Stuart Jacobs
Engineering Information Security
Stuart Jacobs
Engineering Information Security
- Gebundenes Buch
- Merkliste
- Auf die Merkliste
- Bewerten Bewerten
- Teilen
- Produkt teilen
- Produkterinnerung
- Produkterinnerung
Information security is the act of protecting information from unauthorized access, use, disclosure, disruption, modification, or destruction. This book discusses why information security is needed and how security problems can have widespread impacts. It covers the complete security lifecycle of products and services, starting with requirements and policy development and progressing through development, deployment, and operations, and concluding with decommissioning. Professionals in the sciences, engineering, and communications fields will turn to this resource to understand the many legal,…mehr
Andere Kunden interessierten sich auch für
![Vehicular AD Hoc Network Security and Privacy]( "Vehicular AD Hoc Network Security and Privacy")
Xiaodong LinVehicular AD Hoc Network Security and Privacy147,99 €![Wireless Mobile Internet Security]( "Wireless Mobile Internet Security")
Man Young RheeWireless Mobile Internet Security129,99 €![Distributed Systems Security]( "Distributed Systems Security")
Abhijit BelapurkarDistributed Systems Security114,99 €![Security of Block Ciphers]( "Security of Block Ciphers")
Kazuo SakiyamaSecurity of Block Ciphers129,99 €![Security Management of Next Generation Telecommunications Networks and Services]( "Security Management of Next Generation Telecommunications Networks and Services")
Stuart JacobsSecurity Management of Next Generation Telecommunications Networks and Services155,99 €![Sip Security]( "Sip Security")
Dorgham SisalemSip Security124,99 €![Host Identity Protocol (Hip)]( "Host Identity Protocol (Hip)")
Andrei GurtovHost Identity Protocol (Hip)119,99 €-
-
-
Information security is the act of protecting information from unauthorized access, use, disclosure, disruption, modification, or destruction. This book discusses why information security is needed and how security problems can have widespread impacts. It covers the complete security lifecycle of products and services, starting with requirements and policy development and progressing through development, deployment, and operations, and concluding with decommissioning. Professionals in the sciences, engineering, and communications fields will turn to this resource to understand the many legal, technical, competitive, criminal and consumer forces and influences that are rapidly changing our information dependent society.
For solution manual, contact ieeepress@ieee.org
For solution manual, contact ieeepress@ieee.org
Produktdetails
- Produktdetails
- IEEE Press Series on Information and Communication Networks Security
- Verlag: Wiley & Sons
- 1. Auflage
- Seitenzahl: 728
- Erscheinungstermin: 26. Mai 2011
- Englisch
- Abmessung: 240mm x 161mm x 43mm
- Gewicht: 1245g
- ISBN-13: 9780470565124
- ISBN-10: 0470565128
- Artikelnr.: 31187317
- IEEE Press Series on Information and Communication Networks Security
- Verlag: Wiley & Sons
- 1. Auflage
- Seitenzahl: 728
- Erscheinungstermin: 26. Mai 2011
- Englisch
- Abmessung: 240mm x 161mm x 43mm
- Gewicht: 1245g
- ISBN-13: 9780470565124
- ISBN-10: 0470565128
- Artikelnr.: 31187317
Stuart Jacobs is Principal Consultant for YCS Consulting LLC and a Lecturer at Boston University Metropolitan College. He serves as an Industry Security Subject Matter Expert for the Telecommunications Management and Operations Committee (TMOC) of the Alliance for the Telecommunications Industry Solutions (ATIS). Mr. Jacobs has also served as a technical editor of ATIS Joint Committee Technical Reports and ITU-T Recommendations.
