Computer Security: Principles and Practice (3rd Edition)

Part one: computer security technology and principles -- Cryptographic tools -- User authentication -- Access control -- Database and cloud security -- Malicious software -- Denial-of-service attacks -- Intrusion detection -- Firewalls and intrusion prevention systems -- Part two: software security and trusted systems -- Buffer overflow -- Software security -- Operating system security -- Trusted computing and multilevel security -- Part three: management issues -- IT security controls, plans, and procedures -- Physical and infrastructure security -- Human resources security -- Security auditing -- Legal and ethical aspects -- Part four: cryptographic algorithms -- Public-key cryptography and message authentication -- Part five: network security -- Internet security protocols and standards -- Internet authentication applications -- Wireless network security.;Computer Security: Principles and Practice, Third Edition, is ideal for courses in Computer/Network Security. It also provides a solid, up-to-date reference or self-study tutorial for system engineers, programmers, system managers, network managers, product marketing personnel, system support specialists. In recent years, the need for education in computer security and related topics has grown dramatically -- and is essential for anyone studying Computer Science or Computer Engineering. This is the only text available to provide integrated, comprehensive, up-to-date coverage of the broad range of topics in this subject. In addition to an extensive pedagogical program, the book provides unparalleled support for both research and modeling projects, giving students a broader perspective. It covers all security topics considered Core in the EEE/ACM Computer Science Curriculum. This textbook can be used to prep for CISSP Certification, and includes in-depth coverage of Computer Security, Technology and Principles, Software Security, Management Issues, Cryptographic Algorithms, Internet Security and more. The Text and Academic Authors Association named Computer Security: Principles and Practice, First Edition, the winner of the Textbook Excellence Award for the best Computer Science textbook of 2008. -- Provided by publisher. Cover 1 Title Page 2 Copyright Page 3 ACKNOWLEDGMENTS 18 Contents 6 Online Resources 12 Preface 13 Notation 19 About the Authors 20 Chapter 0 Reader’s and Instructor’s Guide 22 0.1 Outline of this Book 23 0.2 A Roadmap for Readers and Instructors 23 0.3 Support for CISSP Certification 24 0.4 Support for NSA/DHS Certification 26 0.5 Support for ACM/IEEE Computer Society Computer Science Curricula 2013 27 0.6 Internet and Web Resources 29 0.7 Standards 30 Chapter 1 Overview 32 1.1 Computer Security Concepts 33 1.2 Threats, Attacks, and Assets 40 1.3 Security Functional Requirements 46 1.4 Fundamental Security Design Principles 48 1.5 Attack Surfaces and Attack Trees 52 1.6 Computer Security Strategy 55 1.7 Recommended Reading 57 1.8 Key Terms, Review Questions, and Problems 58 PART ONE: COMPUTER SECURITY TECHNOLOGY AND PRINCIPLES 61 Chapter 2 Cryptographic Tools 61 2.1 Confidentiality with Symmetric Encryption 62 2.2 Message Authentication and Hash Functions 68 2.3 Public-Key Encryption 76 2.4 Digital Signatures and Key Management 81 2.5 Random and Pseudorandom Numbers 85 2.6 Practical Application: Encryption of Stored Data 87 2.7 Recommended Reading 88 2.8 Key Terms, Review Questions, and Problems 89 Chapter 3 User Authentication 93 3.1 Electronic User Authentication Principles 95 3.2 Password-Based Authentication 99 3.3 Token-Based Authentication 111 3.4 Biometric Authentication 117 3.5 Remote User Authentication 121 3.6 Security Issues for User Authentication 124 3.7 Practical Application: An Iris Biometric System 126 3.8 Case Study: Security Problems for ATM Systems 128 3.9 Recommended Reading 131 3.10 Key Terms, Review Questions, and Problems 131 Chapter 4 Access Control 134 4.1 Access Control Principles 135 4.2 Subjects, Objects, and Access Rights 138 4.3 Discretionary Access Control 139 4.4 Example: UNIX File Access Control 145 4.5 Role-Based Access Control 148 4.6 Attribute-Based Access Control 154 4.7 Identity, Credential, and Access Management 160 4.8 Trust Frameworks 164 4.9 Case Study: RBAC System for a Bank 168 4.10 Recommended Reading 171 4.11 Key Terms, Review Questions, and Problems 172 Chapter 5 Database and Cloud Security 176 5.1 The Need for Database Security 177 5.2 Database Management Systems 178 5.3 Relational Databases 180 5.4 SQL Injection Attacks 184 5.5 Database Access Control 190 5.6 Inference 194 5.7 Database Encryption 197 5.8 Cloud Computing 201 5.9 Cloud Security Risks and Countermeasures 208 5.10 Data Protection in the Cloud 210 5.11 Cloud Security as a Service 