CHAPTER 1 INTRODUCTION 1
1.1 The OSI Security Architecture 4
1.2 Security Attacks 5
1.3 Security Serveices 9
1.4 Security Mechanisms 13
1.5 A Model for network Security 13
1.6 Internet Standards and the Internet Society 17
1.7 Outline of This Book 21
1.8 Recommended Reading 21
1.9 Internet and Web Resources 22
PART ONE CRYPTOGRAPHY 25
CHAPTER 2 SYMMETRIC ENCRYPTION AND MESSAGE CONFIDENTIALITY 27
2.1 Symmetric Encryption Principles 28
2.2 Symmetric Encryption Algorithms 34
2.3 Chpher Block Modes of Operation 44
2.4 Location of Encryption Devices 47
2.5 Key Distribution 49
2.6 Recommended Reading and Web Sites 51
2.7 Key Terms, Review Questions, and Problems 51
CHAPTER 3 PUBLIC-KEY CRYPTOGRAPHY AND MESSAGE AUTHENTICATION 53
3.1 Approaches to Message Authentication 54
3.2 Secure hash Functions and HMAC 58
3.3 Public-Key Cryptography Principles 68
3.5 Digital Singnatures 78
3.6 Key management 79
3.7 Recommended Reading and Web Sites 81
3.8 Key Terms, Review Questions, and problems 82
PART TWO NETWORK SECURITY APPLICATIONS 85
CHAPTER 4 AUTHENTICATION APPLICATIONS 87
4.1 Kerberos 88
4.2 X.59 Authentication Service 1S
4.3 Recommended Reading and Web Sites 114
4.4 Key Terms, Review Questions, and Problems 115
Appendix 4A Kerberos Encryption Techniques 117
CHAPTER 5 ELECTRONIC MAIL SECURITY 121
5.1 Pretty Good Privacy 122
5.2 S/MIME 141
5.3 Recommended Web Sites 158
5.4 Key Terms, Review Questions, and Problems 158
Appendix 5A Data Compression Using Zip 159
Appendix 5B RADIX-64 Conversion 162
Appendix 5C PGP Random Number Generation 164
CHAPTER 6 IP SECURITY 167
6.1 IP Security Overview 168
6.2 IP Security Architecture 171
6.3 Authentication Header 177
6.4 Encapsulating Security Payload 182
6.5 Combining Security Associations 187
6.6 Key Management 19
6.7 Recommended Reading and Web Sites 21
6.8 Key Terms, Review Questions, and Problems 22
Appendix 6A Internetworking and Internet Protocols 23
CHAPTER 7 WEB SECURITY 213
7.1 Web Security Considerations 214
7.2 Secure Socket Layer and Transport Layer Security 217
7.3 Secure Electronic Transaction 234
7.4 Recommended Reading and Web Sites 246
7.5 Key Terms, Review Questions, and Problems 246
CHAPTER 8 NETWORK MANAGEMENT SECURITY 249
8.1 Basic Concepts of SNMP 25
8.2 SNMPvl Community Facility 258
8.3 SNMPv3 261
8.4 Recommended Reading and Web Sites 286
8.5 Key Terms, Review Questions, and Problems 286
PART THREE SYSTEM SECURITY 291
CHAPTER 9 INTRUDERS 293
9.1 Intruders 294
9.2 Intrusion Detection 297
9.3 Password Management 39
9.4 Recommended Reading and Web Sites 319
9.5 Key Terms, Review Questions, and Problems 32
Appendix 9A The Base-Rate Fallacy 322
CHAPTER 1 MALICIOUS SOFTWARE 325
1.1 Viruses and Related Threats 326
1.2 Virus Countermeasures 337
1.3 Recommended Reading and Web Site 341
1.4 Key Terms, Review Questions, and Problems 342
CHAPTER 11 FIREWALLS 343
11.1 Firewall Design Principles 344
11.2 Trusted Systems 356
11.3 RecommendedReading and Web Site 362
11.4 Key Terms, Review Questions, and Problems 362
APPENDICES
APPENDIX A STANDARDS CITED IN THIS BOOK 365
A.1 ANSI Standards 365
A.2 Internet RFGs 365
A.3 ITU-T Recommendations 366
A.4 NIST Federal Information Processing Standards 367
APPENDIX B SOME ASPECTS OF NUMBER THEORY 369
B.1 Prime and Relatively Prime Numbers 37
B.2 Modular Arithmetic 372
GLOSSARY 375
REFERENCES 381
INDEX 389
鄂公网安备 42010302001612号 