Hilfe Warenkorb Konto Anmelden
 
 
   Schnellsuche   
     zur Expertensuche                      
Handbook of Information and Communication Security
  Großes Bild
 
Handbook of Information and Communication Security
von: Peter Stavroulakis, Mark Stamp
Springer-Verlag, 2010
ISBN: 9783642041174
863 Seiten, Download: 20420 KB
 
Format:  PDF
geeignet für: Apple iPad, Android Tablet PC's Online-Lesen PC, MAC, Laptop

Typ: B (paralleler Zugriff)

 

 
eBook anfordern
Inhaltsverzeichnis

  Part A Fundamentals and Cryptography 17  
     1 A Framework for System Security 18  
        1.1 Introduction 18  
        1.2 Applications 28  
        1.3 Dynamic, Collaborative, and Future Secure Systems 33  
        References 34  
        The Author 35  
     2 Public-Key Cryptography 36  
        2.1 Overview 36  
        2.2 Public-Key Encryption: Definitions 38  
        2.3 Hybrid Encryption 41  
        2.4 Examples of Public-Key Encryption Schemes 42  
        2.5 Digital Signature Schemes: Definitions 45  
        2.6 The Hash-and-Sign Paradigm 46  
        2.7 RSA-Based Signature Schemes 47  
        2.8 References and Further Reading 48  
        References 48  
        The Author 49  
     3 Elliptic Curve Cryptography 50  
        3.1 Motivation 50  
        3.2 Definitions 51  
        3.3 Implementation Issues 54  
        3.4 ECC Protocols 56  
        3.5 Pairing-Based Cryptography 59  
        3.6 Properties of Pairings 61  
        3.7 Implementations of Pairings 63  
        3.8 Pairing-Friendly Curves 69  
        3.9 Further Reading 70  
        References 70  
        The Author 72  
     4 Cryptographic Hash Functions 73  
        4.1 Notation and Definitions 74  
        4.2 Iterated Hash Functions 75  
        4.3 Compression Functions of Hash Functions 76  
        4.4 Attacks on Hash Functions 78  
        4.5 Other Hash Function Modes 80  
        4.6 Indifferentiability Analysis of Hash Functions 82  
        4.7 Applications 83  
        4.8 Message Authentication Codes 84  
        4.9 SHA-3 Hash Function Competition 87  
        References 87  
        The Authors 93  
     5 Block Cipher Cryptanalysis 94  
        5.1 Breaking Ciphers 94  
        5.2 Differential Cryptanalysis 98  
        5.3 Conclusions and Further Reading 101  
        References 102  
        The Author 102  
     6 Chaos-Based Information Security 103  
        6.1 Chaos Versus Cryptography 104  
        6.2 Paradigms to Design Chaos-Based Cryptosystems 105  
        6.3 Analog Chaos-Based Cryptosystems 106  
        6.4 Digital Chaos-Based Cryptosystems 109  
        6.5 Introduction to Chaos Theory 112  
        6.6 Chaos-Based Stream Ciphers 115  
        6.7 Chaos-Based Block Ciphers 125  
        6.8 Conclusions and Further Reading 135  
        References 136  
        The Authors 140  
     7 Bio-Cryptography 141  
        7.1 Cryptography 141  
        7.2 Overview of Biometrics 150  
        7.3 Bio-Cryptography 157  
        7.4 Conclusions 166  
        References 167  
        The Authors 169  
     8 Quantum Cryptography 170  
        8.1 Introduction 170  
        8.2 Development of QKD 171  
        8.3 Limitations for QKD 175  
        8.4 QKD-Network Concepts 176  
        8.5 Application of QKD 179  
        8.6 Towards `Quantum-Standards' 181  
        8.7 Aspects for Commercial Application 182  
        8.8 Next Steps for Practical Application 184  
        References 185  
        The Author 185  
  Part B Intrusion Detection and Access Control 186  
     9 Intrusion Detection and Prevention Systems 187  
        9.1 Fundamental Concepts 187  
        9.2 Types of IDPS Technologies 192  
        9.3 Using and Integrating Multiple IDPS Technologies 200  
        References 201  
        The Authors 202  
     10 Intrusion Detection Systems 203  
        10.1 Intrusion Detection Implementation Approaches 203  
        10.2 Intrusion Detection System Testing 206  
        10.3 Intrusion Detection System Evaluation 211  
        10.4 Summary 213  
        References 214  
        The Authors 215  
     11 Intranet Security via Firewalls 216  
        11.1 Policy Conflicts 216  
        11.2 Challenges of Firewall Provisioning 218  
        11.3 Background: Policy Conflict Detection 219  