Preface and Acknowledgments xxiii 1 WHAT IS SECURITY? 1 1.1 Introduction 1
1.2 The Subject of Security 2 1.3 A Twenty-First Century Tale 15 1.4 Why
are You Important to Computer Security? 21 1.5 End of the Beginning 23 1.6
Chapter Summary 25 1.7 Further Reading and Resources 26 1.8 Questions 26
1.9 Exercises 27 2 SYSTEMS ENGINEERING 29 2.1 So What Is Systems
Engineering? 29 2.2 Process Management 37 2.3 Organization Environments 44
2.4 Chapter Summary 56 2.5 Further Reading and Resources 57 2.6 Questions
57 2.7 Exercises 58 3 FOUNDATION CONCEPTS 59 3.1 Security Concepts and
Goals 60 3.2 Role of Cryptology in Information Security 79 3.3 Key
Management Revisited 111 3.4 Chapter Summary 113 3.5 Further Reading and
Resources 113 3.6 Questions 114 3.7 Exercises 117 4 AUTHENTICATION OF
SUBJECTS 119 4.1 Authentication Systems 119 Status Verification 138 4.2
Human Authentication 150 4.3 Chapter Summary 163 4.4 Further Reading and
Resources 163 4.5 Questions 164 4.6 Exercises 166 5 SECURITY SYSTEMS
ENGINEERING 167 5.1 Security Policy Development 168 5.2 Senior Management
Oversight and Involvement 168 5.3 Security Process Management and Standards
168 5.4 Information Security Systems Engineering Methodology 185 5.5
Requirements Analysis and Decomposition 218 5.6 Access Control Concepts 221
5.7 Security Modeling and Security-Related Standards 228 5.8 Chapter
Summary 242 5.9 Questions 243 5.10 Exercises 246 6 TRADITIONAL NETWORK
CONCEPTS 249 6.1 Networking Architectures 249 6.2 Types of Networks 254 6.3
Network Protocols 259 Signaling and Control Application Protocols 323 6.4
Chapter Summary 332 6.5 Further Reading and Resources 332 6.6 Questions 332
6.7 Exercises 334 7 NEXT-GENERATION NETWORKS 335 7.1 Framework and Topology
of the NGN 336 7.2 The NGN Functional Reference Model 343 7.3 Relationship
between NGN Transport and Service Domains 351 7.4 Enterprise Role Model 353
7.5 Security Allocation within the NGN Transport Stratum Example 356 7.6
Converged Network Management (TMN and eTOM) 357 7.7 General Network
Security Architectures 364 7.8 Chapter Summary 368 7.9 Further Reading and
Resources 368 7.10 Exercises 370 8 GENERAL COMPUTER SECURITY ARCHITECTURE
371 8.1 The Hardware Protects the Software 372 8.2 The Software Protects
Information 386 8.3 Element Security Architecture Description 388 8.4
Operating System (OS) Structure 397 8.5 Security Mechanisms for Deployed
Operating Systems (OSs) 399 8.6 Chapter Summary 421 8.7 Further Reading and
Resources 425 8.8 Questions 425 8.9 Exercises 426 9 COMPUTER SOFTWARE
SECURITY 427 9.1 Specific Operating Systems (OSs) 427 9.2 Applications 459
9.3 Example Detailed Security Requirements for Specific Operating Systems
and Applications 474 9.4 Chapter Summary 476 9.5 Further Reading and
Resources 477 9.6 Questions 477 9.7 Exercises 478 10 SECURITYSYSTEMS
DESIGN--DESIGNINGNETWORKSECURITY 479 10.1 Introduction 479 10.2 Security
Design for Protocol Layer 1 482 10.3 Layer 2--Data Link Security Mechanisms
485 10.4 Security Design for Protocol Layer 3 493 10.5 IP Packet
Authorization and Access Control 525 10.6 Chapter Summary 538 10.7 Further
Reading and Resources 538 10.8 Questions 539 10.9 Exercises 541 11
TRANSPORT AND APPLICATION SECURITY DESIGN AND USE 543 11.1 Layer
4--Transport Security Protocols 543 11.2 Layer 5--User Service Application
