- ホーム
- > 洋書
- > 英文書
- > Computer / General
基本説明
Written for self-study and course use, this book will suit a variety of introductory and more advanced security programmes for students of computer science, engineering and related disciplines.
Table of Contents
Preface ix
Introduction 1 (16)
Attacks and Attackers 2 (2)
Security 4 (1)
Security Management 4 (5)
Risk and Threat Analysis 9 (8)
Foundations of Computer Security 17 (18)
Definitions 18 (7)
The Fundamental Dilemma of Computer 25 (1)
Security
Data vs Information 26 (1)
Principles of Computer Security 27 (4)
The Layer Below 31 (4)
Identification and Authentication 35 (16)
Username and Password 36 (1)
Managing Passwords 37 (1)
Choosing Passwords 38 (2)
Spoofing Attacks 40 (1)
Protecting the Password File 41 (2)
Single Sign-on 43 (1)
Alternative Approaches 44 (7)
Access Control 51 (20)
Background 52 (1)
Authentication and Authorization 52 (2)
Access Operations 54 (3)
Ownership 57 (1)
Access Control Structures 57 (3)
Intermediate Controls 60 (4)
Partial Orderings 64 (7)
Reference Monitors 71 (20)
Introduction 72 (2)
Operating System Integrity 74 (1)
Hardware Security Features 75 (8)
Protecting Memory 83 (8)
Unix Security 91 (24)
Introduction 92 (1)
Principals 93 (2)
Subjects 95 (2)
Objects 97 (4)
Access Control 101(3)
Instances of General Security Principles 104(6)
Management Issues 110(5)
Windows 2000 Security 115(24)
Introduction 116(3)
Access Control -- Components 119(8)
Access Decisions 127(5)
Restricted Context 132(2)
Administration 134(5)
Bell--LaPadula Model 139(14)
State Machine Models 140(1)
The Bell--LaPadula Model 140(6)
The Multics Interpretation of BLP 146(7)
Security Models 153(16)
The Biba Model 154(1)
The Chinese Wall Model 155(2)
The Clark--Wilson Model 157(2)
The Harrison--Ruzzo--Ullman Model 159(3)
Information Flow Models 162(2)
Execution Monitors 164(5)
Security Evaluation 169(16)
Introduction 170(3)
The Orange Book 173(4)
The Rainbow Series 177(1)
Information Technology Security 177(1)
Evaluation Criteria
The Federal Criteria 178(1)
The Common Criteria 179(3)
Quality Standards 182(1)
An Effort-Well Spent? 182(3)
Cryptography 185(26)
Introduction 186(3)
Modular Arithmetic 189(2)
Integrity Check Functions 191(3)
Digital Signatures 194(4)
Encryption 198(7)
Strength of Mechanisms 205(2)
Performance 207(4)
Authentication in Distributed Systems 211(22)
Introduction 212(1)
Key Establishment and Authentication 212(3)
Key Establishment Protocols 215(4)
Kerberos 219(5)
Public Key Infrastructures 224(5)
Trusted Computing--Attestation 229(4)
Network Security 233(24)
Introduction 234(3)
Protocol Design Principles 237(2)
IP Security 239(4)
SSL/TLS 243(4)
DNS 247(1)
Firewalls 247(4)
Intrusion Detection 251(6)
Software Security 257(26)
Introduction 258(1)
Characters and Numbers 259(4)
Canonical Representations 263(1)
Memory Management 264(7)
Data and Code 271(3)
Race conditions 274(1)
Defenses 275(8)
New Access Control Paradigms 283(24)
Introduction 284(2)
Code-based Access Control 286(4)
Java Security 290(5)
.NET Security Framework 295(4)
Cookies 299(2)
SPKI 301(1)
Trust Management 302(2)
Digital Rights Management 304(3)
Mobility 307(20)
Introduction 308(1)
GSM 308(5)
UMTS 313(2)
Mobile IPv6 Security 315(5)
WLAN 320(4)
Bluetooth 324(3)
Database Security 327(22)
Introduction 328(2)
Relational Databases 330(4)
Access Control 334(5)
Statistical Database Security 339(5)
Integration with the Operating System 344(2)
Privacy 346(3)
Bibliography 349(12)
Index 361
