewall Configuration 359
Forms of State 359
Payload Inspection 360
13. Secure External Services
Provisioning 360
14. Network Firewalls for Voice and
Video Applications 360
Packet Filtering H.323 361
15. Firewalls and Important
Administrative Service Protocols 361
Routing Protocols 361
Internet Control Message
Protocol 362
Network Time Protocol 362
Central Log File Management 362
Dynamic Host Configuration
Protocol 363
16. Internal IP Services Protection 363
17. Firewall Remote Access
Configuration 364
18. Load Balancing and
Firewall Arrays 365
Load Balancing in Real Life 365
How to Balance the Load 365
Advantages and Disadvantages
of Load Balancing 366
19. Highly Available Firewalls 366
Load Balancer Operation 366
Interconnection of Load Balancers
and Firewalls 366
20. Firewall Management 367
21. Conclusion 367
22. Penetration Testing
369
Sanjay Bavisi
1. What is Penetration Testing? 369
2. How does Penetration Testing
Differ from an Actual Hack? 370
3. Types of Penetration Testing 371
4. Phases of Penetration Testing 373
The Pre-Attack Phase 373
The Attack Phase 373
The Post-Attack Phase 373
5. Defining What s Expected 374
6. The Need for a Methodology 375
7. Penetration Testing
Methodologies 375
8. Methodology in Action 376
EC-Council LPT Methodology 376
9. Penetration Testing Risks 378
10. Liability Issues 378
11. Legal Consequences 379
Contents
I, xiii
12. Get out of jail free Card 379
13. Penetration Testing Consultants 379
14. Required Skill Sets 380
15. Accomplishments 380
16. Hiring a Penetration Tester 380
17. Why Should a Company
Hire You? 381
Qualifications 381
Work Experience 381
Cutting-Edge Technical Skills 381
Communication Skills 381
Attitude 381
Team Skills 381
Company Concerns 381
18. All s Well that Ends Well 382
23. What Is Vulnerability
Assessment? 383
Aimantas Kakareka
1. Reporting 383
2. The It Won t Happen to Us Factor 383
3. Why Vulnerability Assessment? 384
4. Penetration Testing Versus
Vulnerability Assessment 384
5. Vulnerability Assessment Goal 385
6. Mapping the Network 385
7. Selecting the Right Scanners 386
8. Central Scans Versus Local Scans 387
9. Defense in Depth Strategy 388
10. Vulnerability Assessment Tools 388
Nessus 388
GFI LANguard 389
Retina 389
Core Impact 389
ISS Internet Scanner 389
X-Scan 389
Sara 389
QualysGuard 389
SAINT 389
MBSA _ 389
11. Scanner Performance 390
12. Scan Verification 390
13. Scanning Cornerstones 390
14. Network Scanning
Countermeasures 390
15. Vulnerability Disclosure Date 391
Find Security Holes Before
They Become Problems 391
16. Proactive Security Versus Reactive
Security 392
17. Vulnerability Causes 392
Password Management Flaws 392
Fundamental Operating
System Design Flaws 392
Software Bugs 392
Unchecked User Input 392
18. DI Y Vulnerability Assessment 393
19. Conclusion 393
Partili
Encryption Technology
24. Data Encryption 397
Dr. Bhushan Kapoor and Dr. Pramod
Pandya
1. Need for Cryptography 398
Authentication 398
Confidentiality 398
Integrity 398
Nonrepudiation 398
2. Mathematical Prelude to Cryptography 398
Mapping or Function 398
Probability 398
Complexity 398
3. Classical Cryptography 399
The Euclidean Algorithm 399
The Extended Euclidean Algorithm 399
Modular Arithmetic 399
Congruence 400
Residue Class 400
Inverses 400
Fundamental Theorem
of Arithmetic 400
Congruence Relation Defined 401
Substitution Cipher 401
Transposition Cipher 402
4. Modern Symmetric Ciphers 402
S-Box 403
P-Boxes 403
Product Ciphers 404
5. Algebraic Structure 404
Definition Group 404
Definitions of Finite and Infinite
Groups (Order of a Group) 404
Definition Abelian Group 404
Examples of a Group 404
Definition: Subgroup 405
Definition: Cyclic Group 405
Rings 405
Definition: Field 405
Finite Fields GF(2n) 405
Modular Polynomial Arithmetic
OverGf(2) 406
Using a Generator to Represent
the Elements of GF(2n) 406
GF(23) Is a Finite Field 407
6. The Internal Functions of Rijndael
in AES Implementation 407
Mathematical Preliminaries 408
State 408
7. Use of ModernBlock Ciphers 412
The Electronic Code Book (ECB) 412
Cipher-Block Chaining (CBC) 412
8. Public-key Cryptography 412
Review: Number Theory 412
9. Cryptanalysis of RSA 416
Factorization Attack 416
Contents
25.
