search for books and compare prices
Tables of Contents for Security Engineering
Chapter/Section Title
Page #
Page Count
Preface
xix
About the Author
xxii
Foreword
xxiii
Acknowledgments
xxv
Legal Notice
xxvii
Part One
1
134
What Is Security Engineering?
3
10
A Bank
4
1
An Air Force Base
5
1
A Hospital
6
1
The Home
7
1
Definitions
8
3
Summary
11
2
Protocols
13
22
Password Eavesdropping Risks
14
1
Who Goes There? Simple Authentication
15
7
Challenge and Response
17
2
The MIG-in-the-Middle Attack
19
1
Reflection Attacks
20
2
Manipulating the Message
22
1
Changing the Environment
23
1
Chosen Protocol Attacks
24
1
Managing Encryption Keys
25
3
Basic Key Management
25
1
The Needham-Schroeder Protocol
26
1
Kerberos
27
1
Getting Formal
28
4
A Typical Smartcard Banking Protocol
29
1
The BAN Logic
29
1
Verifying the Payment Protocol
30
1
Limitations of Formal Verification
31
1
Summary
32
3
Research Problems
32
1
Further Reading
33
2
Passwords
35
16
Basics
36
1
Applied Psychology Issues
36
5
Social Engineering
37
1
Difficulties with Reliable Password Entry
37
1
Difficulties with Remembering the Password
38
3
System Issues
41
4
Protecting Oneself or Others?
41
1
Intrusion Detection Issues
42
1
Can Users be Trained?
42
2
The Growing Famine for Security Data
44
1
Technical Protection of Passwords
45
4
Attacks on Password Entry
45
2
Attacks on Password Storage
47
1
Absolute Limits
48
1
Summary
49
2
Research Problems
50
1
Further Reading
50
1
Access Control
51
22
Introduction
51
2
Operating System Access Controls
53
9
Groups and Roles
54
1
Access Control Lists
55
1
Unix Operating System Security
55
2
Windows NT
57
1
Capabilities
58
1
Added Features in Windows 2000
59
1
Granularity
60
1
Sandboxing and Proof-Carrying Code
61
1
Object Request Brokers
61
1
Hardware Protection
62
3
Intel 80x86/Pentium Processors
63
1
ARM Processors
63
1
Security Processors
64
1
Other Processors
64
1
What Goes Wrong
65
5
Smashing the Stack
65
1
Other Technical Attacks
66
1
User Interface Failures
67
1
Why So Many Things Go Wrong
68
1
Remedies
69
1
Environmental Creep
69
1
Summary
70
3
Research Problems
71
1
Further Reading
71
2
Cryptography
73
42
Introduction
73
1
Historical Background
74
6
An Early Stream Cipher: The Vigenere
75
1
The One-Time Pad
76
1
An Early Block Cipher: Playfair
77
1
One-Way Functions
78
2
Asymmetric Primitives
80
1
The Random Oracle Model
80
9
Random Functions: Hash Functions
82
2
Random Generators: Stream Ciphers
84
1
Random Permutations: Block Ciphers
85
2
Public Key Encryption and Trapdoor One-Way Permutations
87
1
Digital Signatures
88
1
Symmetric Crypto Primitives
89
9
SP-Networks
89
4
The Advanced Encryption Standard (AES)
93
2
Feistel Ciphers
95
3
Modes of Operation
98
3
Electronic Code Book
98
1
Cipher Block Chaining
98
1
Output Feedback
99
1
Counter Encryption
100
1
Cipher Feedback
100
1
Message Authentication Code
100
1
Hash Functions
101
3
Extra Requirements on the Underlying Cipher
102
1
Common Hash Functions and Applications
103
1
Asymmetric Crypto Primitives
104
8
Cryptography Based on Factoring
105
1
Cryptography Based on Discrete Logarithms
106
4
Special-Purpose Primitives
110
1
Certification
110
2
The Strength of Asymmetric Cryptographic Primitives
112
1
Summary
112
3
Research Problems
113
1
Further Reading
113
2
Distributed Systems
115
20
Concurrency
115
5
Using Old Data versus Paying to Propagate State
116
1
Locking to Prevent Inconsistent Updates
117
1
Order of Updates
117
1
Deadlock
118
1
Non-convergent State
118
1
Secure Time
119
1
Fault Tolerance and Failure Recovery
120
4
Failure Models
120
2
What Is Resilience For?
