Preface
This comprehensive handbook serves as a professional reference to provide today’s most complete and concise view of computer security and privacy available in one volume. It offers in-depth coverage of computer security theory, technology, and practice as they relate to established technologies as well as recent advancements. It explores practical solutions to a wide range of security issues. Individual chapters are authored by leading experts in the field and address the immediate and long-term challenges in the authors’ respective areas of expertise.
The primary audience for this handbook consists of researchers and practitioners in industry and academia as well as security technologists and engineers working with or interested in computer security. This comprehensive reference will also be of value to students in upper-division undergraduate and graduate-level courses in computer security.
Organization of this Book
The book is organized into eight parts composed of 43 contributed chapters by leading experts in their fields, as well as 10 appendices, including an extensive glossary of computer security terms and acronyms.
Part 1: Overview of System and Network Security: A Comprehensive Introduction
Part 1 discusses how to build a secure organization; generating cryptography; how to prevent system intrusions; UNIX and Linux security; Internet and intranet security; LAN security; wireless network security; cellular network security, and RFID security. For instance:
Chapter 1, “Building a Secure Organization,” sets the stage for the rest of the book by presenting insight into where to start building a secure organization.
Chapter 2, “A Cryptography Primer,” provides an overview of cryptography. It shows how communications may be encrypted and transmitted.
Chapter 3, “Preventing System Intrusions,” discusses how to prevent system intrusions and where an unauthorized penetration of a computer in your enterprise or an address in your assigned domain can occur.
Chapter 4, “Guarding Against Network Intrusions,” shows how to guard against network intrusions by understanding the variety of attacks, from exploits to malware and social engineering.
Chapter 5, “UNIX and Linux Security,” discusses how to scan for vulnerabilities; reduce denial-of-service (DoS) attacks; deploy firewalls to control network traffic; and build network firewalls.
Chapter 6, “Eliminating the Security Weakness of Linux and UNIX Operating Systems,” presents an introduction to securing UNIX in general and Linux in particular, providing some historical context and describing some fundamental aspects of the secure operating system architecture.
Chapter 7, “Internet Security,” shows you how cryptography can be used to address some of the security issues besetting communications protocols.
Chapter 8, “The Botnet Problem,” describes the botnet threat and the countermeasures available to network security professionals.
Chapter 9, “Intranet Security,” covers internal security strategies and tactics; external security strategies and tactics; network access security; and Kerberos.
Chapter 10, “Local Area Network Security,” discusses network design and security deployment as well as ongoing management and auditing.
Chapter 11, “Wireless Network Security,” presents an overview of wireless network security technology; how to design wireless network security and plan for wireless network security; how to install, deploy, and maintain wireless network security; information warfare countermeasures: the wireless network security solution; and wireless network security solutions and future directions.
Chapter 12, “Cellular Network Security,” addresses the security of the cellular network; educates readers on the current state of security of the network and its vulnerabilities; outlines the cellular network specific attack taxonomy, also called three-dimensional attack taxonomy; discusses the vulnerability assessment tools for cellular networks; and provides insights into why the network is so vulnerable and why securing it can prevent communication outages during emergencies.
Chapter 13, “RFID Security,” describes the RFID tags and RFID reader and back-end database in detail.
Part 2: Managing Information Security
Part 2 discusses how to protect mission-critical systems; deploy security management systems, IT security, ID management, intrusion detection and prevention systems, computer forensics, network forensics, firewalls, and penetration testing; and conduct vulnerability assessments. For instance:
Chapter 14, “Information Security Essentials for IT Managers: Protecting Mission-Critical Systems,” discusses how security goes beyond technical controls and encompasses people, technology, policy, and operations in a way that few other business objectives do.
Chapter 15, “Security Management Systems,” examines documentation requirements and maintaining an effective security system as well as conducting assessments.
Chapter 16, “Information Technology Security Management,” discusses the processes that are supported with enabling organizational structure and technology to protect an organization’s information technology operations and IT assets against internal and external threats, intentional or otherwise.
Chapter 17, “Identity Management,” presents the evolution of identity management requirements. It also surveys how the most advanced identity management technologies fulfill present-day requirements. It discusses how mobility can be achieved in the field of identity management in an ambient intelligent/ubiquitous computing world.
Chapter 18, “Intrusion Prevention and Detection Systems,” discusses the nature of computer system intrusions, the people who commit these attacks, and the various technologies that can be utilized to detect and prevent them.
Chapter 19, “Computer Forensics,” is intended to provide an in-depth familiarization with computer forensics as a career, a job, and a science. It will help you avoid mistakes and find your way through the many aspects of this diverse and rewarding field.
Chapter 20, “Network Forensics,” helps you determine the path from a victimized network or system through any intermediate systems and communication pathways, back to the point of attack origination or the person who should be held accountable.
Chapter 21, “Firewalls,” provides an overview of firewalls: policies, designs, features, and configurations. Of course, technology is always changing, and network firewalls are no exception. However, the intent of this chapter is to describe aspects of network firewalls that tend to endure over time.
Chapter 22, “Penetration Testing,” describes how testing differs from an actual “hacker attack” as well as some of the ways penetration tests are conducted, how they’re controlled, and what organizations might look for when choosing a company to conduct a penetration test for them.
Chapter 23, “What Is Vulnerability Assessment?” covers the fundamentals: defining vulnerability, exploit, threat, and risk; analyzing vulnerabilities and exploits; and configuring scanners. It also shows you how to generate reports, assess risks in a changing environment, and manage vulnerabilities.
