第1章 概述23
1.1計算機安全的概念24
1.2威脅、攻擊和資産31
1.3安全功能要求37
1.4基本安全設計原則39
1.5攻擊麵和攻擊樹43
1.6計算機安全策略46
1.7標準48
1.8關鍵術語、復習題和習題49
第一部分 計算機安全技術與原理
第2章 密碼編碼工具52
2.1用對稱加密實現機密性53
2.2消息認證和散列函數59
2.3公鑰加密67
2.4數字簽名和密鑰管理72
2.5隨機數和僞隨機數77
2.6實際應用:存儲數據的加密79
2.7關鍵術語、復習題和習題80
第3章 用戶認證85
3.1數字用戶認證方法86
3.2基於口令的認證92
3.3基於令牌的認證104
3.4生物特徵認證109
3.5遠程用戶認證114
3.6用戶認證中的安全問題117
3.7實際應用:虹膜生物特徵認證係統119
3.8案例學習:ATM係統的安全問題121
3.9關鍵術語、復習題和習題124
第4章 訪問控製127
4.1訪問控製原理128
4.2主體、客體和訪問權131
4.3自主訪問控製132
4.4實例:UNIX文件訪問控製139
4.5基於角色的訪問控製142
4.6基於屬性的訪問控製148
4.7身份、憑證和訪問管理154
4.8信任框架158
4.9案例學習:銀行的RBAC係統162
4.10關鍵術語、復習題和習題164
第5章 數據庫與雲安全169
5.1數據庫安全需求170
5.2數據庫管理係統171
5.3關係數據庫173
5.4SQL注入攻擊177
5.5數據庫訪問控製183
5.6推理188
5.7數據庫加密190
5.8 數據中心安全194
5.9關鍵術語、復習題和習題200
第6章 惡意軟件205
6.1惡意軟件的類型207
6.2高級持續性威脅209
6.3傳播-感染內容-病毒210
6.4傳播-漏洞利用-蠕蟲215
6.5傳播-社會工程學-垃圾電子郵件、木馬224
6.6載荷-係統損壞227
6.7載荷-攻擊代理- zombie、bot229
6.8載荷-信息竊取-鍵盤ji錄器、網絡釣魚、間die軟件231
6.9 載荷-隱蔽-後門、rootkit233
6.10對抗手段236
6.11關鍵術語、復習題和習題242
第7章 拒絕服務攻擊246
7.1 拒絕服務攻擊247
7.2 洪泛攻擊255
7.3 分布式拒絕服務攻擊256
7.4 基於應用的帶寬攻擊258
7.5 反射攻擊與放大攻擊261
7.6 拒絕服務攻擊防範265
7.7 對拒絕服務攻擊的響應269
7.8 關鍵術語、復習題和習題270
第8章 入侵檢測273
8.1 入侵者274
8.2 入侵檢測278
8.3 分析方法281
8.4 基於主機的入侵檢測284
8.5 基於網絡的入侵檢測289
8.6 分布式或混閤式入侵檢測295
8.7 入侵檢測交換格式 297
8.8 蜜罐300
8.9 實例係統:Snort302
8.10 關鍵術語、復習題和習題306
第9章 防火牆與入侵防禦係統310
9.1 防火牆的必要性311
9.2 防火牆的特徵和訪問策略312
9.3 防火牆的類型314
9.4 防火牆的布置320
9.5 防火牆的部署和配置323
9.6 入侵防禦係統328
9.7 實例:一體化威脅管理産品332
9.8 關鍵術語、復習題和習題336
第二部分 軟件和係統安全
第10章 緩衝區溢齣341
10.1 棧溢齣343
10.2 針對緩衝區溢齣的防禦364
10.3 其他形式的溢齣攻擊370
10.4 關鍵術語、復習題和習題377
第11章 軟件安全379
11.1 軟件安全問題380
11.2 處理程序輸入384
11.3 編寫安全程序代碼395
11.4 與操作係統和其他程序進行交互400
11.5 處理程序輸齣413
11.6 關鍵術語、復習題和習題415
第12章 操作係統安全419
12.1 操作係統安全簡介421
12.2 係統安全規劃422
12.3 操作係統加固422
12.4 應用安全426
12.5 安全維護428
12.6 Linux/UNIX安全429
12.7 Windows安全433
12.8 虛擬化安全435
12.9 關鍵術語、復習題和習題443
第13章 雲和IoT安全445
13.1 雲計算446
13.2 雲安全的概念454
13.3 雲安全方法457
13.4 物聯網466
13.5 IoT安全470
13.6 關鍵術語和復習題478
第三部分 管理問題
第14章 IT安全管理與風險評估480
14.1 IT安全管理481
14.2 組織的情境和安全方針484
14.3 安全風險評估487
14.4 詳細的安全風險分析490
14.5 案例學習:銀星礦業502
14.6 關鍵術語、復習題和習題507
第15章 IT安全控製、計劃和規程510
15.1 IT安全管理的實施511
15.2 安全控製或保障措施511
15.3 IT安全計劃520
15.4 控製的實施521
15.5 監視風險522
15.6 案例學習:銀星礦業524
15.7 關鍵術語、復習題和習題527
第16章 物理和基礎設施安全529
16.1 概述530
16.2 物理安全威脅531
16.3 物理安全的防禦和減緩措施538
16.4 物理安全破壞的恢復541
16.5 實例:某公司的物理安全策略541
16.6 物理安全和邏輯安全的集成542
16.7 關鍵術語、復習題和習題548
第17章 人力資源安全550
17.1 安全意識、培訓和教育551
17.2 雇用實踐和策略557
17.3 電子郵件和Internet使用策略560
17.4 計算機安全事件響應團隊561
17.5 關鍵術語、復習題和習題568
第18章 安全審計570
18.1 安全審計體係結構572
18.2 安全審計跡576
18.3 實現日誌功能581
18.4 審計跡分析592
18.5 安全信息和事件管理596
18.6 關鍵術語、復習題和習題598
第19章 法律與道德問題600
19.1 網絡犯罪和計算機犯罪601
19.2 知識産權605
19.3 隱私611
19.4 道德問題618
19.5 關鍵術語、復習題和習題624
第四部分 密碼編碼算法
第20章 對稱加密和消息機密性627
20.1 對稱加密原理628
20.2 數據加密標準633
20.3 高級加密標準635
20.4 流密碼和RC4641
20.5 分組密碼的工作模式644
20.6 密鑰分發650
20.7 關鍵術語、復習題和習題652
第21章 公鑰密碼和消息認證656
21.1 安全散列函數657
21.2 HMAC663
21.3 認證加密666
21.4 RSA公鑰加密算法669
21.5 Diffie-Hellman和其他非對稱算法675
21.6 關鍵術語、復習題和習題679
第五部分 網絡安全
第22章 Internet安全協議和標準682
22.1 安全E-mail和S/MIME683
22.2 域名密鑰識彆郵件標準686
22.3 安全套接層和傳輸層安全690
22.4 HTTPS697
22.5 IPv4和IPv6的安全性698
22.6 關鍵術語、復習題和習題703
第23章 Internet認證應用706
23.1 Kerberos707
23.2 X.509713
23.3 公鑰基礎設施716