        11.4 Firewall Levels 222  
        11.5 Firewall Dependence 222  
        11.6 A New Architecture for Conflict-Free Provisioning 222  
        11.7 Message Flow of the System 225  
        11.8 Conclusion 226  
        References 227  
        The Authors 227  
     12 Distributed Port Scan Detection 229  
        12.1 Overview 229  
        12.2 Background 230  
        12.3 Motivation 231  
        12.4 Approach 233  
        12.5 Results 238  
        12.6 Conclusion 239  
        References 241  
        The Authors 242  
     13 Host-Based Anomaly Intrusion Detection 243  
        13.1 Background Material 244  
        13.2 Intrusion Detection System 247  
        13.3 Related Work on HMM-Based Anomaly Intrusion Detection 253  
        13.4 Emerging HIDS Architectures 258  
        13.5 Conclusions 262  
        References 262  
        The Author 263  
     14 Security in Relational Databases 264  
        14.1 Relational Database Basics 265  
        14.2 Classical Database Security 267  
        14.3 Modern Database Security 270  
        14.4 Database Auditing Practices 276  
        14.5 Future Directions in Database Security 277  
        14.6 Conclusion 277  
        References 278  
        The Author 279  
     15 Anti-bot Strategies Based on Human Interactive Proofs 280  
        15.1 Automated Tools 280  
        15.2 Human Interactive Proof 282  
        15.3 Text-Based HIPs 283  
        15.4 Audio-Based HIPs 285  
        15.5 Image-Based HIPs 286  
        15.6 Usability and Accessibility 295  
        15.7 Conclusion 296  
        References 296  
        The Authors 298  
     16 Access and Usage Control in Grid Systems 299  
        16.1 Background to the Grid 299  
        16.2 Standard Globus Security Support 300  
        16.3 Access Control for the Grid 301  
        16.4 Usage Control Model 306  
        16.5 Sandhu's Approach for Collaborative Computing Systems 308  
        16.6 GridTrust Approach for Computational Services 309  
        16.7 Conclusion 311  
        References 312  
        The Authors 313  
     17 ECG-Based Authentication 315  
        17.1 Background of ECG 316  
        17.2 What Can ECG Based Biometrics Be Used for? 319  
        17.3 Classification of ECG Based Biometric Techniques 319  
        17.4 Comparison of Existing ECG Based Biometric Systems 322  
        17.5 Implementation of an ECG Biometric 324  
        17.6 Open Issues of ECG Based Biometrics Applications 329  
        17.7 Security Issues for ECG Based Biometric 333  
        17.8 Conclusions 334  
        References 335  
        The Authors 336  
  Part C Networking 338  
     18 Peer-to-Peer Botnets 339  
        18.1 Introduction 339  
        18.2 Background on P2P Networks 340  
        18.3 P2P Botnet Construction 342  
        18.4 P2P Botnet C&C Mechanisms 343  
        18.5 Measuring P2P Botnets 346  
        18.6 Countermeasures 348  
        18.7 Related Work 351  
        18.8 Conclusion 352  
        References 352  
        The Authors 354  
     19 Security of Service Networks 355  
        19.1 An Infrastructure for the Service Oriented Enterprise 356  
        19.2 Secure Messaging and Application Gateways 358  
        19.3 Federated Identity Management Capability 362  
        19.4 Service-level Access Management Capability 365  
        19.5 Governance Framework 368  
        19.6 Bringing It All Together 371  
        19.7 Securing Business Operations in an SOA: Collaborative Engineering Example 376  
        19.8 Conclusion 382  
        References 384  
        The Authors 385  
     20 Network Traffic Analysis and SCADA Security 387  
        20.1 Fundamentals of Network Traffic Monitoring and Analysis 388  
        20.2 Methods for Collecting Traffic Measurements 390  
        20.3 Analyzing Traffic Mixtures 394  
        20.4 Case Study: AutoFocus 399  
        20.5 How Can We Apply Network Traffic Monitoring Techniques for SCADA System Security? 403  
        20.6 Conclusion 405  
        References 406  
        The Authors 408  
     21 Mobile Ad Hoc Network Routing 410  
        21.1 Chapter Overview 410  
        21.2 One-Layer Reputation Systems for MANET Routing 411  
        21.3 Two-Layer Reputation Systems (with Trust) 415  
