1st Edition
Computer System and Network Security
Computer System and Network Security provides the reader with a basic understanding of the issues involved in the security of computer systems and networks. Introductory in nature, this important new book covers all aspects related to the growing field of computer security. Such complete coverage in a single text has previously been unavailable, and college professors and students, as well as professionals responsible for system security, will find this unique book a valuable source of information, either as a textbook or as a general reference.
Computer System and Network Security discusses existing and potential threats to computer systems and networks and outlines the basic actions that are generally taken to protect them. The first two chapters of the text introduce the reader to the field of computer security, covering fundamental issues and objectives. The next several chapters describe security models, authentication issues, access control, intrusion detection, and damage control. Later chapters address network and database security and systems/networks connected to wide-area networks and internetworks. Other topics include firewalls, cryptography, malicious software, and security standards. The book includes case studies with information about incidents involving computer security, illustrating the problems and potential damage that can be caused when security fails.
This unique reference/textbook covers all aspects of computer and network security, filling an obvious gap in the existing literature.
Computer Security Fundamentals
Objectives of Computer Security
Issues Involved in Computer Security
Privacy and Ethics
Risk Analysis
Theory
Possible Loss (L)
Probability of Loss Occurrence (P)
Burden of Preventing Loss (B)
Applying the Risk Analysis Equation
Risk Analysis in Computer Security
Terminology
Application
Developing Secure Computer Systems
External Security Measures
Structure of a Computer System
Secure Computer System Issues
Security Models
Specification and Verification
Security Models
Bell and LaPadula
Clark-Wilson
Goguen-Meseguer
TCSEC
Discretionary Access Requirements
Mandatory Access Requirements
User Authentication
Authentication Objectives
Authentication Methods
Informational Keys
Physical Keys
Biometric Keys
Access and Information Flow Controls
File Passwords
Capabilities Based
Access Control Lists
Protection Bits
Controls for Mandatory Access
Trojan Horses
AUDITING and INTRUSION DETECTION
Audit Trail Features
Intrusion Detection Systems
User Profiling
Intruder Profiling
Signature Analysis
Action Based
IDES
MIDAS
Haystack
Network Intrusion Detection
Network Attack Characteristics
NSM
DIDS
NADIR
CSM
Monitoring and the Law
Damage Control and Assessment
Damage Control
Inform the Authorities
Backup System Data
Remove the Intruder
Contain and Monitor the Intruder
Lock Stolen Accounts
Require Additional Authentication
Damage Assessment
Attack Recovery
Damage Prevention
Network Security
Network Fundamentals
Network Security Issues
Basic Network Security Objectives and Threats
Security Services
The Trusted Network Interpretation
TNI Security Service
AIS Interconnection Issues
Distributed Systems Security
Firewalls
Simple Damage Limiting Approaches
Network Firewalls
Packet Filtering Gateways
Circuit Level Gateways
Application Level Gateways
Firewall Costs and Effectiveness
Database Security
Database Management System Primer
DBMS Vulnerabilities and Responses
Inference
Aggregation
Data Integrity
Trojan Horses
Cryptography
Substitution Ciphers
Caesar Cipher
ROT13
Substitution Cipher Variations
Vigenere Ciphers
One Time Pads
Transposition Ciphers
Encrypting Digital Communication
DES
IDEA
Key Escrow
Public Key Cryptography
Digital Signatures
Malicious Software
Viruses
Worms
Trojan Horses
Time Bombs
Security Standards
The Federal Criteria
The Common Criteria
The Trusted Computer System Evaluation Criteria
The Information Technology Security Evaluation Criteria
Case Study
The Hannover Hackers
An Evening With Berferd
The Internet Worm
Appendix: Information Warfare
Biography
Gregory B. White (SecureLogix, San Antonio, Texas, USA) (Author) , Eric A. Fisch (KPMG LLP, Plano, Texas, USA) (Author) , Udo W. Pooch (Texas A & M University, College Station, Texas, USA) (Author)