23.4 關鍵術語、復習題和習題719
第24章 無綫網絡安全722
24.1 無綫安全723
24.2 移動設備安全726
24.3 IEEE 802.11無綫局域網概述730
24.4 IEEE 802.11i無綫局域網安全736
24.5 關鍵術語、復習題和習題751
附錄A 計算機安全教學項目和學生練習754
縮略語761
NIST和ISO文件列錶762
參考文獻764
在綫章節和附錄
第25章 Linux安全
第26章 Windows安全
第27章 可信計算與多級安全
附錄B 數論的相關內容
附錄C 標準和標準製定組織
附錄D 隨機數與僞隨機數的生成
附錄E 基於分組密碼的消息認證碼
附錄F TCP/IP協議體係結構
附錄G Radix-64轉換
附錄H 域名係統
附錄I 基率謬誤
附錄J SHA-3
附錄K 術語
Contents
Chapter 1 Overview 23
1.1 Computer Security Concepts 24
1.2 Threats, Attacks, and Assets 31
1.3 Security Functional Requirements 37
1.4 Fundamental Security Design Principles 39
1.5 Attack Surfaces and Attack Trees 43
1.6 Computer Security Strategy 46
1.7 Standards 48
1.8 Key Terms, Review Questions, and Problems 49
PART ONE COMPUTER SECURITY TECHNOLOGY AND PRINCIPLES 52
Chapter 2 Cryptographic Tools 52
2.1 Confidentiality with Symmetric Encryption 53
2.2 Message Authentication and Hash Functions 59
2.3 Public-Key Encryption 67
2.4 Digital Signatures and Key Management 72
2.5 Random and Pseudorandom Numbers 77
2.6 Practical Application: Encryption of Stored Data 79
2.7 Key Terms, Review Questions, and Problems 80
Chapter 3 User Authentication 85
3.1 Digital User Authentication Principles 86
3.2 Password-Based Authentication 92
3.3 Token-Based Authentication 104
3.4 Biometric Authentication 109
3.5 Remote User Authentication 114
3.6 Security Issues for User Authentication 117
3.7 Practical Application: An Iris Biometric System 119
3.8 Case Study: Security Problems for ATM Systems 121
3.9 Key Terms, Review Questions, and Problems 124
Chapter 4 Access Control 127
4.1 Access Control Principles 128
4.2 Subjects, Objects, and Access Rights 131
4.3 Discretionary Access Control 132
4.4 Example: UNIX File Access Control 139
4.5 Role-Based Access Control 142
4.6 Attribute-Based Access Control 148
4.7 Identity, Credential, and Access Management 154
4.8 Trust Frameworks 158
4.9 Case Study: RBAC System for a Bank 162
4.10 Key Terms, Review Questions, and Problems 164
Chapter 5 Database and Data Center Security 169
5.1 The Need for Database Security 170
5.2 Database Management Systems 171
5.3 Relational Databases 173
5.4 SQL Injection Attacks 177
5.5 Database Access Control 183
5.6 Inference 188
5.7 Database Encryption 190
5.8 Data Center Security 194
5.9 Key Terms, Review Questions, and Problems 200
Chapter 6 Malicious Software 205
6.1 Types of Malicious Software (Malware) 207
6.2 Advanced Persistent Threat 209
6.3 Propagation—Infected Content—Viruses 210
6.4 Propagation—Vulnerability Exploit—Worms 215
6.5 Propagation—Social Engineering—Spam E-mail, Trojans 224
6.6 Payload—System Corruption 227
6.7 Payload—Attack Agent—Zombie, Bots 229
6.8 Payload—Information Theft—Keyloggers, Phishing, Spyware 231
6.9 Payload—Stealthing—Backdoors, Rootkits 233
6.10 Countermeasures 236
6.11 Key Terms, Review Questions, and Problems 242
Chapter 7 Denial-of-Service Attacks 246
7.1 Denial-of-Service Attacks 247
7.2 Flooding Attacks 255
7.3 Distributed Denial-of-Service Attacks 256
7.4 Application-Based Bandwidth Attacks 258
7.5 Reflector and Amplifier Attacks 261
7.6 Defenses Against Denial-of-Service Attacks 265