210 5.12 Recommended Reading 214 5.13 Key Terms, Review Questions, and Problems 215 Chapter 6 Malicious Software 220 6.1 Types of Malicious Software (Malware) 221 6.2 Advanced Persistent Threat 224 6.3 Propagation—Infected Content—Viruses 225 6.4 Propagation—Vulnerability Exploit—Worms 231 6.5 Propagation—Social Engineering—Spam E-Mail, Trojans 239 6.6 Payload—System Corruption 242 6.7 Payload—Attack Agent—Zombie, Bots 243 6.8 Payload—Information Theft—Keyloggers, Phishing, Spyware 245 6.9 Payload—Stealthing—Backdoors, Rootkits 247 6.10 Countermeasures 250 6.11 Recommended Reading 256 6.12 Key Terms, Review Questions, and Problems 257 Chapter 7 Denial-of-Service Attacks 261 7.1 Denial-of-Service Attacks 262 7.2 Flooding Attacks 269 7.3 Distributed Denial-of-Service Attacks 271 7.4 Application-Based Bandwidth Attacks 273 7.5 Reflector and Amplifier Attacks 275 7.6 Defenses Against Denial-of-Service Attacks 280 7.7 Responding to a Denial-of-Service Attack 284 7.8 Recommended Reading 285 7.9 Key Terms, Review Questions, and Problems 285 Chapter 8 Intrusion Detection 288 8.1 Intruders 289 8.2 Intrusion Detection 293 8.3 Analysis Approaches 296 8.4 Host-Based Intrusion Detection 299 8.5 Network-Based Intrusion Detection 304 8.6 Distributed or Hybrid Intrusion Detection 310 8.7 Intrusion Detection Exchange Format 312 8.8 Honeypots 315 8.9 Example System: Snort 317 8.10 Recommended Reading 321 8.11 Key Terms, Review Questions, and Problems 321 Chapter 9 Firewalls and Intrusion Prevention Systems 325 9.1 The Need for Firewalls 326 9.2 Firewall Characteristics and Access Policy 327 9.3 Types of Firewalls 329 9.4 Firewall Basing 335 9.5 Firewall Location and Configurations 338 9.6 Intrusion Prevention Systems 343 9.7 Example: Unified Threat Management Products 347 9.8 Recommended Reading 351 9.9 Key Terms, Review Questions, and Problems 352 PART TWO: SOFTWARE SECURITY AND TRUSTED SYSTEMS 357 Chapter 10 Buffer Overflow 357 10.1 Stack Overflows 359 10.2 Defending Against Buffer Overflows 380 10.3 Other Forms of Overflow Attacks 386 10.4 Recommended Reading 393 10.5 Key Terms, Review Questions, and Problems 393 Chapter 11 Software Security 396 11.1 Software Security Issues 397 11.2 Handling Program Input 401 11.3 Writing Safe Program Code 413 11.4 Interacting with the Operating System and Other Programs 417 11.5 Handling Program Output 430 11.6 Recommended Reading 432 11.7 Key Terms, Review Questions, and Problems 433 Chapter 12 Operating System Security 437 12.1 Introduction to Operating System Security 439 12.2 System Security Planning 440 12.3 Operating Systems Hardening 440 12.4 Application Security 445 12.5 Security Maintenance 446 12.6 Linux/Unix Security 447 12.7 Windows Security 451 12.8 Virtualization Security 453 12.9 Recommended Reading 457 12.10 Key Terms, Review Questions, and Problems 458 Chapter 13 Trusted Computing and Multilevel Security 460 13.1 The Bell-LaPadula Model for Computer Security 461 13.2 Other Formal Models for Computer Security 471 13.3 The Concept of Trusted Systems 477 13.4 Application of Multilevel Security 480 13.5 Trusted Computing and the Trusted Platform Module 486 13.6 Common Criteria for Information Technology Security Evaluation 490 13.7 Assurance and Evaluation 496 13.8 Recommended Reading 501 13.9 Key Terms, Review Questions, and Problems 502 PART THREE: MANAGEMENT ISSUES 506 Chapter 14 IT Security Management and Risk Assessment 506 14.1 IT Security Management 507 14.2 Organizational Context and Security Policy 510 14.3 Security Risk Assessment 513 14.4 Detailed Security Risk Analysis 516 14.5 Case Study: Silver Star Mines 528 14.6 Recommended Reading 533 14.7 Key Terms, Review Questions, and Problems 534 Chapter 15 IT Security Controls, Plans, and Procedures 536 15.1 IT Security Management Implementation 537 15.2 Security Controls or Safeguards 537 15.3 IT Security Plan 545 15.4 Implementation of Controls 546 15.5 Monitoring Risks 547 15.6 Case Study: Silver Star Mines 550 15.7 Recommended Reading 553 15.8 Key Terms, Review Questions, and Problems 553 Chapter 16 Physical and Infrastructure Security 555 16.1 Overview 556 16.2 Physical Security Threats 557 16.3 Physical Security Prevention and Mitigation Measures 564 16.4 Recovery From Physical Security Breaches 567 16.5 Example: A Corporate Physical Security Policy 567 16.6 Integration of Physical and Logical Security 568 16.7 Recommended Reading 574 16.8 Key Terms, Review Questions, and Problems 575 Chapter 17 Human Resources Security 577 17.1 Security Awareness, Training, and Education 578 17.2 Employment Practices and Policies 584 17.3 E-Mail and Internet Use Policies 587 17.4 Computer Security Incident Response Teams 588 17.5 Recommended Reading 595 17.6 Key Terms, Review Questions, and Problems 596 Chapter 18 Security Auditing 598 