10. Diffie-Hellman Algorithm
11. Elliptic Curve Cryptosystems
An Example
Example of Elliptic Curve Addition
EC Security
12. Message Integrity and
Authentication
Cryptographic Hash Functions
Message Authentication
Digital Signature
Message Integrity Uses a Hash
Function in Signing the Message
RSA Digital Signature Scheme
RSA Digital Signature and
the Message Digest
13. Summary
References
Satellite Encryption
Daniel S. Soper
1. The Need for Satellite Encryption
2. Satellite Encryption Policy
3. Implementing Satellite Encryption
General Satellite Encryption Issues
Uplink Encryption
Extraplanetary Link Encryption
Downlink Encryption
417
417
418
418
419 10.
11.
419
419
420
420 12.
13.
420 14.
420 15.
16.
420
421
421
423
423
425
426
426
428
428
429
4. The Future of Satellite Encryption 430
26. Public Key Infrastructure 433
Terence Spies
1. Cryptographic Background 433
Digital Signatures 433
Public Key Encryption 434
2. Overview of PKI 435
3. The X.509 Model 436
The History of X.509 436
The X.509 Certificate Model 436
4. X.509 Implementation Architectures 437
5. X.509 Certificate Validation 439
Validation Step 1 : Construct the
Chain and Validate Signatures 439
Validation Step 2: Check Validity
Dates, Policy and Key Usage 439
Validation Step 3: Consult
Revocation Authorities 440
6. X.509 Certificate Revocation 440
Online Certificate Status Protocol 441
7. Server-based Certificate
Validity Protocol 442
8. X.509 Bridge Certification
Systems 443
Mesh PKIs and Bridge CAs 443
9. X.509 Certificate Format 444
X.509 VI andV2 Format 445
17.
X.509 V3 Format 445
X.509 Certificate Extensions 445
Policy Extensions 446
Certificate Policy 446
PKI Policy Description 447
PKI Standards Organizations 448
IETF PKIX 448
SDSI/SPKI 448
IETF Open PGP 448
PGP Certificate Formats 449
PGP PKI Implementations 449
W3C 449
Alternative PKI Architectures 450
Modified X.509 Architectures 450
Perl man and Kaufman s User-Centric
PKI 450
Gutmann s Plug and Play PKI 450
Callas s Self-Assembling PKI 450
Alternative Key Management Models 450
27. Instant-Messaging Security
453
Samuel J.). Curry
1. Why Should I Care About
Instant Messaging? 453
2. What is Instant Messaging? 453
3. The Evolution of Networking
Technologies 454
4. Game Theory and Instant Messaging 455
Your Workforce 455
Generational Gaps 456
Transactions 457
5. The Nature of the Threat 457
Malicious Threat 458
Vulnerabilities 459
Man-in-the-Middle Attacks 459
Phishing and Social Engineering 459
Knowledge Is the Commodity 459
Data and Traffic Analysis 460
Unintentional Threats 460
Regulatory Concerns 461
6. Common IM Applications 461
Consumer Instant Messaging 461
Enterprise Instant Messaging 461
Instant-Messaging Aggregators 462
Backdoors: Instant Messaging
Via Other Means (HTML) 462
Mobile Dimension 462
7. Defensive Strategies 462
8. Instant-messaging Security Maturity
and Solutions 463
Asset Management 463
Built-in Security 463
Content Filtering 463
Classic Security 463
Compliance 464
Data Loss Prevention 464
Logging 464
Archival 464
Contents
9. Processes 464
Instant-Messaging Activation
and Provisioning 464 6.
