Information security is the act of protecting information from unauthorized access, use, disclosure, disruption, modification, or destruction. This book discusses why information security is needed and how security problems can have widespread impacts. It covers the complete security lifecycle of products and services, starting with requirements and policy development and progressing through development, deployment, and operations, and concluding with decommissioning. Professionals in the sciences, engineering, and communications fields will turn to this resource to understand the many legal,…mehr
Information security is the act of protecting information from unauthorized access, use, disclosure, disruption, modification, or destruction. This book discusses why information security is needed and how security problems can have widespread impacts. It covers the complete security lifecycle of products and services, starting with requirements and policy development and progressing through development, deployment, and operations, and concluding with decommissioning. Professionals in the sciences, engineering, and communications fields will turn to this resource to understand the many legal, technical, competitive, criminal and consumer forces and influences that are rapidly changing our information dependent society.
For solution manual, contact ieeepress@ieee.orgHinweis: Dieser Artikel kann nur an eine deutsche Lieferadresse ausgeliefert werden.
Produktdetails
Produktdetails
IEEE Press Series on Information and Communication Networks Security
Stuart Jacobs is Principal Consultant for YCS Consulting LLC and a Lecturer at Boston University Metropolitan College. He serves as an Industry Security Subject Matter Expert for the Telecommunications Management and Operations Committee (TMOC) of the Alliance for the Telecommunications Industry Solutions (ATIS). Mr. Jacobs has also served as a technical editor of ATIS Joint Committee Technical Reports and ITU-T Recommendations.
Inhaltsangabe
Preface and Acknowledgments xxiii 1 WHAT IS SECURITY? 1 1.1 Introduction 1 1.2 The Subject of Security 2 1.3 A Twenty-First Century Tale 15 1.4 Why are You Important to Computer Security? 21 1.5 End of the Beginning 23 1.6 Chapter Summary 25 1.7 Further Reading and Resources 26 1.8 Questions 26 1.9 Exercises 27 2 SYSTEMS ENGINEERING 29 2.1 So What Is Systems Engineering? 29 2.2 Process Management 37 2.3 Organization Environments 44 2.4 Chapter Summary 56 2.5 Further Reading and Resources 57 2.6 Questions 57 2.7 Exercises 58 3 FOUNDATION CONCEPTS 59 3.1 Security Concepts and Goals 60 3.2 Role of Cryptology in Information Security 79 3.3 Key Management Revisited 111 3.4 Chapter Summary 113 3.5 Further Reading and Resources 113 3.6 Questions 114 3.7 Exercises 117 4 AUTHENTICATION OF SUBJECTS 119 4.1 Authentication Systems 119 Status Verification 138 4.2 Human Authentication 150 4.3 Chapter Summary 163 4.4 Further Reading and Resources 163 4.5 Questions 164 4.6 Exercises 166 5 SECURITY SYSTEMS ENGINEERING 167 5.1 Security Policy Development 168 5.2 Senior Management Oversight and Involvement 168 5.3 Security Process Management and Standards 168 5.4 Information Security Systems Engineering Methodology 185 5.5 Requirements Analysis and Decomposition 218 5.6 Access Control Concepts 221 5.7 Security Modeling and Security-Related Standards 228 5.8 Chapter Summary 242 5.9 Questions 243 5.10 Exercises 246 6 TRADITIONAL NETWORK CONCEPTS 249 6.1 Networking Architectures 249 6.2 Types of Networks 254 6.3 Network Protocols 259 Signaling and Control Application Protocols 