Online Resources
Preface
About the Author
Chapter 1 Introduction 1.1 Computer Security Concepts
1.2 The OSI Security Architecture
1.3 Security Attacks
1.4 Security Services
1.5 Security Mechanisms
1.6 A Model for Network Security
1.7 Standards
1.8 Outline of This Book
1.9 Recommended Reading
1.10 Internet and Web Resources
1.11 Key Terms, Review Questions, and Problems
PART ONE CRYPTOGRAPHY
Chapter 2 Symmetric Encryption and Message Confidentiality 2.1 Symmetric Encryption Principles
2.2 Symmetric Block Encryption Algorithms
2.3 Random and Pseudorandom Numbers
2.4 Stream Ciphers and RC4
2.5 Cipher Block Modes of Operation
2.6 Recommended Reading
2.7 Key Terms, Review Questions, and Problems
Chapter 3 Public-Key Cryptography and Message Authentication 3.1 Approaches to Message Authentication
3.2 Secure Hash Functions
3.3 Message Authentication Codes
3.4 Public Key Cryptography Principles
3.5 Public-Key Cryptography Algorithms
3.6 Digital Signatures
3.7 Recommended Reading
3.8 Key Terms, Review Questions, and Problems
PART TWO NETWORK SECURITY APPLICATIONS
Chapter 4 Key Distribution and User Authentication 4.1 Symmetric Key Distribution Using Symmetric Encryption
4.2 Kerberos
4.3 Key Distribution Using Asymmetric Encryption
4.4 X.509 Certificates
4.5 Public Key Infrastructure
4.6 Federated Identity Management
4.7 Recommended Reading
4.8 Key Terms, Review Questions, and Problems
Chapter 5 Network Access Control and Cloud Security 5.1 Network Access Control
5.2 Extensible Authentication Protocol
5.3 IEEE 802.1X Port-Based Network Access Control
5.4 Cloud Computing
5.5 Cloud Security Risks and Countermeasures
5.6 Data Protection in the Cloud
5.7 Cloud Security as a Service
5.8 Recommended Reading
5.9 Key Terms, Review Questions, and Problems
Chapter 6 Transport-Level Security 6.1 Web Security Issues
6.2 Secure Sockets Layer (SSL)
6.3 Transport Layer Security (TLS)
6.4 HTTPS
6.5 Secure Shell (SSH)
6.6 Recommended Reading
6.7 Key Terms, Review Questions, and Problems
Chapter 7 Wireless Network Security 7.1 Wireless Security
7.2 Mobile Device Security
7.3 IEEE 802.11 Wireless LAN Overview
7.4 IEEE 802.11i Wireless LAN Security
7.5 Recommended Reading
7.6 Key Terms, Review Questions, and Problems
Chapter 8 Electronic Mail Security 8.1 Pretty Good Privacy (PGP)
8.2 S/MIME
8.3 DomainKeys Identified Mail (DKIM)
8.4 Recommended Web Sites
8.5 Key Terms, Review Questions, and Problems
Chapter 9 IP Security 9.1 IP Security Overview
9.2 IP Security Policy
9.3 Encapsulating Security Payload
9.4 Combining Security Associations
9.5 Internet Key Exchange
9.6 Cryptographic Suites
9.7 Recommended Reading
9.8 Key Terms, Review Questions, and Problems
PART THREE SYSTEM SECURITY
Chapter 10 Malicious Software 10.1 Types of Malicious Software
10.2 Propagation - Infected Content - Viruses
10.3 Propagation - Vulnerability Exploit - Worms
10.4 Propagation - Social Engineering - SPAM, Trojans
10.5 Payload - System Corruption
10.6 Payload - Attack Agent - Zombie, Bots
10.7 Payload - Information Theft - Keyloggers, Phishing, Spyware
10.8 Payload - Stealthing - Backdoors, Rootkits
10.9 Countermeasures
10.10 Distributed Denial of Service Attacks
10.11 Recommended Reading
10.12 Key Terms, Review Questions, and Problems
Chapter 11 Intruders 11.1 Intruders
11.2 Intrusion Detection
11.3 Password Management
11.4 Recommended Reading
11.5 Key Terms, Review Questions, and Problems
Chapter 12 Firewalls 12.1 The Need for Firewalls
12.2 Firewall Characteristics
12.3 Types of Firewalls
12.4 Firewall Basing
12.5 Firewall Location and Configurations
12.6 Recommended Reading
12.7 Key Terms, Review Questions, and Problems
APPENDICES
Appendix A Some Aspects of Number Theory A.1 Prime and Relatively Prime Numbers
A.2 Modular Arithmetic
Appendix B Projects for Teaching Network Security B.1 Research Projects
B.2 Hacking Project
B.3 Programming Projects
B.4 Laboratory Exercises
B.5 Practical Security Assessments
B.6 Writing Assignments
B.7 Reading/Report Assignments
REFERENCES
INDEX
ONLINE CHAPTERS AND APPENDICES - Online chapters, appendices, and other documents are Premium Content. Students must use the access card located in the front of the book to register and access the online premium content. If there is no access card, students can purchase access by going to www.pearsonhighered.com/stallings and selecting "purchase access to premium content." Instructors must register on the site to access the material.
Chapter 13 Network Management Security 13.1 Basic Concepts of SNMP
13.2 SNMPv1 Community Facility
13.3 SNMPv3
13.4 Recommended Reading
13.5 Key Terms, Review Questions, and Problems
Chapter 14 Legal and Ethical Issues 14.1 Cybercrime and Computer Crime
14.2 Intellectual Property
14.3 Privacy
14.4 Ethical Issues
14.5 Recommended Reading
14.6 Key Terms, Review Questions, and Problems
Chapter 15 SHA-3 15.1 Evaluation Criteria for SHA-3
15.2 The SHA-3 Algorithm
15.3 Recommended Reading
15.4 Key Terms and Review Questions
Appendix C Standards and Standards-Setting Organizations C.1 The Importance of Standards
C.2 Internet Standards and the Internet Society
C.3 National Institute of Standards and Technology
Appendix D TCP/IP and OSI D.1 Protocols and Protocol Architectures
D.2 The TCP/IP Protocol Architecture
D.3 The Role of an Internet Protocol
D.4 IPv4
D.5 IPv6
D.6 The OSI Protocol Architecture
Appendix E Pseudorandom Number Generation E.1 PRNG Requirements
E.2 PRNG Using a Block Cipher
E.3 PRNG Using a Hash Function or Message Authentication Code
Appendix F Kerberos Encryption Techniques F.1 Password-to-Key Transformation
F.2 Propagating Cipher Block Chaining Mode
Appendix G Data Compression Using ZIP G.1 Compression Algorithm
G.2 Decompression Algorithm
Appendix H More on PGP H.1 True Random Numbers
H.2 Pseudorandom Numbers
H.3 Cryptographic Keys and Key Rings
H.4 Public-Key Management
Appendix I The International Reference Alphabet
Appendix J The Base-Rate Fallacy
Appendix K Radix-64 Conversion
GLOSSARY
LIST OF ACRONYMS