Application Review 464
People 464
Revise 464
Audit 464 7.
10. Conclusion 465 8.
Example Answers to Key Factors 466
(xv )
Part IV
Privacy and Access Management
28. NET Privacy
Approach for Obtaining Near
Well-Formed Privacy Policies 497
The Privacy Management Model 497
How Privacy Policies Are Used 497
Personal Privacy Policy Negotiation 499
Personal Privacy Policy Compliance 502
Discussion and Related Work 502
Conclusions and Future Work 505
30. Virtual Private Networks 507
Jim Harmening and Joe Wright
469
Marco Cremonini, Chiara Braghin and Claudio
Agostino Ardagna
4.
5.
Privacy in the Digital Society 469
The Origins, The Debate 469
Privacy Threats 471
The Economics of Privacy 474
The Value of Privacy 474
Privacy and Business 475
Privacy-Enhancing Technologies 476
Languages for Access Control
and Privacy Preferences 476
Data Privacy Protection 478
Privacy for Mobile Environments 480
Network Anonymity 482
Onion Routing 483
Anonymity Services 484
Conclusion 485
29. Personal Privacy Policies
Dr. George Yee and Larry Korba
487
31.
1. Introduction 487
2. Content of Personal Privacy Policies 488
Privacy Legislation and Directives 488
Requirements from Privacy Principles 488
Privacy Policy Specification 490
3. Semiautomated Derivation
of Personal Privacy Policies 490
An Example 492
Retrieval from a Community of Peers 493
4. Specifying Well-formed Personal
Privacy Policies 494
Unexpected Outcomes 494
Outcomes From the Way the
Matching Policy Was Obtained 494
5. Preventing Unexpected Negative
Outcomes 496
Definition 1 496
Definition 2 496
Rules for Specifying Near
Well-Formed Privacy Policies 496
1. History 508
2. Who is in Charge? 511
3. VPN Types 512
IPsec 512
L2TP 512
L2TPv3 513
L2F 513
PPTPVPN 513
MPLS 514
MPVPN™ 514
SSH 514
SSL-VPN 514
TLS 514
4. Authentication Methods 515
Hashing 515
H MAC 515
MD5 515
SHA-1 515
5. Symmetric Encryption 516
6. Asymmetric Cryptography 516
7. Edge Devices 516
8. Passwords 516
9. Hackers and Crackers 517
Identity Theft 519
Markus Jacobsson and Alex Tsow
1. Experimental Design 520
Authentic Payment Notification:
Plain Versus Fancy Layout 522
Strong Phishing Message: Plain
Versus Fancy Layout 525
Authentic Promotion: Effect of
Small Footers 525
Weak Phishing Message 527
Authentic Message 528
Login Page 528
Login Page: Strong and Weak
Content Alignment 529
Login Page: Authentic and Bogus
(But Plausible) URLs 532
Login Page: Hard and Soft
Emphasis on Security 532
Bad URL, with and without SSL
and Endorsement Logo 535
High-Profile Recall Notice 535
Contents
Low-Profile Class-Action Lawsuit 535
2. Results and Analysis 535
3. Implications for Crimeware 546
Example: Vulnerability of Web-Based
Update Mechanisms 547
Example: The Unsubscribe
Spam Attack 547
The Strong Narrative Attack 548
4. Conclusion 548
32. VoIP Security 551
Dan Wing and Harsh Kupwade Patii
1. Introduction 551
VoIP Basics 551
2. Overview of Threats 553
Taxonomy of Threats 553
Reconnaissance of VoIP Networks 553
Denial of Service 554
Loss of Privacy 555
Exploits 557
3. Security in VoIP 558
Preventative Measures 558
Reactive 559
4. Future Trends 560
Forking Problem in SIP 560
Security in Peer-to-Peer SIP 561
End-to-End Identity with SBCs 563
5. Conclusion 564
PartV
Storage Security
33. SAN Security 567
John McGowan, Jeffrey Bardin and
John McDonald
1. Organizational Structure 567
AAA 568
Restricting Access to Storage 569
2. Access Control Lists (ACL)
and Policies 570
Data Integrity Field (DIF) 570
3. Physical Access 571
4. Change Management 571
5. Password Policies 571
6. Defense in Depth 571
7. Vendor Security Review 571
8. Data Classification 571
9. Security Management 572
Security Setup 572
Unused Capabilities 572
10. Auditing 572
Updates 572
Monitoring 572
Securitv Maintenance 572
34.
