Computer and information security handbook
The second edition of this comprehensive handbook of computer and information security serves as a professional reference and practitioner's guide providing the most complete view computer security and privacy available. It offers in-depth coverage of security theory, technology, and practice a...
Main Author: | |
---|---|
Format: | eBook |
Language: | English |
Published: |
Amsterdam
Morgan Kaufmann Publishers is an imprint of Elsevier
[2013], 2013
|
Edition: | 2nd ed |
Subjects: | |
Online Access: | |
Collection: | Elsevier ScienceDirect eBooks - Collection details see MPG.ReNa |
Table of Contents:
- Hackers versus Crackers
- 4.Motives
- 5.The Crackers' Tools of the Trade
- 6.Bots
- 7.Symptoms of Intrusions
- 8.What Can You Do?
- 9.Security Policies
- 10.Risk Analysis
- 11.Tools of Your Trade
- 12.Controlling User Access
- 13.Intrusion Prevention Capabilities
- 14.Summary
- Chapter Review Questions/Exercises
- Exercise
- 5.Guarding Against Network Intrusions / Patrick J. Walsh
- 1.Traditional Reconnaissance and Attacks
- 2.Malicious Software
- Protecting Mission-Critical Systems / Albert Caballero
- 1.Information Security Essentials for IT Managers, Overview
- 2.Protecting Mission-Critical Systems
- 3.Information Security from the Ground Up
- 4.Security Monitoring and Effectiveness
- 5.Summary
- Chapter Review Questions/Exercises
- Exercise
- 22.Security Management Systems / James T. Harmening
- 1.Security Management System Standards
- 2.Training Requirements
- 3.Principles of Information Security
- 5.Fault Tolerance against Crash Failures in Cloud Computing
- 6.Fault Tolerance against Byzantine Failures in Cloud Computing
- 7.Fault Tolerance as a Service in Cloud Computing
- 8.Summary
- Chapter Review Questions/Exercises
- Exercise
- Acknowledgments
- References
- 8.Securing Web Applications, Services, and Servers / Gerald Beuchelt
- 1.Setting the Stage
- 2.Basic Security for HTTP Applications and Services
- 3.Basic Security for SOAP Services
- 4.Identity Management and Web Services
- 5.Authorization Patterns
- 6.Security Considerations
- 7.Challenges
- 8.Summary
- Chapter Review Questions/Exercises
- Exercise
- 9.Unix and Linux Security / Gerald Beuchelt
- 1.Unix and Security
- 2.Basic Unix Security Overview
- 3.Achieving Unix Security
- 4.Protecting User Accounts and Strengthening Authentication
- 5.Limiting Superuser Privileges
- 6.Securing Local and Network File Systems
- 7.Network Configuration
- Chapter Review Questions/Exercises
- Exercise
- References
- 16.Wireless Sensor Network Security / Thomas M. Chen
- 1.Introduction to the Wireless Sensor Network (WSN)
- 2.Threats to Privacy
- 3.Security Measures for WSN
- 4.Secure Routing in WSN
- 5.Routing Classifications in WSN
- 6.WSN Security Framework and Standards
- 7.Summary
- Chapter Review Questions/Exercises
- Exercise
- References
- 17.Cellular Network Security / Kameswari Kotapati
- 1.Introduction
- 2.Overview of Cellular Networks
- 3.The State of the Art of Cellular Network Security
- 4.Cellular Network Attack Taxonomy
- 5.Cellular Network Vulnerability Analysis
- 6.Summary
- Chapter Review Questions/Exercises
- Exercise
- References
- 18.RFID Security / Hongbing Cheng
- 1.RFID Introduction
- 2.RFID Challenges
- 3.RFID Protections
- 4.Summary
- Chapter Review Questions/Exercises
- Exercise
- References
- 19.Optical Network Security / Lauren Collins
- 1.Optical Networks
- Includes bibliographical references and index
- Chapter Review Questions/Exercises
- Exercise
- pt. VII Physical Security
- 54.Physical Security Essentials / William Stallings
- 1.Overview
- 2.Physical Security Threats
- 3.Physical Security Prevention and Mitigation Measures
- 4.Recovery from Physical Security Breaches
- 5.Threat Assessment, Planning, and Plan Implementation
- 6.Example: A Corporate Physical Security Policy
- 7.Integration of Physical and Logical Security
- 8.Physical Security Checklist
- 9.Summary
- Chapter Review Questions/Exercises
- Exercise
- 55.Disaster Recovery / Lauren Collins
- 1.Introduction
- 2.Measuring Risk and Avoiding Disaster
- 3.The Business Impact Assessment (BIA)
- 4.Summary
- Chapter Review Questions/Exercises
- Exercise
- 56.Biometrics / Luther Martin
- 1.Relevant Standards
- 2.Biometric System Architecture
- 3.Using Biometric Systems
- 4.Security Considerations
- 5.Summary
- Chapter Review Questions/Exercises
