• Up-to-date treatment of Web security discusses the two most important Web security standards—SSL/TLS and SET.
• Unified presentation of intruders and viruses shows students the distinct threats and similarities of hackers and viruses, in order to promote a greater understanding of both topics.
• Coverage of both PGP and S/MIME for electronic mail security familiarizes students with the two most important approaches to e-mail security, enabling them to gain an understanding of both schemes at a detailed technical level.
• Treatment of firewalls explores this integral part of any network security capability.
• Concise overview of cryptography, authentication, and digital signatures gives students a solid yet concise look at the fundamental algorithms and techniques underlying network security.
• Chapter-end homework problems introduce students to new concepts and techniques, and reinforce material in the text with more than 100 problems.
• Optional research projects guide students, via a series of assignments, through researching a particular topic on the Internet and writing a report.
• Optional programming projects enable students to cover a broad range of topics and implement them in any suitable language on any platform.
• Reading/Report assignments direct students to read and then write a short report on an assigned paper listed in the literature.
• Internet mailing list enables instructors using the text to exchange information, suggestions, and questions with each other and the author.
• Accessible presentation of authentication tools and applications includes Kerberos and X.509v3 digital certificates.
• Instructor's Resource Center (0131562126) — is a password-protected area of the Prentice Hall online catalog that enables instructors to download presentation and assessment resources quickly. This text features:
• Companion Website -- Access textbook-related resources and support materials for students and instructors maintained by the author.
• Student Resource Site -- Access a wealth of computer science-related information including mathematics reviews, how-to documents, research resources, and career explorations maintained by the author.
This book provides a practical, up-to-date, and comprehensive survey of network-based and Internet-based security applications and standards. KEY TOPICS: Covers e-mail security, IP security, Web security, and network management security. Includes a concise section on the discipline of cryptography–covering algorithms and protocols underlying network security applications, encryption, hash functions, digital signatures, and key exchange. MARKET: For system engineers, engineers, programmers, system managers, network managers, product marketing personnel, and system support specialists.
1.1 The OSI Security Architecture
1.2 Security Attacks
1.3 Security Services
1.4 Security Mechanisms
1.5 A Model for Internetwork Security
1.6 Internet Standards the Internet Society
1.7 Outline of This Book
1.8 Recommended Reading
1.9 Internet and Web Resources
2. Symmetric Encryption and Message Confidentiality
2.1 Symmetric Encryption Principles
2.2 Symmetric Encryption Algorithms
2.3 Cipher Block Modes of Operation
2.4 Location of Encryption Devices
2.5 Key Distribution
2.6 Recommended Reading and Web Sites
2.7 Key Terms, Review Questions, and Problems
3. Public-Key Cryptography and Message Authentication
3.1 Approaches to Message Authentication
3.2 Secure Hash Functions and HMAC
3.3 Public Key Cryptography Principles
3.4 Public-Key Cryptography Algorithms
3.5 Digital Signatures
3.6 Key Management
3.7 Recommended Reading and Web Sites
3.8 Key Terms, Review Questions, and Problems
Appendix 3A Prime Numbers and Modular Arithmetic
II. NETWORK SECURITY APPLICATIONS
4. Authentication Applications
4.2 X.509 Directory Authentication Service
4.3 Public Key Infrastructure
4.4 Recommended Reading and Web Sites
4.4 Key Terms, Review Questions, and Problems
Appendix 4A: Kerberos Encryption Techniques
5. Electronic Mail Security
5.1 Pretty Good Privacy (PGP)
5.3 Recommended Web Sites
5.4 Key Terms, Review Questions, and Problems
Appendix 5A: Data Compression Using ZIP
Appendix 5B: Radix-64 Conversion
Appendix 5C: PGP Random Number Generation
6. IP Security
6.1 IP Security Overview
6.2 IP Security Architecture
6.3 Authentication Header
6.4 Encapsulating Security Payload
6.5 Combining Security Associations
6.6 Key Management
6.7 Recommended Reading and Web Sites
6.8 Key Terms, Review Questions, and Problems
Appendix 6A: Internetworking and Internet Protocols
7. Web Security
7.1 Web Security Requirements
7.2 Secure Sockets Layer (SSL) and Transport Layer Security (TLS)
7.3 Secure Electronic Transaction (SET)
7.4 Recommended Reading and Web Sites
7.5 Key Terms, Review Questions, and Problems
8. Network Management Security
8.1 Basic Concepts of SNMP
8.2 SNMPv1 Community Facility
8.4 Recommended Reading and Web Sites
8.5 Key Terms, Review Questions, and Problems
III. SYSTEM SECURITY
9.2 Intrusion Detection
9.3 Password Management
9.4 Recommended Reading and Web Sites
9.5 Key Terms, Review Questions, and Problems
Appendix 9A The Base-Rate Fallacy
10. MALICIOUS SOFTWARE
10.1 Viruses and Related Threats
10.2 Virus Countermeasures
10.3 Distributed Denial of Service Attacks
10.4 Recommended Reading and Web Sites
10.5 Key Terms, Review Questions, and Problems
11.1 Firewall Design Principles
11.2 Trusted Systems
11.3 Common Criteria for Information Technology Security Evaluation
11.4 Recommended Reading and Web Sites
11.5 Key Terms, Review Questions, and Problems
A. Standards Cited in this Book
B. Some Aspects of Number Theory
B.1 Prime and Relatively Prime Numbers
B.2 Modular Arithmetic
C. Projects for Teaching Network Security
C.1 Research Projects
C.2 Programming Projects
C.3 Reading/Report Assignments
List of Acronyms