35.
11. Management Access: Separation of
Functions 573
Limit Tool Access 573
Secure Management Interfaces 573
12. Host Access: Partitioning 573
SJD Checking 574
13. Data Protection: Replicas 574
Erasure 574
Potential Vulnerabilities and Threats 575
Physical Attacks 575
Management Control Attacks 575
Host Attacks 575
World Wide Name Spoofing 576
Man-in-the-Middle Attacks 576
E-Port Replication Attack 576
Denial-of-Service Attacks 577
Session Hijacking Attacks 577
15. Encryption in Storage 577
The Process 577
Encryption Algorithms 578
Key Management 579
Configuration Management 580
16. Application of Encryption 580
Risk Assessment and Management 580
Modeling Threats 580
Use Cases for Protecting Data
at Rest 581
Use Considerations 582
Deployment Options 582
17. Conclusion 588
References 589
Storage Area Networking
Devices Security 591
Robert Rounsavall
1. What is a SAN? 591
2. SAN Deployment Justifications 591
3. The Critical Reasons for SAN Security 592
Why Is SAN Security Important? 592
4. SAN Architecture and Components 593
SAN Switches 593
5. SAN General Threats and Issues 594
SAN Cost: A Deterrent to Attackers 594
Physical Level Threats, Issues,
and Risk Mitigation 594
Logical Level Threats, Vulnerabilities,
and Risk Mitigation 596
6. Conclusion 603
Risk Management 605
Sokratis K. Katsikas
1. The Concept of Risk 606
2. Expressing and Measuring Risk 606
3. The Risk Management Methodology 609
Context Establishment 609
Contents
ÇjXVÏl
Risk Assessment 610 Authentication 653
Risk Treatment 612 Identification 654
Risk Communication 614 4. Security Considerations 655
Risk Monitoring and Review 614 Error Rates 655
Integrating Risk Management into the Doddington s Zoo 656
System Development Life Cycle 614 Birthday Attacks 656
Critique of Risk Management Comparing Technologies 657
as a Methodology 615 Storage of Templates 658
Risk Management Methods 616 5. Conclusion 659
Risk Management Laws and
Regulations Risk Management Standards 620 623 38. Homeland Security 661
Summary 625 Rahul R/iactar Ph D anri Rhuchan K; mrtnr
4.
5.
6.
Part VI
Physical Security
36. Physical Security Essentials 629
William Stallings
1. Overview 629
2. Physical Security Threats 630
Natural Disasters 630
Environmental Threats 631
Technical Threats 633
Human-Caused Physical Threats 634
3. Physical Security Prevention
and Mitigation Measures 634
Environmental Threats 634
Technical Threats 635
Human-Caused Physical Threats 635
4. Recovery from Physical Security
Breaches 636
5. Threat Assessment, Planning,
and Plan Implementation 636
Threat Assessment 636
Planning and Implementation 637
6. Example: A Corporate Physical
Security Policy 637
7. Integration of Physical and
Logical Security 639
References 643
37. Biometrics 645
Luther Martin
1. Relevant Standards 646
2. Biometrie System Architecture 647
Data Capture 648
Signal Processing 648
Matching 649
Data Storage 649
Decision 649
Adaptation 652
3. Using Biometrie Systems 652
Enrollment 652
3.
4.
