Table of Contents Online ResourcesPrefaceNotationAbout the AuthorsChapter 1 Overview 1.1 Computer Security Concepts1.2 Threats, Attacks, and Assets1.3 Security Functional Requirements1.4 Fundamental Security Design Principles1.5 Attack Surfaces and Attack Trees1.6 Computer Security Strategy1.7 Standards1.8 Key Terms, Review Questions, and Problems PART ONE COMPUTER SECURITY TECHNOLOGY AND PRINCIPLES Chapter 2 Cryptographic Tools 2.1 Confidentiality with Symmetric Encryption2.2 Message Authentication and Hash Functions2.3 Public-Key Encryption2.4 Digital Signatures and Key Management2.5 Random and Pseudorandom Numbers2.6 Practical Application: Encryption of Stored Data2.7 Key Terms, Review Questions, and ProblemsChapter 3 User Authentication 3.1 Digital User Authentication Principles3.2 Password-Based Authentication3.3 Token-Based Authentication3.4 Biometric Authentication3.5 Remote User Authentication3.6 Security Issues for User Authentication3.7 Practical Application: An Iris Biometric System3.8 Case Study: Security Problems for ATM Systems3.9 Key Terms, Review Questions, and ProblemsChapter 4 Access Control 4.1 Access Control Principles4.2 Subjects, Objects, and Access Rights4.3 Discretionary Access Control4.4 Example: UNIX File Access Control4.5 Role-Based Access Control4.6 Attribute-Based Access Control4.7 Identity, Credential, and Access Management4.8 Trust Frameworks4.9 Case Study: RBAC System for a Bank4.10 Key Terms, Review Questions, and ProblemsChapter 5 Database and Data Center Security 5.1 The Need for Database Security5.2 Database Management Systems5.3 Relational Databases5.4 SQL Injection Attacks5.5 Database Access Control5.6 Inference5.7 Database Encryption5.8 Data Center Security5.9 Key Terms, Review Questions, and ProblemsChapter 6 Malicious Software 6.1 Types of Malicious Software6.2 Advanced Persistent Threat6.2 Propagation — Infected Content - Viruses6.3 Propagation — Vulnerability Exploit - Worms6.4 Propagation — Social Engineering — SPAM E-Mail, Trojans6.5 Payload — System Corruption6.6 Payload — Attack Agent — Zombie, Bots6.7 Payload — Information Theft — Keyloggers, Phishing, Spyware6.8 Payload — Stealthing — Backdoors, Rootkits6.9 Countermeasures6.10 Key Terms, Review Questions, and ProblemsChapter 7 Denial-of-Service Attacks 7.1 Denial-of-Service Attacks7.2 Flooding Attacks7.3 Distributed Denial-of-Service Attacks7.4 Application-Based Bandwidth Attacks7.5 Reflector and Amplifier Attacks7.6 Defenses Against Denial-of-Service Attacks7.7 Responding to a Denial-of-Service Attack7.8 Key Terms, Review Questions, and ProblemsChapter 8 Intrusion Detection 8.1 Intruders8.2 Intrusion Detection8.3 Analysis Approaches8.4 Host-Based Intrusion Detection8.5 Network-Based Intrusion Detection8.6 Distributed or Hybrid Intrusion Detection8.7 Intrusion Detection Exchange Format8.8 Honeypots8.9 Example System: Snort8.10 Key Terms, Review Questions, and ProblemsChapter 9 Firewalls and Intrusion Prevention Systems 9.1 The Need for Firewalls9.2 Firewall Characteristics and Access Policy9.3 Types of Firewalls9.4 Firewall Basing9.5 Firewall Location and Configurations9.6 Intrusion Prevention Systems9.7 Example: Unified Threat Management Products9.8 Key Terms, Review Questions, and Problems PART TWO SOFTWARE SECURITY AND TRUSTED SYSTEMS Chapter 10 Buffer Overflow 10.1 Stack Overflows10.2 Defending Against Buffer Overflows10.3 Other Forms of Overflow Attacks10.4 Key Terms, Review Questions, and ProblemsChapter 11 Software Security 11.1 Software Security Issues11.2 Handling Program Input11.3 Writing Safe Program Code11.4 Interacting with the Operating System and Other Programs11.5 Handling Program Input11.6 Key Terms, Review Questions, and ProblemsChapter 12 Operating System Security 12.1 Introduction to Operating System Security12.3 System Security Planning12.3 Operating Systems Hardening12.4 Application Security12.5 Security Maintenance12.6 Linux/UNIX Security12.7 Windows Security12.8 Virtualization Security12.9 Key Terms, Review Questions, and ProblemsChapter 13 Cloud and IoT Security 13.1 Cloud Computing13.2 Cloud Security Concepts13.3 Cloud Security Approaches13.4 The Internet of Things13.5 IoT Security13.6 Key Terms, Review Questions, and Problems PART THREE MANAGEMENT ISSUES Chapter 14 IT Security Management and Risk Assessment 14.1 IT Security Management14.2 Organizational Context and Security Policy14.3 Security Risk Assessment14.4 Detailed Security Risk Analysis14.5 Case Study: Silver Star Mines14.6 Recommended Reading14.7 Key Terms, Review Questions, and ProblemsChapter 15 IT Security Controls, Plans and Procedures 15.1 IT Security Management Implementation15.2 Security Controls or Safeguards15.3 IT Security Plan15.4 Implementation of Controls15.5 Monitoring Risks15.6 Case Study: Silver Star Mines15.7 Key Terms, Review Questions, and ProblemsChapter 16 Physical and Infrastructure Security 16.1 Overview16.2 Physical Security Threats16.3 Physical Security Prevention and Mitigation Measures16.4 Recovery from Physical Security Breaches16.5 Example: A Corporate Physical Security Policy16.6 Integration of Physical and Logical Security16.7 