323 6.4 Chapter Summary 332 6.5 Further Reading and Resources 332 6.6 Questions 332 6.7 Exercises 334 7 NEXT-GENERATION NETWORKS 335 7.1 Framework and Topology of the NGN 336 7.2 The NGN Functional Reference Model 343 7.3 Relationship between NGN Transport and Service Domains 351 7.4 Enterprise Role Model 353 7.5 Security Allocation within the NGN Transport Stratum Example 356 7.6 Converged Network Management (TMN and eTOM) 357 7.7 General Network Security Architectures 364 7.8 Chapter Summary 368 7.9 Further Reading and Resources 368 7.10 Exercises 370 8 GENERAL COMPUTER SECURITY ARCHITECTURE 371 8.1 The Hardware Protects the Software 372 8.2 The Software Protects Information 386 8.3 Element Security Architecture Description 388 8.4 Operating System (OS) Structure 397 8.5 Security Mechanisms for Deployed Operating Systems (OSs) 399 8.6 Chapter Summary 421 8.7 Further Reading and Resources 425 8.8 Questions 425 8.9 Exercises 426 9 COMPUTER SOFTWARE SECURITY 427 9.1 Specific Operating Systems (OSs) 427 9.2 Applications 459 9.3 Example Detailed Security Requirements for Specific Operating Systems and Applications 474 9.4 Chapter Summary 476 9.5 Further Reading and Resources 477 9.6 Questions 477 9.7 Exercises 478 10 SECURITYSYSTEMS DESIGN--DESIGNINGNETWORKSECURITY 479 10.1 Introduction 479 10.2 Security Design for Protocol Layer 1 482 10.3 Layer 2--Data Link Security Mechanisms 485 10.4 Security Design for Protocol Layer 3 493 10.5 IP Packet Authorization and Access Control 525 10.6 Chapter Summary 538 10.7 Further Reading and Resources 538 10.8 Questions 539 10.9 Exercises 541 11 TRANSPORT AND APPLICATION SECURITY DESIGN AND USE 543 11.1 Layer 4--Transport Security Protocols 543 11.2 Layer 5--User Service Application Protocols 553 11.3 Chapter Summary 603 11.4 Further Reading and Resources 603 11.5 Questions 604 11.6 Exercises 605 12 SECURING MANAGEMENT AND MANAGING SECURITY 607 12.1 Securing Management Applications 607 12.2 Operation, Administration, Maintenance, and Decommissioning 625 12.3 Systems Implementation or Procurement 647 12.4 Chapter Summary 657 12.5 Further Reading and Resources 657 12.6 Questions 657 12.7 Exercises 659 Appendix A: State Privacy Laws as of 2010 on CD Appendix B: Example Company Security Policy on CD Appendix C: Example Generic Security Requirements on CD Appendix D: Significant Standards and Recommendations Related to Networking and Security on CD Appendix E: Detailed Security Requirements on CD Appendix F: RFP Security Analysis of ABC Proposal on CD Appendix G: Security Statement of Work on CD About the Author 661 Index 663
Preface and Acknowledgments xxiii 1 WHAT IS SECURITY? 1 1.1 Introduction 1 1.2 The Subject of Security 2 1.3 A Twenty-First Century Tale 15 1.4 Why are You Important to Computer Security? 21 1.5 End of the Beginning 23 1.6 Chapter Summary 25 1.7 Further Reading and Resources 26 1.8 Questions 26 1.9 Exercises 27 2 SYSTEMS ENGINEERING 29 2.1 So What Is Systems Engineering? 29 2.2 Process Management 37 2.3 Organization Environments 44 2.4 Chapter Summary 56 2.5 Further Reading and Resources 57 2.6 Questions 57 2.7 Exercises 58 3 FOUNDATION CONCEPTS 59 3.1 Security Concepts and Goals 60 3.2 Role of Cryptology in Information Security 79 3.3 Key Management Revisited 111 3.4 Chapter Summary 113 3.5 Further Reading and Resources 113 3.6 Questions 114 3.7 Exercises 117 4 AUTHENTICATION OF SUBJECTS 119 4.1 Authentication Systems 119 Status Verification 138 4.2 Human Authentication 150 4.3 Chapter Summary 163 4.4 Further Reading and Resources 163 4.5 Questions 164 4.6 Exercises 166 5 