Information Security: Principles and PracticeJohn Wiley & Sons, 11 nov. 2005 - 371 pages Your expert guide to information security As businesses and consumers become more dependent on complex multinational information systems, the need to understand and devise sound information security systems has never been greater. This title takes a practical approach to information security by focusing on real-world examples. While not sidestepping the theory, the emphasis is on developing the skills and knowledge that security and information technology students and professionals need to face their challenges. The book is organized around four major themes: * Cryptography: classic cryptosystems, symmetric key cryptography, public key cryptography, hash functions, random numbers, information hiding, and cryptanalysis * Access control: authentication and authorization, password-based security, ACLs and capabilities, multilevel and multilateral security, covert channels and inference control, BLP and Biba's models, firewalls, and intrusion detection systems * Protocols: simple authentication protocols, session keys, perfect forward secrecy, timestamps, SSL, IPSec, Kerberos, and GSM * Software: flaws and malware, buffer overflows, viruses and worms, software reverse engineering, digital rights management, secure software development, and operating systems security Additional features include numerous figures and tables to illustrate and clarify complex topics, as well as problems-ranging from basic to challenging-to help readers apply their newly developed skills. A solutions manual and a set of classroom-tested PowerPoint(r) slides will assist instructors in their course development. Students and professors in information technology, computer science, and engineering, and professionals working in the field will find this reference most useful to solve their information security issues. An Instructor's Manual presenting detailed solutions to all the problems in the book is available from the Wiley editorial department. An Instructor Support FTP site is also available. |
Table des matières
1 | |
9 | |
II ACCESS CONTROL | 151 |
III PROTOCOLS | 207 |
IV SOFTWARE | 265 |
APPENDIX | 341 |
ANNOTATED BIBLIOGRAPHY | 359 |
381 | |
Autres éditions - Tout afficher
Expressions et termes fréquents
access control algorithm Alice and Bob Alice’s application attack authentication protocol biometric bits block cipher Bob’s buffer overflow byte CAPTCHA chapter ciphertext closed source codebook consider covert channel cryptosystem decrypt detection differential cryptanalysis Diffie-Hellman digital signature discuss DRM system equation example Feistel cipher firewall hash function IKE Phase illustrated in Figure implemented information security input integrity Internet IP address IPSec Kerberos keystream knapsack known layer linear linear cryptanalysis main mode malware Microsoft mutual authentication NGSCB one-time pad output packet filter permutation plaintext possible private key problem protection protocol in Figure public key crypto public key cryptography result round S-box security flaws security protocols sends serial number server session key simple stream cipher subkey symmetric key Table TDES TMTO TOP SECRET topics Trudy Trudy’s trusted users verify watermarking we’ll worm
Fréquemment cités
Page xxii - The White Rabbit put on his spectacles. Where shall I begin, please your Majesty?' he asked. 'Begin at the beginning,' the King said gravely, 'and go on till you come to the end: then stop.
Page 10 - But," said I, returning him the slip, "I am as much in the dark as ever. Were all the jewels of Golconda awaiting me upon my solution of this enigma, I am quite sure that I should be unable to earn them.
Page 6 - The problem is not that there are problems. The problem is expecting otherwise and thinking that having problems is a problem.