Statutory Authorities 661
The USA PATRIOT Act of 2001
(PL 107-56) 661
The Aviation and Transporation
Security Act of 2001 (PL 107-71) 663
Enhanced Border Security and
Visa Entry Reform Act of 2002
(PL 107-173) 663
Public Health Security, Bioterrorism
Preparedness Response Act
of 2002 (PL 107-188) 664
Homeland Security Act of 2002
(PL 107-296) 665
E-Covernment Act of 2002
(PL 107-347) 666
Homeland Security Presidential
Directives 667
Organizational Actions 669
Department of Homeland
Security Subcomponents 669
State and Federal Organizations 669
The Governor s Office of Homeland
Security 670
California Office of Information
Security and Privacy Protection 670
Private Sector Organizations
for Information Sharing 670
Conclusion 674
Information Warfare
Jan Eloff and Anna Granova
677
1. Information Warfare Model 677
2. Information Warfare Defined 678
3. IW: Myth or Reality? 678
4. Information Warfare: Making
IW Possible 680
Offensive Strategies 680
5. Preventative Strategies 685
6. Legal Aspects of IW 686
Terrorism and Sovereignty 686
Liability Under International Law 686
Remedies Under International Law 687
Developing Countries Response 689
Contents
7. Holistic View of Information
Warfare
8. Conclusion
Part VII
Advanced Security
40. Security Through Diversity
Kevin Noble
689
690
693
1. Ubiquity
2. Example Attacks Against Uniformity
3. Attacking Ubiquity With Antivirus Tools
4. The Threat of Worms
5. Automated Network Defense
6. Diversity and the Browser
7. Sandboxing and Virtualization
8. DNS Example of Diversity
through Security
9. Recovery from Disaster is Survival
10. Conclusion
41. Reputation Management
Dr. Jean-Marc Seigneur
693
694
694
695
697
698
698
699
699
700
701
1. The Human Notion of Reputation 702
2. Reputation Applied to the
Computing World 704
3. State of the Art of Attack-resistant
Reputation Computation 708
4. Overview of Current Online
Reputation Service 711
eBay 711
Opinity 713
Rapleaf 714
Venyo 715
TrustPlus + Xing + Zoomlnfo +
SageFire 716
Navmz + Trufina 717
The CORB 719
Reputation Defender 720
Summarizing Table 720
5. Conclusion 720
42. Content Filtering 723
Peter Nicoletti
1. The Problem with Content
Filtering 723
2. User Categories, Motivations,
and Justifications 724
Schools 725
Commercial Business 725
Financial Organizations 725
Healthcare Organizations 725
Internet Service Providers 725
U.S. Government 725
Other Governments 725
Libraries 725
Parents 726
3. Content Blocking Methods 726
Banned Word Lists 726
URL Block 726
Category Block 726
Bayesian Filters 727
Safe Search Integration to Search
Engines with Content Labeling 727
Content-Based Image Filtering
(CBIF) 727
4. Technology and Techniques for
Content-Filtering Control 728
Internet Gateway-Based Products/
Unified Threat Appliances 728
5. Categories 732
6. Legal Issues 735
Federal Law: ECPA 735
CIPA: The Children s Internet
Protection Act 735
The Trump Card of Content
Filtering: The National Security
Letter 736
ISP Content Filtering Might Be
a Five-Year Felony 736
7. Issues and Problems with Content
Filtering 737
Bypass and Circumvention 737
Client-Based Proxies 737
Open Proxies 739
HTTP Web-Based Proxies
(Public and Private) 739
Secure Public Web-Based Proxies 739
Process Killing 739
Remote PC Control Applications 739
Overblocking and Underblocking 740
Blacklist and Whitelist
Determination 740
Casual Surfing Mistake 740
Getting the List Updated 740
Time-of-Day Policy Changing 740
Override Authorization Methods 740
Hide Content in Noise or Use
Steganography 740
Nonrepudiation: Smart Cards,
ID Cards for Access 740
Warn and Allow Methods 740
Integration with Spam Filtering tools 740
Detect Spyware and Malware
in the HTTP Payload 740
Integration with Directory Servers 740
Language Support 741
Financial Considerations Are
Important 741
Scalability and Usability 741
Performance Issues 742
Reporting Is a Critical Requirement 742
Bandwidth Usage 742
Contents
Precision Percentage and Recall 742
9. Related Products 743
10. Conclusion 743
43. Data Loss Protection 745
6. Previous Logon Information
Configuration
Security Considerations
Appendix B Security Management
and Resiliency
773
774
774
775
Ken Perkins John R. Vacca
1. Precursors of DLP 747
2. What is DLP? 748 Appendix C List of Top Security