122
1
At What Level is the Redundancy?
123
1
Service Denial Attacks
124
1
Naming
124
8
The Distributed Systems View of Naming
125
2
What Else Goes Wrong
127
4
Types of Name
131
1
Summary
132
3
Research Problems
133
1
Further Reading
133
2
Part Two
135
318
Multilevel Security
137
24
Introduction
137
1
What is a Security Policy Model?
138
1
The Bell-LaPadula Security Policy Model
139
7
Classifications and Clearances
140
2
Information Flow Control
142
1
Standard Criticisms of Bell-Lapadula
143
1
Alternative Formulations
143
2
The Biba Model
145
1
Examples of Multilevel Secure Systems
146
5
SCOMP
146
1
Blacker
147
1
MLS Unix, CMWs, and Trusted Windowing
147
1
The NRL Pump
148
1
Logistics Systems
149
1
Purple Penelope
149
1
Future MLS Systems
150
1
What Goes Wrong
151
6
Composability
151
1
The Cascade Problem
152
1
Covert Channels
153
1
The Threat from Viruses
154
1
Polyinstantiation
154
1
Other Practical Problems
155
2
Broader Implications of MLS
157
2
Summary
159
2
Research Problems
159
1
Further Reading
160
1
Multilateral Security
161
24
Introduction
161
1
Compartmentation, the Chinese Wall, and the BMA Model
162
10
Compartmentation and the Lattice Model
162
3
The Chinese Wall
165
1
The BMA Model
166
5
Comparative Analysis
171
1
Inference Control
172
9
Basic Problems of Inference Control in Medicine
172
1
Other Applications of Inference Control
173
1
The Theory of Inference Control
174
5
Limitations of Generic Approaches
179
1
The Value of Imperfect Protection
180
1
The Residual Problem
181
2
Summary
183
2
Research Problems
183
1
Further Reading
184
1
Banking and Bookkeeping
185
22
Introduction
185
2
The Origins of Bookkeeping
186
1
Double-entry Bookkeeping
187
1
How Bank Computer Systems Work
187
7
The Clark-Wilson Security Policy Model
188
1
Separation of Duties
189
2
What Goes Wrong
191
3
Wholesale Payment Systems
194
3
SWIFT
194
2
What Goes Wrong
196
1
Automatic Teller Machines
197
7
ATM Basics
198
2
What Goes Wrong
200
3
Practical Implications
203
1
Summary
204
3
Research Problems
205
1
Further Reading
205
2
Monitoring Systems
207
24
Introduction
207
1
Alarms
208
9
Threat Model
208
2
How Not to Protect a Painting
210
1
Sensor Defeats
211
1
Feature Interactions
212
1
Attacks on Communications
213
3
Lessons Learned
216
1
Prepayment Meters
217
5
Utility Metering
218
1
How the System Works
219
1
What Goes Wrong
220
2
Taximeters, Tachographs, and Truck Speed Limiters
222
7
What Goes Wrong
224
1
Countermeasures
225
4
Summary
229
2
Research Problems
229
1
Further Reading
230
1
Nuclear Command and Control
231
12
Introduction
231
1
The Kennedy Memorandum
232
1
Unconditionally Secure Authentication Codes
233
1
Shared Control Schemes
234
2
Tamper Resistance and PALs
236
1
Treaty Verification
237
1
What Goes Wrong
238
2
Secrecy or Openess?