7.7 Responding to a Denial-of-Service Attack 269
7.8 Key Terms, Review Questions, and Problems 270
Chapter 8 Intrusion Detection 273
8.1 Intruders 274
8.2 Intrusion Detection 278
8.3 Analysis Approaches 281
8.4 Host-Based Intrusion Detection 284
8.5 Network-Based Intrusion Detection 289
8.6 Distributed or Hybrid Intrusion Detection 295
8.7 Intrusion Detection Exchange Format 297
8.8 Honeypots 300
8.9 Example System: Snort 302
8.10 Key Terms, Review Questions, and Problems 306
Chapter 9 Firewalls and Intrusion Prevention Systems 310
9.1 The Need for Firewalls 311
9.2 Firewall Characteristics and Access Policy 312
9.3 Types of Firewalls 314
9.4 Firewall Basing 320
9.5 Firewall Location and Configurations 323
9.6 Intrusion Prevention Systems 328
9.7 Example: Unified Threat Management Products 332
9.8 Key Terms, Review Questions, and Problems 336
PART TWO SOFTWARE AND SYSTEM SECURITY 341
Chapter 10 Buffer Overflow 341
10.1 Stack Overflows 343
10.2 Defending Against Buffer Overflows 364
10.3 Other forms of Overflow Attacks 370
10.4 Key Terms, Review Questions, and Problems 377
Chapter 11 Software Security 379
11.1 Software Security Issues 380
11.2 Handling Program Input 384
11.3 Writing Safe Program Code 395
11.4 Interacting with the Operating System and Other Programs 400
11.5 Handling Program Output 413
11.6 Key Terms, Review Questions, and Problems 415
Chapter 12 Operating System Security 419
12.1 Introduction to Operating System Security 421
12.2 System Security Planning 422
12.3 Operating Systems Hardening 422
12.4 Application Security 426
12.5 Security Maintenance 428
12.6 Linux/Unix Security 429
12.7 Windows Security 433
12.8 Virtualization Security 435
12.9 Key Terms, Review Questions, and Problems 443
Chapter 13 Cloud and IoT Security 445
13.1 Cloud Computing 446
13.2 Cloud Security Concepts 454
13.3 Cloud Security Approaches 457
13.4 The Internet of Things 466
13.5 IoT Security 470
13.6 Key Terms and Review Questions 478
PART THREE MANAGEMENT ISSUES 480
Chapter 14 IT Security Management and Risk Assessment 480
14.1 IT Security Management 481
14.2 Organizational Context and Security Policy 484
14.3 Security Risk Assessment 487
14.4 Detailed Security Risk Analysis 490
14.5 Case Study: Silver Star Mines 502
14.6 Key Terms, Review Questions, and Problems 507
Chapter 15 IT Security Controls, Plans, and Procedures 510
15.1 IT Security Management Implementation 511
15.2 Security Controls or Safeguards 511
15.3 IT Security Plan 520
15.4 Implementation of Controls 521
15.5 Monitoring Risks 522
15.6 Case Study: Silver Star Mines 524
15.7 Key Terms, Review Questions, and Problems 527
Chapter 16 Physical and Infrastructure Security 529
16.1 Overview 530
16.2 Physical Security Threats 531
16.3 Physical Security Prevention and Mitigation Measures 538
16.4 Recovery from Physical Security Breaches 541
16.5 Example: A Corporate Physical Security Policy 541
16.6 Integration of Physical and Logical Security 542
16.7 Key Terms, Review Questions, and Problems 548
Chapter 17 Human Resources Security 550
17.1 Security Awareness, Training, and Education 551