Key Terms, Review Questions, and ProblemsChapter 17 Human Resources Security 17.1 Security Awareness, Training, and Education17.2 Employment Practices and Policies17.3 E-Mail and Internet Use Policies17.4 Computer Security Incident Response Teams17.5 Key Terms, Review Questions, and ProblemsChapter 18 Security Auditing 18.1 Security Auditing Architecture18.2 The Security Audit Trail18.3 Implementing the Logging Function18.4 Audit Trail Analysis18.5 Security Information and Event Management18.6 Key Terms, Review Questions, and ProblemsChapter 19 Legal and Ethical Aspects 19.1 Cybercrime and Computer Crime19.2 Intellectual Property19.3 Privacy19.4 Ethical Issues19.5 Key Terms, Review Questions, and ProblemsAppendix 19A: Information Privacy Standard of Good Practice PART FOUR CRYPTOGRAPHIC ALGORITHMS Chapter 20 Symmetric Encryption and Message Confidentiality 20.1 Symmetric Encryption and Message Confidentiality20.2 Data Encryption Standard20.3 Advanced Encryption Standard20.4 Stream Ciphers and RC420.5 Cipher Block Modes of Operation20.6 Key Distribution20.8 Key Terms, Review Questions, and ProblemsChapter 21 Public-Key Cryptography and Message Authentication 21.1 Secure Hash Functions21.2 HMAC21.3 Authenticated Encryption21.4 The RSA Public-Key Encryption Algorithm21.5Diffie-Hellman and Other Asymmetric Algorithms21.6 Key Terms, Review Questions, and Problems PART FIVE NETWORK SECURITY Chapter 22 Internet Security Protocols and Standards 22.1 Secure Email and S/MIME22.2 DomainKeys Identified Mail22.3 Secure Sockets Layer (SSL) and Transport Layer Security (TLS)22.4 HTTPS22.5 IPv4 and IPv6 Security22.6 Key Terms, Review Questions, and ProblemsChapter 23 Internet Authentication Applications 23.1 Kerberos23.2 X.50923.3 Public-Key Infrastructure23.4 Federated Identity Management23.5 Key Terms, Review Questions, and ProblemsChapter 24 Wireless Network Security 24.1 Wireless Security Overview24.2 Mobile Device Security24.3 IEEE 802.11 Wireless LAN Overview24.4 IEEE 802.11i Wireless LAN Security24.5 Key Terms, Review Questions, and Problems APPENDICES Appendix A Projects and Other Student Exercises for Teaching Computer Security A.1 Hacking ProjectA.2 Laboratory ExercisesA.3 Security Education (SEED) ProjectsA.4 Research ProjectsA.5 Programming ProjectsA.6 Practical Security AssessmentsA.7 Firewall ProjectsA.8 Case StudiesA.9 Reading/Report AssignmentsA.10 Writing AssignmentsA.11 Webcasts for Teaching Computer Security ACRONYMS LIST OF NIST DOCUMENTS REFERENCES INDEX ONLINE CHAPTERS AND APPENDICES Online chapters, appendices, and other documents are Premium Content, available via the access card printed in the front of the book.Chapter 25 Linux Security 25.1 Introduction25.2 Linux's Security Model25.3 The Linux DAC in Depth: Filesystem Security25.4 Linux Vulnerabilities25.5 Linux System Hardening25.6 Application Security25.7 Mandatory Access Controls25.8 Key Terms, Review Questions, and ProblemsChapter 26 Windows and Windows Vista Security 26.1 Windows Security Architecture26.2 Windows Vulnerabilities26.3 Windows Security Defenses26.4 Browser Defenses26.5 Cryptographic Services26.6 Common Criteria26.7 Key Terms, Review Questions, Problems, and Projects Appendix B Some Aspects of Number Theory Appendix C Standards and Standard-Setting Organizations Appendix D Random and Pseudorandom Number Generation Appendix E Message Authentication Codes Based on Block Ciphers Appendix F TCP/IP Protocol Architecture Appendix G Radix-64 Conversion Appendix H The Domain Name System Appendix I The Base-Rate Fallacy Appendix J SHA-3 Appendix K Glossary

Content updates Data center security discussion in Chapter 5 covers data center security and  the TIA-492 specification of reliability tiers.Malware material in Chapter 6 includes additional material on macro viruses and their structure, as they are now the most common form of virus malware.Virtualization security material in Chapter 12 has been extended, given the rising use of such systems by organizations and in cloud computing environments. A discussion of virtual firewalls, which may be used to help secure these environments, has also been added.Cloud security discussion inChapter 13 includes an introduction to cloud computing, key cloud security concepts, an analysis of approaches to cloud security, and an open-source example.IoT security indiscussion Chapter 13 covers security for the Internet of Things (IoT). The discussion includes an introduction to IoT, an overview of IoT security issues, and an open-source example.SEIM discussion in Chapter 18 is updated for Security Information and Event Management (SIEM) Systems.Privacy section covers privacy issues and its management in Chapter 19. The section has been extended with additional discussion of moral and legal approaches, and the privacy issues related to big data.Authenticated encryption has become an increasingly widespread cryptographic tool in a variety of applications and protocols. Chapter 21 includes a new discussion of authenticated description and describes an important authenticated encryption algorithm known as offset codebook (OCB) mode.