- Exercise
- Examining the Cloud Layers
- 2.Software as a Service (SaaS): Managing Risks in the Cloud
- 3.Platform as a Service (PaaS): Securing the Platform
- 4.Infrastructure as a Service (laaS)
- 5.Leveraging Provider-Specific Security Options
- 6.Achieving Security in a Private Cloud
- 7.Meeting Compliance Requirements
- 8.Preparing for Disaster Recovery
- 9.Summary
- Chapter Review Questions/Exercises
- Exercise
- References
- 7.Fault Tolerance and Resilience in Cloud Computing Environments / Vincenzo Piuri
- 1.Introduction
- 2.Cloud Computing Fault Model
- 3.Basic Concepts on Fault Tolerance
- 4.Different Levels of Fault Tolerance in Cloud Computing
- Scope and Limitations
- 11.A Practical Illustration of NIDS
- 12.Firewalls
- 13.Dynamic NAT Configuration
- 14.The Perimeter
- 15.Access List Details
- 16.Types of Firewalls
- 17.Packet Filtering: IP Filtering Routers
- 18.Application-Layer Firewalls: Proxy Servers
- 19.Stateful Inspection Firewalls
- 20.NIDs Complements Firewalls
- 21.Monitor and Analyze System Activities
- 22.Signature Analysis
- 23.Statistical Analysis
- 24.Signature Algorithms
- 25.Local Area Network Security Countermeasures Implementation Checklist
- 26.Summary
- Chapter Review Questions/Exercises
- Exercise
- 15.Wireless Network Security / Hongbing Cheng
- 1.Cellular Networks
- 2.Wireless Ad hoc Networks
- 3.Security Protocols
- 4.WEP
- 5.Secure Routing
- 6.ARAN
- 7.SLSP
- 8.Key Establishment
- 9.ING
- 10.Management Countermeasures
- 11.Summary
- 3.The Requirements Fulfilled by Identity Management Technologies
- 4.Identity Management 1.0
- 5.Social Login and User Management
- 6.Identity 2.0 for Mobile Users
- 7.Summary
- 8.Improving the Security of Linux and Unix Systems
- 9.Additional Resources
- 10.Summary
- Chapter Review Questions/Exercises
- Exercise
- 10.Eliminating the Security Weakness of Linux and Unix Operating Systems / Mario Santana
- 1.Introduction to Linux and Unix
- 2.Hardening Linux and Unix
- 3.Proactive Defense for Linux and Unix
- 4.Summary
- Chapter Review Questions/Exercises
- Exercise
- 11.Internet Security / Jesse Walker
- 1.Internet Protocol Architecture
- 2.An Internet Threat Model
- 3.Defending against Attacks on the internet
- 4.Internet Security Checklist
- 5.Summary
- Chapter Review Questions/Exercises
- Exercise
- 12.The Botnet Problem / Xinyuan Wang
- 1.Introduction
- 2.Botnet Overview
- 3.Typical Bot Life Cycle
- 4.The Botnet Business Model
- 5.Botnet Defense
- 6.Botmaster Traceback
- 7.Preventing Botnets
- 8.Summary
- Chapter Review Questions/Exercises
- Exercise
- 13.Intranet Security / Bill Mansoor
- 5.Survey of Noteworthy Schemes
- 6.Threats to Verifiable Voting Systems
- 7.Summary
- Chapter Review Questions/Exercises
- Exercise
- References
- 70.Advanced Data Encryption / Pramod Pandya
- 1.Mathematical Concepts Reviewed
- 2.The RSA Cryptosystem
- 3.Summary
- Chapter Review Questions/Exercises
- Exercise
- References
- Penetration Testing and Vulnerability Assessments
- 2.Risk Management: Quantitative Risk Measurements
- 3.Summary
- Chapter Review Questions/Exercises
- Exercise
- 63.Fundamentals of Cryptography / Scott R. Ellis
- 1.Assuring Privacy with Encryption
- 2.Summary
- Chapter Review Questions/Exercises
- Exercise
- pt. IX Advanced Security
- 64.Security Through Diversity / Kevin Noble
- 1.Ubiquity
- 2.Example Attacks Against Uniformity
- 3.Attacking Ubiquity with Antivirus Tools
- 4.The Threat of Worms
- 5.Automated Network Defense
- 6.Diversity and the Browser
- 7.Sandboxing and Virtualization
- 8.DNS Example of Diversity Through Security
- 9.Recovery from Disaster is Survival
- 10.Summary
- Chapter Review Questions/Exercises
- Exercise
- 65.Online e-Reputation Management Services / Jean-Marc Seigneur
- 1.Introduction
- 2.The Human Notion of Reputation
- 3.Reputation Applied to the Computing World
- pt. I Overview of System and Network Security: A Comprehensive Introduction
- 1.Building a Secure Organization / John Mallery
- 1.Obstacles to Security
- 2.Computers are Powerful and Complex
- 3.Current Trend is to Share, Not Protect
- 4.Security isn't about Hardware and Software
- 5.Ten Steps to Building a Secure Organization
- 6.Preparing for the Building of Security Control Assessments
- 7.Summary
- Chapter Review Questions/Exercises
- Exercise
- 2.A Cryptography Primer / Scott R. Ellis
- 1.What is Cryptography? What is Encryption?