240
1
Summary
240
3
Research Problem
241
1
Further Reading
241
2
Security Printing and Seals
243
18
Introduction
243
1
History
244
1
Security Printing
245
6
Threat Model
245
1
Security Printing Techniques
246
5
Packaging and Seals
251
1
Substrate Properties
251
1
The Problems of Glue
252
1
Systemic Vulnerabilities
252
5
Peculiarities of the Threat Model
253
1
Staff Diligence
254
1
The Effect of Random Failure
255
1
Materials Control
255
1
Not Protecting the Right Things
256
1
The Cost and Nature of Inspection
256
1
Evaluation Methodology
257
1
Summary
258
3
Research Problems
259
1
Further Reading
259
2
Biometrics
261
16
Introduction
261
1
Handwritten Signatures
262
2
Face Recognition
264
1
Fingerprints
265
5
Iris Codes
270
1
Voice Recognition
271
1
Other Systems
272
1
What Goes Wrong
273
2
Summary
275
2
Research Problems
276
1
Further Reading
276
1
Physical Tamper Resistance
277
28
Introduction
277
1
History
278
1
High-End Physically Secure Processors
279
5
Evaluation
284
1
Medium-Security Processors
285
3
The iButton
285
1
The Dallas 5002
286
1
The Capstone/Clipper Chip
287
1
Smartcards and Microcontrollers
288
10
Architecture
289
1
Security Evolution
290
6
The State of the Art
296
2
What Goes Wrong
298
4
Protecting the Wrong Things: Architectural Errors
298
1
Protecting the Wrong Things: Security-by-Obscurity and Evaluation Errors
299
1
Protecting Things Wrongly: Protocol Failure
299
2
Function Creep
301
1
What Should Be Protected?
302
1
Summary
303
2
Research Problems
304
1
Further Reading
304
1
Emission Security
305
16
Introduction
305
1
History
306
1
Technical Surveillance and Countermeasures
307
3
Passive Attacks
310
5
Leakage through Power and Signal Cables
310
3
Leakage through RF Signals
313
2
Active Attacks
315
3
Tempest Viruses
315
1
Nonstop
316
1
Glitching
317
1
Differential Fault Analysis
317
1
Combination Attacks
317
1
Commercial Exploitation
318
1
Defenses
318
1
How Serious Are Emsec Attacks?
318
2
Governments
319
1
Businesses
319
1
Summary
320
1
Research Problems
320
1
Further Reading
320
1
Electronic and Information Warefare
321
24
Introduction
321
1
Basics
322
1
Communications Systems
323
9
Signals Intelligence Techniques
324
2
Attacks on Communications
326
1
Protection Techniques
327
4
Interaction Between Civil and Military Uses
331
1
Surveillance and Target Acquisition
332
5
Types of Radar
333
1
Jamming Techniques
333
2
Advanced Readars and Countermeasures
335
1
Other Sensors and Multisensor Issues
336
1
IFF Systems
337
1
Directed Energy Weapons
338
1
Information Warefare
339
5
Definitions
340
1
Doctrine
341
1
Potentially Useful Lessons from Electronic Warfare
342
1
Differences Between E-War and I-War
343
1
Summary
344
1
Research Problems
344
1
Further Reading
344
1
Telecom System Security
345
22
Introduction
345
1
Phone Phreaking
345
7
Attacks on Metering
346
2
Attacks on Signalling
348
1
Attacks on Switching and Configuration
348
2
Insecure End Systems
350
1
Feature Interaction
351
1
Mobile Phones
352
11
Mobile Phone Cloning
352
1
GSM System Architecture
353
1
Communications Security Mechanisms
354
4
The Next Generation: 3gpp
358
4
GSM Security: A Success or Failure?
