Network Security Essentials

William Stallings has made a unique contribution to understanding the broad sweep of technical developments in computer networking and computer architecture. He has authored 18 titles, and counting revised editions, a total of 35 books on various aspects of these subjects. In over 20 years in the field, he has been a technical contributor, technical manager, and an executive with several high-technology firms. Currently he is an independent consultant whose clients have included computer and networking manufacturers and customers, software development firms, and leading-edge government research institutions. He has six times received the prize for best Computer Science and Engineering textbook of the year from the Textbook and Academic Authors Association. Bill has designed and implemented both TCP/IP-based and OSI-based protocol suites on a variety of computers and operating systems, ranging from microcomputers to mainframes. As a consultant, he has advised government agencies, computer and software vendors, and major users on the design, selection, and use of networking software and products. Dr. Stallings holds a Ph.D. from M.I.T. in Computer Science and a B.S. from Notre Dame in Electrical Engineering.

Preface

1. Introduction

1.1 The OSI Security Architecture

1.2 Security Attacks

1.3 Security Services

1.4 Security Mechanisms

1.5 A Model for Internetwork Security

1.6 Internet Standards the Internet Society

1.7 Outline of This Book

1.8 Recommended Reading

1.9 Internet and Web Resources

 

I.   CRYPTOGRAPHY

 

2. Symmetric Encryption and Message Confidentiality

2.1 Symmetric Encryption Principles

2.2 Symmetric Encryption Algorithms

2.3 Cipher Block Modes of Operation

2.4 Location of Encryption Devices

2.5 Key Distribution

2.6 Recommended Reading and Web Sites

2.7 Key Terms, Review Questions, and Problems

 

3. Public-Key Cryptography and Message Authentication

3.1 Approaches to Message Authentication

3.2 Secure Hash Functions and HMAC

3.3 Public Key Cryptography Principles

3.4 Public-Key Cryptography Algorithms

3.5 Digital Signatures

3.6 Key Management

3.7 Recommended Reading and Web Sites

3.8 Key Terms, Review Questions, and Problems

Appendix 3A Prime Numbers and Modular Arithmetic

 

II.  NETWORK SECURITY APPLICATIONS

 

4. Authentication Applications

4.1 Kerberos

4.2 X.509 Directory Authentication Service

4.3 Public Key Infrastructure

4.4 Recommended Reading and Web Sites

4.4 Key Terms, Review Questions, and Problems

Appendix 4A: Kerberos Encryption Techniques

 

5. Electronic Mail Security

5.1 Pretty Good Privacy (PGP)

5.2 S/MIME

5.3 Recommended Web Sites

5.4 Key Terms, Review Questions, and Problems

Appendix 5A: Data Compression Using ZIP

Appendix 5B: Radix-64 Conversion

Appendix 5C: PGP Random Number Generation

 

6. IP Security

6.1 IP Security Overview

6.2 IP Security Architecture

6.3 Authentication Header

6.4 Encapsulating Security Payload

6.5 Combining Security Associations

6.6 Key Management

6.7 Recommended Reading and Web Sites

6.8  Key Terms, Review Questions, and Problems

Appendix 6A: Internetworking and Internet Protocols

 

7. Web Security

7.1 Web Security Requirements

7.2 Secure Sockets Layer (SSL) and Transport Layer Security (TLS)

7.3 Secure Electronic Transaction (SET)

7.4 Recommended Reading and Web Sites

7.5 Key Terms, Review Questions, and Problems

 

8. Network Management Security

8.1 Basic Concepts of SNMP

8.2 SNMPv1 Community Facility

8.3 SNMPv3

8.4 Recommended Reading and Web Sites

8.5 Key Terms, Review Questions, and Problems

 

III.   SYSTEM SECURITY

 

9. INTRUDERS

9.1 Intruders

9.2 Intrusion Detection

9.3 Password Management

9.4 Recommended Reading and Web Sites

9.5 Key Terms, Review Questions, and Problems

Appendix 9A  The Base-Rate Fallacy

 

10. MALICIOUS SOFTWARE

10.1 Viruses and Related Threats

10.2 Virus Countermeasures

10.3 Distributed Denial of Service Attacks

10.4 Recommended Reading and Web Sites

10.5 Key Terms, Review Questions, and Problems

 

11. FIREWALLS

11.1 Firewall Design Principles

11.2 Trusted Systems

11.3 Common Criteria for Information Technology Security Evaluation

11.4 Recommended Reading and Web Sites

11.5 Key Terms, Review Questions, and Problems

 

APPENDICES

 

A. Standards Cited in this Book

 

B. Some Aspects of Number Theory

B.1 Prime and Relatively Prime Numbers

B.2 Modular Arithmetic

 

C. Projects for Teaching Network Security

C.1 Research Projects

C.2 Programming Projects

C.3 Reading/Report Assignments

 

Glossary

 

References

 

Index

 

List of Acronyms