3. Where to Begin? 753 Implementation and
4. Data is Like Water 5. You Don t Know What You 754 Deployment Companies 777
Don t Know 755 List of SAN Implementation
Precision versus Recall 756 and Deployment Companies 778
6. How Do DLP Applications Work? 756 SAN Security Implementation
7. Eat Your Vegetables 757 and Deployment Companies: 778
Data in Motion 757
Data at Rest 758 Appendix D List of Security
Data in Use 758 Products 781
8. It s a Family Affair, Not Just
it Security s Problem 760 Security Software 781
9. Vendors, Vendors Everywhere!
Who Do You Believe? 762 Appendix E List of Security
10. Conclusion 762 Standards 783
Appendix F List of Miscellaneous
Part VIII Security Resources 785
Appendices Conferences 785
Consumer Information 785
Appendix A Configuring Authentication Directories 786
Service on Microsoft Windows Vista 765 Help and Tutorials Mailing Lists News and Media 786 786 787
John R. Vacca Organizations Products and Tools 787 788
1. Backup and Restore of Stored Research 790
Usernames and Passwords 765 Content Filtering Links 791
Automation and Scripting 765 Other Logging Resources 791
Security Considerations 765
2. Credential Security.Service Provider Appendix G Ensuring Built-in
and SSO for Terminal Services Logon Requirements Configuration 765 766 766 Frequency Hopping Spread Spectrum
Security Considerations 766 Wireless Network
3. TLS/SSL Cryptographic Security 793
Enhancements 766
AES Cipher Suites 766 Accomplishment 793
ECC Cipher Suites 767 Background 793
Schannel CNG Provider Model 768 Additional Information 793
Default Cipher Suite Preference 769
Previous Cipher Suites 769 Appendix H Configuring Wireless
4. Kerberos Enhancements 769 Internet Security
AES 769 Remote Access 795
Read-Only Domain Controller
and Kerberos Authentication 770 Adding the Access Points as RADIUS
5. Smart Card Authentication Changes 770 Clients to IAS 795
Additional Changes to Common Adding Access Points to the first
Smart Card Logon Scenarios 771 IAS Server 795
Scripting the Addition of Access Points to Appendix I
IAS Server (Alternative Procedure) 795
Configuring the Wireless Access Points 796
Enabling Secure WLAN Authentication
on Access Points
Additional Settings to Secure
Wireless Access Points
Replicating RADIUS Client Configuration
to Other IAS Servers 798
796 Appendix J
797 Index
Contents
Frequently Asked Questions 799
Glossary 801
817
|
| any_adam_object | 1 |
| author_GND | (DE-588)115294341 |
| building | Verbundindex |
| bvnumber | BV035607466 |
| callnumber-first | Q - Science |
| callnumber-label | QA76 |
| callnumber-raw | QA76.9.A25 |
| callnumber-search | QA76.9.A25 |
| callnumber-sort | QA 276.9 A25 |
| callnumber-subject | QA - Mathematics |
| classification_rvk | ST 276 |
| ctrlnum | (OCoLC)299240534 (DE-599)BVBBV035607466 |
| dewey-full | 005.8 |
| dewey-hundreds | 000 - Computer science, information, general works |
| dewey-ones | 005 - Computer programming, programs, data, security |
| dewey-raw | 005.8 |
| dewey-search | 005.8 |
| dewey-sort | 15.8 |
| dewey-tens | 000 - Computer science, information, general works |
| discipline | Informatik |
| format | Book |
| fullrecord | <?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>02805nam a2200541 c 4500</leader><controlfield tag="001">BV035607466</controlfield><controlfield tag="003">DE-604</controlfield><controlfield tag="005">20090916 </controlfield><controlfield tag="007">t</controlfield><controlfield tag="008">090708s2009 a||| |||| 00||| eng d</controlfield><datafield tag="015" ind1=" " ind2=" "><subfield code="a">GBA938836</subfield><subfield code="2">dnb</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="z">9780123743541</subfield><subfield code="9">978-0-12-374354-1</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)299240534</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)BVBBV035607466</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-604</subfield><subfield code="b">ger</subfield><subfield code="e">rakwb</subfield></datafield><datafield tag="041" ind1="0" ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-473</subfield><subfield code="a">DE-824</subfield><subfield code="a">DE-2070s</subfield></datafield><datafield tag="050" ind1=" " ind2="0"><subfield code="a">QA76.9.A25</subfield></datafield><datafield tag="082" ind1="0" ind2=" "><subfield code="a">005.8</subfield><subfield code="2">22</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">ST 276</subfield><subfield code="0">(DE-625)143642:</subfield><subfield code="2">rvk</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Computer and information security handbook</subfield><subfield code="c">edited by John R. Vacca</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="a">Amsterdam [u.a.]