Protocols 553 11.3 Chapter Summary 603 11.4 Further Reading and Resources
603 11.5 Questions 604 11.6 Exercises 605 12 SECURING MANAGEMENT AND
MANAGING SECURITY 607 12.1 Securing Management Applications 607 12.2
Operation, Administration, Maintenance, and Decommissioning 625 12.3
Systems Implementation or Procurement 647 12.4 Chapter Summary 657 12.5
Further Reading and Resources 657 12.6 Questions 657 12.7 Exercises 659
Appendix A: State Privacy Laws as of 2010 on CD Appendix B: Example Company
Security Policy on CD Appendix C: Example Generic Security Requirements on
CD Appendix D: Significant Standards and Recommendations Related to
Networking and Security on CD Appendix E: Detailed Security Requirements on
CD Appendix F: RFP Security Analysis of ABC Proposal on CD Appendix G:
Security Statement of Work on CD About the Author 661 Index 663
1.2 The Subject of Security 2 1.3 A Twenty-First Century Tale 15 1.4 Why
are You Important to Computer Security? 21 1.5 End of the Beginning 23 1.6
Chapter Summary 25 1.7 Further Reading and Resources 26 1.8 Questions 26
1.9 Exercises 27 2 SYSTEMS ENGINEERING 29 2.1 So What Is Systems
Engineering? 29 2.2 Process Management 37 2.3 Organization Environments 44
2.4 Chapter Summary 56 2.5 Further Reading and Resources 57 2.6 Questions
57 2.7 Exercises 58 3 FOUNDATION CONCEPTS 59 3.1 Security Concepts and
Goals 60 3.2 Role of Cryptology in Information Security 79 3.3 Key
Management Revisited 111 3.4 Chapter Summary 113 3.5 Further Reading and
Resources 113 3.6 Questions 114 3.7 Exercises 117 4 AUTHENTICATION OF
SUBJECTS 119 4.1 Authentication Systems 119 Status Verification 138 4.2
Human Authentication 150 4.3 Chapter Summary 163 4.4 Further Reading and
Resources 163 4.5 Questions 164 4.6 Exercises 166 5 SECURITY SYSTEMS
ENGINEERING 167 5.1 Security Policy Development 168 5.2 Senior Management
Oversight and Involvement 168 5.3 Security Process Management and Standards
168 5.4 Information Security Systems Engineering Methodology 185 5.5
Requirements Analysis and Decomposition 218 5.6 Access Control Concepts 221
5.7 Security Modeling and Security-Related Standards 228 5.8 Chapter
Summary 242 5.9 Questions 243 5.10 Exercises 246 6 TRADITIONAL NETWORK
CONCEPTS 249 6.1 Networking Architectures 249 6.2 Types of Networks 254 6.3
Network Protocols 259 Signaling and Control Application Protocols 323 6.4
Chapter Summary 332 6.5 Further Reading and Resources 332 6.6 Questions 332
6.7 Exercises 334 7 NEXT-GENERATION NETWORKS 335 7.1 Framework and Topology
of the NGN 336 7.2 The NGN Functional Reference Model 343 7.3 Relationship
between NGN Transport and Service Domains 351 7.4 Enterprise Role Model 353
7.5 Security Allocation within the NGN Transport Stratum Example 356 7.6
Converged Network Management (TMN and eTOM) 357 7.7 General Network
Security Architectures 364 7.8 Chapter Summary 368 7.9 Further Reading and
Resources 368 7.10 Exercises 370 8 GENERAL COMPUTER SECURITY ARCHITECTURE
371 8.1 The Hardware Protects the Software 372 8.2 The Software Protects
Information 386 8.3 Element Security Architecture Description 388 8.4
Operating System (OS) Structure 397 8.5 Security Mechanisms for Deployed
Operating Systems (OSs) 399 8.6 Chapter Summary 421 8.7 Further Reading and
Resources 425 8.8 Questions 425 8.9 Exercises 426 9 COMPUTER SOFTWARE