        21.4 Limitations of Reputation Systems in MANETs 420  
        21.5 Conclusion and Future Directions 422  
        References 422  
        The Authors 423  
     22 Security for Ad Hoc Networks 424  
        22.1 Security Issues in Ad Hoc Networks 424  
        22.2 Security Challenges in the Operational Layers of Ad Hoc Networks 427  
        22.3 Description of the Advanced Security Approach 428  
        22.4 Authentication: How to in an Advanced Security Approach 430  
        22.5 Experimental Results 431  
        22.6 Concluding Remarks 433  
        References 434  
        The Authors 435  
     23 Phishing Attacks and Countermeasures 436  
        23.1 Phishing Attacks: A Looming Problem 436  
        23.2 The Phishing Ecosystem 438  
        23.3 Phishing Techniques 442  
        23.4 Countermeasures 445  
        23.5 Summary and Conclusions 450  
        References 450  
        The Author 451  
  Part D Optical Networking 452  
     24 Chaos-Based Secure Optical Communications Using Semiconductor Lasers 453  
        24.1 Basic Concepts in Chaos-Based Secure Communications 454  
        24.2 Chaotic Laser Systems 456  
        24.3 Optical Secure Communications Using Chaotic Lasers Diodes 462  
        24.4 Advantages and Disadvantages of the Different Laser-Diode-Based Cryptosystems 468  
        24.5 Perspectives in Optical Chaotic Communications 476  
        References 477  
        The Author 480  
     25 Chaos Applications in Optical Communications 481  
        25.1 Securing Communications by Cryptography 482  
        25.2 Security in Optical Communications 483  
        25.3 Optical Chaos Generation 487  
        25.4 Synchronization of Optical Chaos Generators 493  
        25.5 Communication Systems Using Optical Chaos Generators 499  
        25.6 Transmission Systems Using Chaos Generators 501  
        25.7 Conclusions 509  
        References 509  
        The Authors 512  
  Part E Wireless Networking 513  
     26 Security in Wireless Sensor Networks 514  
        26.1 Wireless Sensor Networks 515  
        26.2 Security in WSNs 516  
        26.3 Applications of WSNs 516  
        26.4 Communication Architecture of WSNs 519  
        26.5 Protocol Stack 520  
        26.6 Challenges in WSNs 521  
        26.7 Security Challenges in WSNs 523  
        26.8 Attacks on WSNs 528  
        26.9 Security in Mobile Sensor Networks 534  
        26.10 Key Management in WSNs 534  
        26.11 Key Management for Mobile Sensor Networks 545  
        26.12 Conclusion 546  
        References 546  
        The Authors 552  
     27 Secure Routing in Wireless Sensor Networks 554  
        27.1 WSN Model 555  
        27.2 Advantages of WSNs 555  
        27.3 WSN Constraints 556  
        27.4 Adversarial Model 556  
        27.5 Security Goals in WSNs 557  
        27.6 Routing Security Challenges in WSNs 560  
        27.7 Nonsecure Routing Protocols 560  
        27.8 Secure Routing Protocols in WSNs 564  
        27.9 Conclusion 574  
        References 574  
        The Authors 578  
     28 Security via Surveillance and Monitoring 580  
        28.1 Motivation 580  
        28.2 Duty-Cycling that Maintains Monitoring Coverage 582  
        28.3 Task-Specific Design: Network Self-Monitoring 587  
        28.4 Conclusion 601  
        References 601  
        The Author 603  
     29 Security and Quality of Service in Wireless Networks 604  
        29.1 Security in Wireless Networks 605  
        29.2 Security over Wireless Communications and the Wireless Channel 610  
        29.3 Interoperability Scenarios 617  
        29.4 Conclusions 628  
        References 628  
        The Authors 630  
  Part F Software 632  
     30 Low-Level Software Security by Example 633  
        30.1 Background 633  
        30.2 A Selection of Low-Level Attacks on C Software 635  
        30.3 Defenses that Preserve High-Level Language Properties 645  
        30.4 Summary and Discussion 655  
        References 656  
        The Authors 658  
     31 Software Reverse Engineering 659  
        31.1 Why Learn About Software Reverse Engineering? 660  
        31.2 Reverse Engineering in Software Development 660  
        31.3 Reverse Engineering in Software Security 662  