</subfield><subfield code="b">Morgan Kaufmann</subfield><subfield code="c">2009</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">xxxii, 844 p.</subfield><subfield code="b">ill.</subfield><subfield code="c">29 cm</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="b">n</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="b">nc</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="490" ind1="0" ind2=" "><subfield code="a">The Morgan Kauffmann series in computer security</subfield></datafield><datafield tag="520" ind1="3" ind2=" "><subfield code="a">This book presents information on how to analyze risks to your networks and the steps needed to select and deploy the appropriate countermeasures to reduce your exposure to physical and network threats. It also imparts the skills and knowledge needed to identify and counter some fundamental security risks and requirements, inlcuding Internet security threats and measures (audit trails IP sniffing/spoofing etc.) and how to implement security policies and procedures. In addition, this book also covers security and network design with respect to particular vulnerabilities and threats. It also covers risk assessment and mitigation and auditing and testing of security systems. --from publisher description</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Computer networks / Security measures</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Computer networks</subfield><subfield code="x">Security measures</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Informationssystem</subfield><subfield code="0">(DE-588)4072806-7</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Datensicherung</subfield><subfield code="0">(DE-588)4011144-1</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Computersicherheit</subfield><subfield code="0">(DE-588)4274324-2</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Rechnernetz</subfield><subfield code="0">(DE-588)4070085-9</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="655" ind1=" " ind2="7"><subfield code="0">(DE-588)4143413-4</subfield><subfield code="a">Aufsatzsammlung</subfield><subfield code="2">gnd-content</subfield></datafield><datafield tag="689" ind1="0" ind2="0"><subfield code="a">Computersicherheit</subfield><subfield code="0">(DE-588)4274324-2</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2=" "><subfield code="5">DE-604</subfield></datafield><datafield tag="689" ind1="1" ind2="0"><subfield code="a">Datensicherung</subfield><subfield code="0">(DE-588)4011144-1</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="1" ind2=" "><subfield code="5">DE-604</subfield></datafield><datafield tag="689" ind1="2" ind2="0"><subfield code="a">Computersicherheit</subfield><subfield code="0">(DE-588)4274324-2</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="2" ind2="1"><subfield code="a">Rechnernetz</subfield><subfield code="0">(DE-588)4070085-9</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="2" ind2=" "><subfield code="5">DE-604</subfield></datafield><datafield tag="689" ind1="3" ind2="0"><subfield code="a">Informationssystem</subfield><subfield code="0">(DE-588)4072806-7</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="3" ind2="1"><subfield code="a">Datensicherung</subfield><subfield code="0">(DE-588)4011144-1</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="3" ind2=" "><subfield code="5">DE-604</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Vacca, John R.</subfield><subfield code="d">1947-</subfield><subfield code="e">Sonstige</subfield><subfield code="0">(DE-588)115294341</subfield><subfield code="4">oth</subfield></datafield><datafield tag="856" ind1="4" ind2="2"><subfield code="m">HBZ Datenaustausch</subfield><subfield code="q">application/pdf</subfield><subfield code="u">http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=017662656&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA</subfield><subfield code="3">Inhaltsverzeichnis</subfield></datafield><datafield tag="999" ind1=" " ind2=" "><subfield code="a">oai:aleph.bib-bvb.de:BVB01-017662656</subfield></datafield></record></collection> |