18.1 Security Auditing Architecture 600 18.2 Security Audit Trail 605 18.3 Implementing the Logging Function 609 18.4 Audit Trail Analysis 621 18.5 Example: An Integrated Approach 625 18.6 Recommended Reading 628 18.7 Key Terms, Review Questions, and Problems 629 Chapter 19 Legal and Ethical Aspects 631 19.1 Cybercrime and Computer Crime 632 19.2 Intellectual Property 636 19.3 Privacy 642 19.4 Ethical Issues 647 19.5 Recommended Reading 654 19.6 Key Terms, Review Questions, and Problems 655 PART FOUR: CRYPTOGRAPHIC ALGORITHMS 658 Chapter 20 Symmetric Encryption and Message Confidentiality 658 20.1 Symmetric Encryption Principles 659 20.2 Data Encryption Standard 664 20.3 Advanced Encryption Standard 666 20.4 Stream Ciphers and RC4 672 20.5 Cipher Block Modes of Operation 676 20.6 Location of Symmetric Encryption Devices 681 20.7 Key Distribution 683 20.8 Recommended Reading 685 20.9 Key Terms, Review Questions, and Problems 685 Chapter 21 Public-Key Cryptography and Message Authentication 690 21.1 Secure Hash Functions 691 21.2 HMAC 696 21.3 The RSA Public-Key Encryption Algorithm 700 21.4 Diffie-Hellman and Other Asymmetric Algorithms 705 21.5 Recommended Reading 710 21.6 Key Terms, Review Questions, and Problems 710 PART FIVE: NETWORK SECURITY 714 Chapter 22 Internet Security Protocols and Standards 714 22.1 Secure E-Mail and S/MIME 715 22.2 DomainKeys Identified Mail 718 22.3 Secure Sockets Layer (SSL) and Transport Layer Security (TLS) 721 22.4 HTTPS 728 22.5 IPv4 and IPv6 Security 729 22.6 Recommended Reading 735 22.7 Key Terms, Review Questions, and Problems 735 Chapter 23 Internet Authentication Applications 738 23.1 Kerberos 739 23.2 X.509 745 23.3 Public-Key Infrastructure 748 23.4 Recommended Reading 750 23.5 Key Terms, Review Questions, and Problems 751 Chapter 24 Wireless Network Security 754 24.1 Wireless Security 755 24.2 Mobile Device Security 758 24.3 IEEE 802.11 Wireless LAN Overview 762 24.4 IEEE 802.11i Wireless LAN Security 768 24.5 Recommended Reading 783 24.6 Key Terms, Review Questions, and Problems 784 Appendix A: Projects and Other Student Exercises for Teaching Computer Security 786 A.1 Hacking Project 786 A.2 Laboratory Exercises 787 A.3 Security Education (SEED) Projects 787 A.4 Research Projects 789 A.5 Programming Projects 790 A.6 Practical Security Assessments 790 A.7 Firewall Projects 790 A.8 Case Studies 791 A.9 Reading/Report Assignments 791 A.10 Writing Assignments 791 A.11 Webcasts for Teaching Computer Security 792 Acronyms 793 References 794 Index 812 A 812 B 814 C 815 D 817 E 819 F 820 G 820 H 821 I 821 J 823 K 823 L 823 M 824 N 825 O 826 P 826 Q 828 R 828 S 830 T 833 U 834 V 834 W 835 X 835 Z 835 **__Computer Security: Principles and Practice, Third Edition,__** __is ideal for courses in Computer/Network Security. It also provides a solid, up-to-date reference or self-study tutorial for system engineers, programmers, system managers, network managers, product marketing personnel, system support specialists.__ In recent years, the need for education in computer security and related topics has grown dramatically—and is essential for anyone studying Computer Science or Computer Engineering. This is the only text available to provide integrated, comprehensive, up-to-date coverage of the broad range of topics in this subject. In addition to an extensive pedagogical program, the book provides unparalleled support for both research and modeling projects, giving students a broader perspective. It covers all security topics considered Core in the EEE/ACM Computer Science Curriculum. This textbook can be used to prep for CISSP Certification, and includes in-depth coverage of Computer Security, Technology and Principles, Software Security, Management Issues, Cryptographic Algorithms, Internet Security and more. The Text and Academic Authors Association named __Computer Security: Principles and Practice, First Edition,__ the winner of the Textbook Excellence Award for the best Computer Science textbook of 2008. **Teaching and Learning Experience** This program presents a better teaching and learning experience—for you and your students. It will help: * **Easily Integrate Projects in your Course:** This book provides an unparalleled degree of support for including both research and modeling projects in your course, giving students a broader perspective. * **Keep Your Course Current with Updated Technical Content:** This edition covers the latest trends and developments in computer security. * **Enhance Learning with Engaging Features:** Extensive use of case studies and examples provides real-world context to the text material. * **Provide Extensive Support Material to Instructors and Students:** Student and instructor resources are available to expand on the topics presented in the text.