        31.4 Reversing and Patching Wintel Machine Code 663  
        31.5 Reversing and Patching Java Bytecode 668  
        31.6 Basic Antireversing Techniques 673  
        31.7 Applying Antireversing Techniques to Wintel Machine Code 674  
        31.8 Applying Antireversing Techniques to Java Bytecode 686  
        31.9 Conclusion 694  
        References 694  
        The Authors 696  
     32 Trusted Computing 697  
        32.1 Trust and Trusted Computer Systems 697  
        32.2 The TCG Trusted Platform Architecture 700  
        32.3 The Trusted Platform Module 703  
        32.4 Overview of the TCG Trusted Infrastructure Architecture 714  
        32.5 Conclusions 715  
        References 715  
        The Authors 717  
     33 Security via Trusted Communications 718  
        33.1 Definitions and Literature Background 719  
        33.2 Autonomic Trust Management Based on Trusted Computing Platform 726  
        33.3 Autonomic Trust Management Based on an Adaptive Trust Control Model 732  
        33.4 A Comprehensive Solution for Autonomic Trust Management 737  
        33.5 Further Discussion 742  
        33.6 Conclusions 742  
        References 743  
        The Author 745  
     34 Viruses and Malware 746  
        34.1 Computer Infections or Malware 747  
        34.2 Antiviral Defense: Fighting Against Viruses 759  
        34.3 Conclusion 767  
        References 767  
        The Author 768  
     35 Designing a Secure Programming Language 769  
        35.1 Code Injection 769  
        35.2 Buffer Overflow Attacks 773  
        35.3 Client-Side Programming: Playing in the Sandbox 775  
        35.4 Metaobject Protocols and Aspect-Oriented Programming 778  
        35.5 Conclusion 781  
        References 781  
        The Author 783  
  Part G Forensics and Legal Issues 784  
     36 Fundamentals of Digital Forensic Evidence 785  
        36.1 Introduction and Overview 786  
        36.2 Identification 787  
        36.3 Collection 788  
        36.4 Transportation 788  
        36.5 Storage 789  
        36.6 Analysis, Interpretation, and Attribution 789  
        36.7 Reconstruction 790  
        36.8 Presentation 791  
        36.9 Destruction 791  
        36.10 Make or Miss Faults 795  
        36.11 Accidental or Intentional Faults 795  
        36.12 False Positives and Negatives 796  
        36.13 Pre-Legal Records Retention and Disposition 796  
        36.14 First Filing 798  
        36.15 Notice 798  
        36.16 Preservation Orders 798  
        36.17 Disclosures and Productions 798  
        36.18 Depositions 799  
        36.19 Motions, Sanctions, and Admissibility 800  
        36.20 Pre-Trial 800  
        36.21 Testimony 801  
        36.22 Case Closed 801  
        36.23 Duties 802  
        36.24 Honesty, Integrity, and Due Care 802  
        36.25 Competence 802  
        36.26 Retention and Disposition 803  
        36.27 Other Resources 803  
        References 803  
        The Author 804  
     37 Multimedia Forensics for Detecting Forgeries 805  
        37.1 Some Examples of Multimedia Forgeries 806  
        37.2 Functionalities of Multimedia Forensics 808  
        37.3 General Schemes for Forgery Detection 810  
        37.4 Forensic Methods for Forgery Detection 811  
        37.5 Unresolved Issues 821  
        37.6 Conclusions 822  
        References 822  
        The Authors 824  
     38 Technological and Legal Aspects of CIS 825  
        38.1 Technological Aspects 826  
        38.2 Secure Wireless Systems 832  
        38.3 Legal Aspects of Secure Information Networks 834  
        38.4 An Emergency Telemedicine System/Olympic Games Application/CBRN Threats 840  
        38.5 Technology Convergence and Contribution 844  
        References 844  
        The Author 846  
  Index 847  


nach oben


  Mehr zum Inhalt
Kapitelübersicht
Kurzinformation
Inhaltsverzeichnis
Leseprobe
Blick ins Buch
Fragen zu eBooks?

  Navigation
Belletristik / Romane
Computer
Geschichte
Kultur
Medizin / Gesundheit
Philosophie / Religion
Politik
Psychologie / Pädagogik
Ratgeber
Recht
Reise / Hobbys
Sexualität / Erotik
Technik / Wissen
Wirtschaft

  Info
Hier gelangen Sie wieder zum Online-Auftritt Ihrer Bibliothek
© 2008-2020 ciando GmbH | Impressum | Kontakt | F.A.Q. | Datenschutz