Part 3: Encryption Technology
Part 3 discusses how to implement data encryption, satellite encryption, public key infrastructure, and instant-messaging security. For instance:
Chapter 24, “Data Encryption,” is about the role played by cryptographic technology in data security.
Chapter 25, “Satellite Encryption,” proposes a method that enhances and complements satellite encryption’s role in securing the information society. It also covers satellite encryption policy instruments; implementing satellite encryption; misuse of satellite encryption technology; and results and future directions.
Chapter 26, “Public Key Infrastructure,” explains the cryptographic background that forms the foundation of PKI systems; the mechanics of the X.509 PKI system (as elaborated by the Internet Engineering Task Force); the practical issues surrounding the implementation of PKI systems; a number of alternative PKI standards; and alternative cryptographic strategies for solving the problem of secure public key distribution.
Chapter 27, “Instant-Messaging Security,” helps you develop an IM security plan, keep it current, and make sure it makes a difference.
Part 4: Privacy and Access Management
Part 4 discusses Internet privacy, personal privacy policies, virtual private networks, identity theft, and VoIP security. For instance:
Chapter 28, “Net Privacy,” addresses the privacy issues in the digital society from various points of view, investigating the different aspects related to the notion of privacy and the debate that the intricate essence of privacy has stimulated; the most common privacy threats and the possible economic aspects that may influence the way privacy is (and especially is not currently) managed in most firms; the efforts in the computer science community to face privacy threats, especially in the context of mobile and database systems; and the network-based technologies available to date to provide anonymity when communicating over a private network.
Chapter 29, “Personal Privacy Policies,” begins with the derivation of policy content based on privacy legislation, followed by a description of how a personal privacy policy may be constructed semiautomatically. It then shows how to additionally specify policies so that negative unexpected outcomes can be avoided. Finally, it describes the author’s Privacy Management Model, which explains how to use personal privacy policies to protect privacy, including what is meant by a “match” of consumer and service provider policies and how nonmatches can be resolved through negotiation.
Chapter 30, “Virtual Private Networks,” covers VPN scenarios, VPN comparisons, and information assurance requirements. It also covers building VPN tunnels; applying cryptographic protection; implementing IP security; and deploying virtual private networks.
Chapter 31, “Identity Theft,” describes the importance of understanding the human factor of ID theft security and details the findings from a study on deceit.
Chapter 32, “VoIP Security,” deals with the attacks targeted toward a specific host and issues related to social engineering.
Part 5: Storage Security
Part 5 covers storage area network (SAN) security and risk management. For instance:
Chapter 33, “SAN Security,” describes the following components: protection rings; security and protection; restricting access to storage; access control lists (ACLs) and policies; port blocks and port prohibits; and zoning and isolating resources.
Chapter 34, “Storage Area Networking Security Devices,” covers all the issues and security concerns related to SAN security.
Chapter 35, “Risk Management,” discusses physical security threats, environmental threats, and incident response.
Part 6: Physical Security
Part 6 discusses physical security essentials, biometrics, homeland security, and information warfare. For instance:
Chapter 36, “Physical Security Essentials,” is concerned with physical security and some overlapping areas of premises security. It also looks at physical security threats and then considers physical security prevention measures.
Chapter 37, “Biometrics,” discusses the different types of biometrics technology and verification systems and how the following work: biometrics eye analysis technology; biometrics facial recognition technology; facial thermal imaging; biometrics finger-scanning analysis technology; biometrics geometry analysis technology; biometrics verification technology; and privacy-enhanced, biometrics-based verification/authentication as well as biometrics solutions and future directions.
Chapter 38, “Homeland Security,” describes some principle provisions of U.S. homeland security-related laws and Presidential directives. It gives the organizational changes that were initiated to support homeland security in the United States. The chapter highlights the 9/11 Commission that Congress charted to provide a full account of the circumstances surrounding the 2001 terrorist attacks and to develop recommendations for corrective measures that could be taken to prevent future acts of terrorism. It also details the Intelligence Reform and Terrorism Prevention Act of 2004 and the Implementation of the 9/11 Commission Recommendations Act of 2007.
Chapter 39, “Information Warfare,” defines information warfare (IW) and discusses its most common tactics, weapons, and tools as well as comparing IW terrorism with conventional warfare and addressing the issues of liability and the available legal remedies under international law.
Part 7: Advanced Security
Part 7 discusses security through diversity, online reputation, content filtering, and data loss protection. For instance:
Chapter 40, “Security Through Diversity,” covers some of the industry trends in adopting diversity in hardware, software, and application deployments. This chapter also covers the risks of uniformity, conformity, and the ubiquitous impact of adopting standard organizational principals without the consideration of security.
Chapter 41, “Reputation Management,” discusses the general understanding of the human notion of reputation. It explains how this concept of reputation fits into computer security. The chapter presents the state of the art of attack-resistant reputation computation. It also gives an overview of the current market of online reputation services. The chapter concludes by underlining the need to standardize online reputation for increased adoption and robustness.
Chapter 42, “Content Filtering,” examines the many benefits and justifications of Web-based content filtering such as legal liability risk reduction, productivity gains, and bandwidth usage. It also explores the downside and unintended consequences and risks that improperly deployed or misconfigured systems create. The chapter also looks into methods to subvert and bypass these systems and the reasons behind them.
Chapter 43, “Data Loss Protection,” introduces the reader to a baseline understanding of how to investigate and evaluate DLP applications in the market today.
John R. Vacca
Editor-in-Chief