362
1
Corporate Fraud
363
2
Summary
365
2
Research Problems
365
1
Further Reading
366
1
Network Attack and Defense
367
24
Introduction
367
3
The Most Common Attacks
367
2
Skill Issues: Script Kiddies and Packaged Defense
369
1
Vulnerabilities in Network Protocols
370
4
Attacks on Local Networks
370
1
Attacks Using Internet Protocols and Mechanisms
371
3
Defense Against Network Attack
374
5
Configuration Management
374
1
Firewalls
375
1
Strengths and Limitations of Firewalls
376
2
Encryption
378
1
Trojans, Viruses, and Worms
379
5
Early History of Malicious Code
379
1
The Internet Worm
380
1
How Viruses and Worms Work
381
1
The Arms Race
382
1
Recent History
382
1
Antivirus Measures
383
1
Intrusion Detection
384
4
Types of Intrusion Detection
385
1
General Limitations of Intrusion Detection
385
2
Specific Problems Detecting Network Attacks
387
1
Summary
388
3
Research Problems
389
1
Further Reading
390
1
Protecting E-Commerce Systems
391
22
Introduction
391
1
A Telegraphic History of E-Commerce
392
1
An Introduction to Credit Cards
393
3
Fraud
394
1
Forgery
394
1
Automatic Fraud Detection
395
1
Economics
396
1
Online Credit Card Fraud: The Hype and the Reality
396
2
Cryptographic Protection Mechanisms
398
7
SSL
398
2
SET
400
1
PKI
401
2
EDI and Business-to-Business Systems
403
2
E-Purses and Micropayments
405
1
Network Economics
405
3
Competitive Applications and Corporate Warfare
408
1
What Else Goes Wrong
409
1
What Can a Merchant Do?
410
1
Summary
411
2
Research Problems
411
1
Further Reading
411
2
Copyright and Privacy Protection
413
40
Introduction
413
2
Copyright
415
17
Software
415
5
Books
420
1
Audio
421
2
Video and Pay-TV
423
7
DVD
430
2
Information Hiding
432
7
The DVD Marking Concept
433
1
General Information-Hiding Techniques
434
2
Attacks on Copyright-Marking Schemes
436
3
Applications of Copyright-Marking Schemes
439
1
Privacy Mechanisms
439
11
Content Hiding: PGP
440
2
Content Deniability---Steganography
442
1
Association Hiding---Remailers and the Dining Cryptographers
442
3
Association Deniability---Digital Cash
445
1
Other Applications and Issues
446
4
Summary
450
3
Research Problems
451
1
Further Reading
451
2
Part Three
453
92
E-Policy
455
34
Introduction
455
1
Cryptography Policy
456
16
The History of Police Wiretapping
457
2
The History of Traffic Analysis
459
2
Communications Intelligence on Foreign Targets
461
3
The History of Crypto Policy
464
4
Discussion
468
4
Copyright
472
3
DMCA
473
1
The Forthcoming European Directive and UCITA
474
1
Data Protection
475
5
European Data Protection: History
476
1
Differences between Europe and the United States
477
1
Current Trends
478
2
Evidential Issues
480
4
Admissibility of Evidence
480
1
Reliability of Evidence
480
1
Electronic Signatures
481
2
Burden of Proof
483
1
Other Public Sector Issues
484
2
Service Delivery
484
1
Social Exclusion and Discrimination
485
1
Revenue Protection
486
1
Elections
486
1
Summary
486
3
Research Problems
487
1
Further Reading
487
2
Management Issues
489
28
Introduction
489
1
Managing a Security Project
490
6
A Tale of Three Supermarkets
490
1
Balancing Risk and Reward
491
1
Organizational Issues
492
4
Methodology
496
7
Top-Down Design
497
1
Iterative Design
498
1
Lessons from Safety-Critical Systems
499
4
Security Requirements Engineering
503
8
Managing Requirements Evolution
504
4
Managing Project Requirements
508
2
Parallelizing the Process
510
1
Risk Management
511
1
Economic Issues
512
2
Summary
514
3
Research Problems
514
1
Further Reading
515
2
System Evaluation and Assurance
517
24
Introduction
517
1
Assurance
518
8
Perverse Economic Incentives
518
1
Project Assurance
519
2
Process Assurance
521
2
Assurance Growth
523
2
Evolution and Security Assurance
525
1
Evalution
526
8
Evaluations by the Relying Party
527
2
The Common Criteria
529
3
What Goes Wrong
532
2
Ways Forward
534
4
Semi-Open Design
535
1
Open Source
536
1
Penetrate-and-Patch, CERTs, and bugtraq
537
1
Education
538
1
Summary
538
3
Research Problems
539
1
Further Reading
539
2
Conclusions
541
4
Bibliography
545
50
Index
595