SECURITY 427 9.1 Specific Operating Systems (OSs) 427 9.2 Applications 459
9.3 Example Detailed Security Requirements for Specific Operating Systems
and Applications 474 9.4 Chapter Summary 476 9.5 Further Reading and
Resources 477 9.6 Questions 477 9.7 Exercises 478 10 SECURITYSYSTEMS
DESIGN--DESIGNINGNETWORKSECURITY 479 10.1 Introduction 479 10.2 Security
Design for Protocol Layer 1 482 10.3 Layer 2--Data Link Security Mechanisms
485 10.4 Security Design for Protocol Layer 3 493 10.5 IP Packet
Authorization and Access Control 525 10.6 Chapter Summary 538 10.7 Further
Reading and Resources 538 10.8 Questions 539 10.9 Exercises 541 11
TRANSPORT AND APPLICATION SECURITY DESIGN AND USE 543 11.1 Layer
4--Transport Security Protocols 543 11.2 Layer 5--User Service Application
Protocols 553 11.3 Chapter Summary 603 11.4 Further Reading and Resources
603 11.5 Questions 604 11.6 Exercises 605 12 SECURING MANAGEMENT AND
MANAGING SECURITY 607 12.1 Securing Management Applications 607 12.2
Operation, Administration, Maintenance, and Decommissioning 625 12.3
Systems Implementation or Procurement 647 12.4 Chapter Summary 657 12.5
Further Reading and Resources 657 12.6 Questions 657 12.7 Exercises 659
Appendix A: State Privacy Laws as of 2010 on CD Appendix B: Example Company
Security Policy on CD Appendix C: Example Generic Security Requirements on
CD Appendix D: Significant Standards and Recommendations Related to
Networking and Security on CD Appendix E: Detailed Security Requirements on
CD Appendix F: RFP Security Analysis of ABC Proposal on CD Appendix G:
Security Statement of Work on CD About the Author 661 Index 663
Preface and Acknowledgments xxiii 1 WHAT IS SECURITY? 1 1.1 Introduction 1
1.2 The Subject of Security 2 1.3 A Twenty-First Century Tale 15 1.4 Why
are You Important to Computer Security? 21 1.5 End of the Beginning 23 1.6
Chapter Summary 25 1.7 Further Reading and Resources 26 1.8 Questions 26
1.9 Exercises 27 2 SYSTEMS ENGINEERING 29 2.1 So What Is Systems
Engineering? 29 2.2 Process Management 37 2.3 Organization Environments 44
2.4 Chapter Summary 56 2.5 Further Reading and Resources 57 2.6 Questions
57 2.7 Exercises 58 3 FOUNDATION CONCEPTS 59 3.1 Security Concepts and
Goals 60 3.2 Role of Cryptology in Information Security 79 3.3 Key
Management Revisited 111 3.4 Chapter Summary 113 3.5 Further Reading and
Resources 113 3.6 Questions 114 3.7 Exercises 117 4 AUTHENTICATION OF
SUBJECTS 119 4.1 Authentication Systems 119 Status Verification 138 4.2
Human Authentication 150 4.3 Chapter Summary 163 4.4 Further Reading and
Resources 163 4.5 Questions 164 4.6 Exercises 166 5 SECURITY SYSTEMS
ENGINEERING 167 5.1 Security Policy Development 168 5.2 Senior Management
Oversight and Involvement 168 5.3 Security Process Management and Standards
168 5.4 Information Security Systems Engineering Methodology 185 5.5
Requirements Analysis and Decomposition 218 5.6 Access Control Concepts 221
5.7 Security Modeling and Security-Related Standards 228 5.8 Chapter
Summary 242 5.9 Questions 243 5.10 Exercises 246 6 TRADITIONAL NETWORK
CONCEPTS 249 6.1 Networking Architectures 249 6.2 Types of Networks 254 6.3
Network Protocols 259 Signaling and Control Application Protocols 323 6.4
Chapter Summary 332 6.5 Further Reading and Resources 332 6.6 Questions 332