- 2.Famous Cryptographic Devices
- 3.Ciphers
- 4.Modern Cryptography
- 5.The Computer Age
- 6.How AES Works
- 7.Selecting Cryptography: the Process
- 8.Summary
- Chapter Review Questions/Exercises
- Exercise
- 3.Detecting System Intrusions / Almantas Kakareka
- 1.Introduction
- 2.Monitoring Key Files in the System
- 3.Security Objectives
- 4.Oday Attacks
- 5.Good Known State
- 6.Rootkits
- Myth or Reality?
- 4.Cyber Warfare: Making CW Possible
- 5.Legal Aspects of CW
- 6.Holistic View of Cyber Warfare
- 7.Summary
- Chapter Review Questions/Exercises
- Exercise
- pt. VIII Practical Security
- 59.System Security / Lauren Collins
- 1.Foundations of Security
- 2.Basic Countermeasures
- 3.Summary
- Chapter Review Questions/Exercises
- Exercise
- 60.Securing the Infrastructure / Lauren Collins
- 1.Communication Security Goals
- 2.Attacks and Countermeasures
- 3.Summary
- Chapter Review Questions/Exercises
- Exercise
- 61.Access Controls / Lauren Collins
- 1.Infrastructure Weaknesses: DAC, MAC, and RBAC
- 2.Strengthening the Infrastructure: Authentication Systems
- 3.Summary
- Chapter Review Questions/Exercises
- Exercise
- 62.Assessments and Audits / Lauren Collins
- NAC and Access Control
- 4.Measuring Risk: Audits
- 5.Guardian at the Gate: Authentication and Encryption
- 6.Wireless Network Security
- 7.Shielding the Wire: Network Protection
- 8.Weakest Link in Security: User Training
- 9.Documenting the Network: Change Management
- 10.Rehearse the Inevitable: Disaster Recovery
- 11.Controlling Hazards: Physical and Environmental Protection
- 12.Know Your Users: Personnel Security
- 13.Protecting Data Flow: Information and System Integrity
- 14.Security Assessments
- 15.Risk Assessments
- 16.Intranet Security Implementation Process Checklist
- 17.Summary
- Chapter Review Questions/Exercises
- Exercise
- 14.Local Area Network Security / Dr. Pramod Pandya
- 1.Identify Network Threats
- 2.Establish Network Access Controls
- 3.Risk Assessment
- 4.Listing Network Resources
- 5.Threats
- 6.Security Policies
- 4.Roles and Responsibilities of Personnel
- 5.Security Policies
- 6.Security Controls
- 7.Network Access
- 8.Risk Assessment
- 9.Incident Response
- 10.Summary
- Chapter Review Questions/Exercises
- Exercise
- 23.Policy-driven System Management / Stefano Paraboschi
- 1.Introduction
- 2.Security and Policy-based Management
- 3.Classification and Languages
- 4.Controls for Enforcing Security Policies in Distributed Systems
- 5.Products and Technologies
- 6.Research Projects
- 7.Summary
- Chapter Review Questions/Exercises
- Exercise
- Acknowledgments
- References
- 24.Information Technology Security Management / Bhushan Kapoor
- 1.Information Security Management Standards
- 2.Other Organizations Involved in Standards
- 3.Information Technology Security Aspects
- 4.Summary
- Chapter Review Questions/Exercises
- Exercise
- 25.Online Identity and User Management Services / Jean-Marc Seigneur
- 1.Introduction
- 2.Evolution of Identity Management Requirements
- 4.State of the Art of Attack-Resistant Reputation Computation
- 5.Overview of Current Online Reputation Service
- 6.Summary
- Chapter Review Questions/Exercises
- Exercise
- Bibliography
- 66.Content Filtering (online chapter) / Pete Nicoletti
- 67.Data Loss Protection / Ken Perkins
- 1.Precursors of DLP
- 2.What is DLP?
- 3.Where to Begin?
- 4.Data is Like Water
- 5.You Don't Know What You Don't Know
- 6.How Do DLP Applications Work?
- 7.Eat Your Vegetables
- 8.IT's a Family Affair, Not Just IT Security's Problem
- 9.Vendors, Vendors Everywhere! Who do you Believe?
- 10.Summary
- Chapter Review Questions/Exercises
- Exercise
- 68.Satellite Cyber Attack Search and Destroy / Jeffrey Bardin
- 1.Hacks, Interference, and Jamming
- 2.Summary
- Chapter Review Questions/Exercises
- Exercise
- References
- 69.Verifiable Voting Systems / Zhe Xia
- 1.Introduction
- 2.Security Requirements
- 3.Verifiable Voting Schemes
- 4.Building Blocks