17.2 Employment Practices and Policies 557
17.3 E-mail and Internet Use Policies 560
17.4 Computer Security Incident Response Teams 561
17.5 Key Terms, Review Questions, and Problems 568
Chapter 18 Security Auditing 570
18.1 Security Auditing Architecture 572
18.2 Security Audit Trail 576
18.3 Implementing the Logging Function 581
18.4 Audit Trail Analysis 592
18.5 Security Information and Event Management 596
18.6 Key Terms, Review Questions, and Problems 598
Chapter 19 Legal and Ethical Aspects 600
19.1 Cybercrime and Computer Crime 601
19.2 Intellectual Property 605
19.3 Privacy 611
19.4 Ethical Issues 618
19.5 Key Terms, Review Questions, and Problems 624
PART FOUR CRYPTOGRAPHIC ALGORITHMS 627
Chapter 20 Symmetric Encryption and Message Confidentiality 627
20.1 Symmetric Encryption Principles 628
20.2 Data Encryption Standard 633
20.3 Advanced Encryption Standard 635
20.4 Stream Ciphers and RC4 641
20.5 Cipher Block Modes of Operation 644
20.6 Key Distribution 650
20.7 Key Terms, Review Questions, and Problems 652
Chapter 21 Public-Key Cryptography and Message Authentication 656
21.1 Secure Hash Functions 657
21.2 HMAC 663
21.3 Authenticated Encryption 666
21.4 The RSA Public-Key Encryption Algorithm 669
21.5 Diffie-Hellman and Other Asymmetric Algorithms 675
21.6 Key Terms, Review Questions, and Problems 679
PART FIVE NETWORK SECURITY 682
Chapter 22 Internet Security Protocols and Standards 682
22.1 Secure E-mail and S/MIME 683
22.2 Domainkeys Identified Mail 686
22.3 Secure Sockets Layer (SSL) and Transport Layer Security (TLS) 690
22.4 HTTPS 697
22.5 IPv4 and IPv6 Security 698
22.6 Key Terms, Review Questions, and Problems 703
Chapter 23 Internet Authentication Applications 706
23.1 Kerberos 707
23.2 X.509 713
23.3 Public-Key Infrastructure 716
23.4 Key Terms, Review Questions, and Problems 719
Chapter 24 Wireless Network Security 722
24.1 Wireless Security 723
24.2 Mobile Device Security 726
24.3 IEEE 802.11 Wireless LAN Overview 730
24.4 IEEE 802.11i Wireless LAN Security 736
24.5 Key Terms, Review Questions, and Problems 751
Appendix A Projects and Other Student Exercises for Teaching Computer Security 754
A.1 Hacking Project 754
A.2 Laboratory Exercises 755
A.3 Security Education (SEED) Projects 755
A.4 Research Projects 757
A.5 Programming Projects 758
A.6 Practical Security Assessments 758
A.7 Firewall Projects 758
A.8 Case Studies 759
A.9 Reading/Report Assignments 759
A.10 Writing Assignments 759
A.11 Webcasts for Teaching Computer Security 760
Acronyms 761
List of NIST and ISO Documents 762
References 764
ONLINE CHAPTERS AND APPENDICES
Chapter 25 Linux Security
Chapter 26 Windows and Windows Vista Security
Chapter 27 Trusted Computing and Multilevel Security
Appendix B Some Aspects of Number Theory
Appendix C Standards and Standard-Setting Organizations
Appendix D Random and Pseudorandom Number Generation
Appendix E Message Authentication Codes Based on Block Ciphers
Appendix F TCP/IP Protocol Architecture
Appendix G Radix-64 Conversion
Appendix H The Domain Name System
Appendix I The Base-Rate Fallacy
Appendix J SHA-3Appendix K Glossary
· · · · · · (
收起)