6.7 Exercises 334 7 NEXT-GENERATION NETWORKS 335 7.1 Framework and Topology
of the NGN 336 7.2 The NGN Functional Reference Model 343 7.3 Relationship
between NGN Transport and Service Domains 351 7.4 Enterprise Role Model 353
7.5 Security Allocation within the NGN Transport Stratum Example 356 7.6
Converged Network Management (TMN and eTOM) 357 7.7 General Network
Security Architectures 364 7.8 Chapter Summary 368 7.9 Further Reading and
Resources 368 7.10 Exercises 370 8 GENERAL COMPUTER SECURITY ARCHITECTURE
371 8.1 The Hardware Protects the Software 372 8.2 The Software Protects
Information 386 8.3 Element Security Architecture Description 388 8.4
Operating System (OS) Structure 397 8.5 Security Mechanisms for Deployed
Operating Systems (OSs) 399 8.6 Chapter Summary 421 8.7 Further Reading and
Resources 425 8.8 Questions 425 8.9 Exercises 426 9 COMPUTER SOFTWARE
SECURITY 427 9.1 Specific Operating Systems (OSs) 427 9.2 Applications 459
9.3 Example Detailed Security Requirements for Specific Operating Systems
and Applications 474 9.4 Chapter Summary 476 9.5 Further Reading and
Resources 477 9.6 Questions 477 9.7 Exercises 478 10 SECURITYSYSTEMS
DESIGN--DESIGNINGNETWORKSECURITY 479 10.1 Introduction 479 10.2 Security
Design for Protocol Layer 1 482 10.3 Layer 2--Data Link Security Mechanisms
485 10.4 Security Design for Protocol Layer 3 493 10.5 IP Packet
Authorization and Access Control 525 10.6 Chapter Summary 538 10.7 Further
Reading and Resources 538 10.8 Questions 539 10.9 Exercises 541 11
TRANSPORT AND APPLICATION SECURITY DESIGN AND USE 543 11.1 Layer
4--Transport Security Protocols 543 11.2 Layer 5--User Service Application
Protocols 553 11.3 Chapter Summary 603 11.4 Further Reading and Resources
603 11.5 Questions 604 11.6 Exercises 605 12 SECURING MANAGEMENT AND
MANAGING SECURITY 607 12.1 Securing Management Applications 607 12.2
Operation, Administration, Maintenance, and Decommissioning 625 12.3
Systems Implementation or Procurement 647 12.4 Chapter Summary 657 12.5
Further Reading and Resources 657 12.6 Questions 657 12.7 Exercises 659
Appendix A: State Privacy Laws as of 2010 on CD Appendix B: Example Company
Security Policy on CD Appendix C: Example Generic Security Requirements on
CD Appendix D: Significant Standards and Recommendations Related to
Networking and Security on CD Appendix E: Detailed Security Requirements on
CD Appendix F: RFP Security Analysis of ABC Proposal on CD Appendix G:
Security Statement of Work on CD About the Author 661 Index 663
1.2 The Subject of Security 2 1.3 A Twenty-First Century Tale 15 1.4 Why
are You Important to Computer Security? 21 1.5 End of the Beginning 23 1.6
Chapter Summary 25 1.7 Further Reading and Resources 26 1.8 Questions 26
1.9 Exercises 27 2 SYSTEMS ENGINEERING 29 2.1 So What Is Systems
Engineering? 29 2.2 Process Management 37 2.3 Organization Environments 44
2.4 Chapter Summary 56 2.5 Further Reading and Resources 57 2.6 Questions
57 2.7 Exercises 58 3 FOUNDATION CONCEPTS 59 3.1 Security Concepts and
Goals 60 3.2 Role of Cryptology in Information Security 79 3.3 Key
Management Revisited 111 3.4 Chapter Summary 113 3.5 Further Reading and
Resources 113 3.6 Questions 114 3.7 Exercises 117 4 AUTHENTICATION OF
SUBJECTS 119 4.1 Authentication Systems 119 Status Verification 138 4.2