| genre | (DE-588)4143413-4 Aufsatzsammlung gnd-content |
| genre_facet | Aufsatzsammlung |
| id | DE-604.BV035607466 |
| illustrated | Illustrated |
| indexdate | 2024-07-09T21:41:31Z |
| institution | BVB |
| language | English |
| oai_aleph_id | oai:aleph.bib-bvb.de:BVB01-017662656 |
| oclc_num | 299240534 |
| open_access_boolean | |
| owner | DE-473 DE-BY-UBG DE-824 DE-2070s |
| owner_facet | DE-473 DE-BY-UBG DE-824 DE-2070s |
| physical | xxxii, 844 p. ill. 29 cm |
| publishDate | 2009 |
| publishDateSearch | 2009 |
| publishDateSort | 2009 |
| publisher | Morgan Kaufmann |
| record_format | marc |
| series2 | The Morgan Kauffmann series in computer security |
| spelling | Computer and information security handbook edited by John R. Vacca Amsterdam [u.a.] Morgan Kaufmann 2009 xxxii, 844 p. ill. 29 cm txt rdacontent n rdamedia nc rdacarrier The Morgan Kauffmann series in computer security This book presents information on how to analyze risks to your networks and the steps needed to select and deploy the appropriate countermeasures to reduce your exposure to physical and network threats. It also imparts the skills and knowledge needed to identify and counter some fundamental security risks and requirements, inlcuding Internet security threats and measures (audit trails IP sniffing/spoofing etc.) and how to implement security policies and procedures. In addition, this book also covers security and network design with respect to particular vulnerabilities and threats. It also covers risk assessment and mitigation and auditing and testing of security systems. --from publisher description Computer networks / Security measures Computer networks Security measures Informationssystem (DE-588)4072806-7 gnd rswk-swf Datensicherung (DE-588)4011144-1 gnd rswk-swf Computersicherheit (DE-588)4274324-2 gnd rswk-swf Rechnernetz (DE-588)4070085-9 gnd rswk-swf (DE-588)4143413-4 Aufsatzsammlung gnd-content Computersicherheit (DE-588)4274324-2 s DE-604 Datensicherung (DE-588)4011144-1 s Rechnernetz (DE-588)4070085-9 s Informationssystem (DE-588)4072806-7 s Vacca, John R. 1947- Sonstige (DE-588)115294341 oth HBZ Datenaustausch application/pdf http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=017662656&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA Inhaltsverzeichnis |
| spellingShingle | Computer and information security handbook Computer networks / Security measures Computer networks Security measures Informationssystem (DE-588)4072806-7 gnd Datensicherung (DE-588)4011144-1 gnd Computersicherheit (DE-588)4274324-2 gnd Rechnernetz (DE-588)4070085-9 gnd |
| subject_GND | (DE-588)4072806-7 (DE-588)4011144-1 (DE-588)4274324-2 (DE-588)4070085-9 (DE-588)4143413-4 |
| title | Computer and information security handbook |
| title_auth | Computer and information security handbook |
| title_exact_search | Computer and information security handbook |
| title_full | Computer and information security handbook edited by John R. Vacca |
| title_fullStr | Computer and information security handbook edited by John R. Vacca |
| title_full_unstemmed | Computer and information security handbook edited by John R. Vacca |
| title_short | Computer and information security handbook |
| title_sort | computer and information security handbook |
| topic | Computer networks / Security measures Computer networks Security measures Informationssystem (DE-588)4072806-7 gnd Datensicherung (DE-588)4011144-1 gnd Computersicherheit (DE-588)4274324-2 gnd Rechnernetz (DE-588)4070085-9 gnd |
| topic_facet | Computer networks / Security measures Computer networks Security measures Informationssystem Datensicherung Computersicherheit Rechnernetz Aufsatzsammlung |
| url | http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=017662656&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA |
| work_keys_str_mv | AT vaccajohnr computerandinformationsecurityhandbook |