SECURITY SYSTEMS ENGINEERING 167 5.1 Security Policy Development 168 5.2 Senior Management Oversight and Involvement 168 5.3 Security Process Management and Standards 168 5.4 Information Security Systems Engineering Methodology 185 5.5 Requirements Analysis and Decomposition 218 5.6 Access Control Concepts 221 5.7 Security Modeling and Security-Related Standards 228 5.8 Chapter Summary 242 5.9 Questions 243 5.10 Exercises 246 6 TRADITIONAL NETWORK CONCEPTS 249 6.1 Networking Architectures 249 6.2 Types of Networks 254 6.3 Network Protocols 259 Signaling and Control Application Protocols 323 6.4 Chapter Summary 332 6.5 Further Reading and Resources 332 6.6 Questions 332 6.7 Exercises 334 7 NEXT-GENERATION NETWORKS 335 7.1 Framework and Topology of the NGN 336 7.2 The NGN Functional Reference Model 343 7.3 Relationship between NGN Transport and Service Domains 351 7.4 Enterprise Role Model 353 7.5 Security Allocation within the NGN Transport Stratum Example 356 7.6 Converged Network Management (TMN and eTOM) 357 7.7 General Network Security Architectures 364 7.8 Chapter Summary 368 7.9 Further Reading and Resources 368 7.10 Exercises 370 8 GENERAL COMPUTER SECURITY ARCHITECTURE 371 8.1 The Hardware Protects the Software 372 8.2 The Software Protects Information 386 8.3 Element Security Architecture Description 388 8.4 Operating System (OS) Structure 397 8.5 Security Mechanisms for Deployed Operating Systems (OSs) 399 8.6 Chapter Summary 421 8.7 Further Reading and Resources 425 8.8 Questions 425 8.9 Exercises 426 9 COMPUTER SOFTWARE SECURITY 427 9.1 Specific Operating Systems (OSs) 427 9.2 Applications 459 9.3 Example Detailed Security Requirements for Specific Operating Systems and Applications 474 9.4 Chapter Summary 476 9.5 Further Reading and Resources 477 9.6 Questions 477 9.7 Exercises 478 10 SECURITYSYSTEMS DESIGN--DESIGNINGNETWORKSECURITY 479 10.1 Introduction 479 10.2 Security Design for Protocol Layer 1 482 10.3 Layer 2--Data Link Security Mechanisms 485 10.4 Security Design for Protocol Layer 3 493 10.5 IP Packet Authorization and Access Control 525 10.6 Chapter Summary 538 10.7 Further Reading and Resources 538 10.8 Questions 539 10.9 Exercises 541 11 TRANSPORT AND APPLICATION SECURITY DESIGN AND USE 543 11.1 Layer 4--Transport Security Protocols 543 11.2 Layer 5--User Service Application Protocols 553 11.3 Chapter Summary 603 11.4 Further Reading and Resources 603 11.5 Questions 604 11.6 Exercises 605 12 SECURING MANAGEMENT AND MANAGING SECURITY 607 12.1 Securing Management Applications 607 12.2 Operation, Administration, Maintenance, and Decommissioning 625 12.3 Systems Implementation or Procurement 647 12.4 Chapter Summary 657 12.5 Further Reading and Resources 657 12.6 Questions 657 12.7 Exercises 659 Appendix A: State Privacy Laws as of 2010 on CD Appendix B: Example Company Security Policy on CD Appendix C: Example Generic Security Requirements on CD Appendix D: Significant Standards and Recommendations Related to Networking and Security on CD Appendix E: Detailed Security Requirements on CD Appendix F: RFP Security Analysis of ABC Proposal on CD Appendix G: Security Statement of Work on CD About the Author 661 Index 663
Es gelten unsere Allgemeinen Geschäftsbedingungen: www.buecher.de/agb
Impressum
www.buecher.de ist ein Internetauftritt der buecher.de internetstores GmbH
Geschäftsführung: Monica Sawhney | Roland Kölbl | Günter Hilger
Sitz der Gesellschaft: Batheyer Straße 115 - 117, 58099 Hagen
Postanschrift: Bürgermeister-Wegele-Str. 12, 86167 Augsburg
Amtsgericht Hagen HRB 13257
Steuernummer: 321/5800/1497