Human Authentication 150 4.3 Chapter Summary 163 4.4 Further Reading and
Resources 163 4.5 Questions 164 4.6 Exercises 166 5 SECURITY SYSTEMS
ENGINEERING 167 5.1 Security Policy Development 168 5.2 Senior Management
Oversight and Involvement 168 5.3 Security Process Management and Standards
168 5.4 Information Security Systems Engineering Methodology 185 5.5
Requirements Analysis and Decomposition 218 5.6 Access Control Concepts 221
5.7 Security Modeling and Security-Related Standards 228 5.8 Chapter
Summary 242 5.9 Questions 243 5.10 Exercises 246 6 TRADITIONAL NETWORK
CONCEPTS 249 6.1 Networking Architectures 249 6.2 Types of Networks 254 6.3
Network Protocols 259 Signaling and Control Application Protocols 323 6.4
Chapter Summary 332 6.5 Further Reading and Resources 332 6.6 Questions 332
6.7 Exercises 334 7 NEXT-GENERATION NETWORKS 335 7.1 Framework and Topology
of the NGN 336 7.2 The NGN Functional Reference Model 343 7.3 Relationship
between NGN Transport and Service Domains 351 7.4 Enterprise Role Model 353
7.5 Security Allocation within the NGN Transport Stratum Example 356 7.6
Converged Network Management (TMN and eTOM) 357 7.7 General Network
Security Architectures 364 7.8 Chapter Summary 368 7.9 Further Reading and
Resources 368 7.10 Exercises 370 8 GENERAL COMPUTER SECURITY ARCHITECTURE
371 8.1 The Hardware Protects the Software 372 8.2 The Software Protects
Information 386 8.3 Element Security Architecture Description 388 8.4
Operating System (OS) Structure 397 8.5 Security Mechanisms for Deployed
Operating Systems (OSs) 399 8.6 Chapter Summary 421 8.7 Further Reading and
Resources 425 8.8 Questions 425 8.9 Exercises 426 9 COMPUTER SOFTWARE
SECURITY 427 9.1 Specific Operating Systems (OSs) 427 9.2 Applications 459
9.3 Example Detailed Security Requirements for Specific Operating Systems
and Applications 474 9.4 Chapter Summary 476 9.5 Further Reading and
Resources 477 9.6 Questions 477 9.7 Exercises 478 10 SECURITYSYSTEMS
DESIGN--DESIGNINGNETWORKSECURITY 479 10.1 Introduction 479 10.2 Security
Design for Protocol Layer 1 482 10.3 Layer 2--Data Link Security Mechanisms
485 10.4 Security Design for Protocol Layer 3 493 10.5 IP Packet
Authorization and Access Control 525 10.6 Chapter Summary 538 10.7 Further
Reading and Resources 538 10.8 Questions 539 10.9 Exercises 541 11
TRANSPORT AND APPLICATION SECURITY DESIGN AND USE 543 11.1 Layer
4--Transport Security Protocols 543 11.2 Layer 5--User Service Application
Protocols 553 11.3 Chapter Summary 603 11.4 Further Reading and Resources
603 11.5 Questions 604 11.6 Exercises 605 12 SECURING MANAGEMENT AND
MANAGING SECURITY 607 12.1 Securing Management Applications 607 12.2
Operation, Administration, Maintenance, and Decommissioning 625 12.3
Systems Implementation or Procurement 647 12.4 Chapter Summary 657 12.5
Further Reading and Resources 657 12.6 Questions 657 12.7 Exercises 659
Appendix A: State Privacy Laws as of 2010 on CD Appendix B: Example Company
Security Policy on CD Appendix C: Example Generic Security Requirements on
CD Appendix D: Significant Standards and Recommendations Related to
Networking and Security on CD Appendix E: Detailed Security Requirements on
CD Appendix F: RFP Security Analysis of ABC Proposal on CD Appendix G:
Security Statement of Work on CD About the Author 661 Index 663