O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Elementary Information Security, 2nd Edition

Book Description

An ideal text for introductory information security courses, the second edition of Elementary Information Security provides a comprehensive yet easy-to-understand introduction to the complex world of cyber security and technology. Thoroughly updated with recently reported cyber security incidents, this essential text enables students to gain direct experience by analyzing security problems and practicing simulated security activities. Emphasizing learning through experience, Elementary Information Security, Second Edition addresses technologies and cryptographic topics progressing from individual computers to more complex Internet-based systems.

Table of Contents

  1. Cover
  2. Title Page
  3. Copyright
  4. Contents
  5. Preface
  6. Chapter 1 Security From The Ground Up
    1. 1.1 The Security Landscape
      1. 1.1.1 Making Security Decisions
      2. 1.1.2 Framework for Risk Management
    2. 1.2 Assessing Risks
      1. 1.2.1 The Proprietor’s Risk Management Framework
      2. 1.2.2 Goals and Assets
      3. 1.2.3 Security Boundaries
      4. 1.2.4 Security Architecture
    3. 1.3 Identifying Risks
      1. 1.3.1 Threat Agents
      2. 1.3.2 Potential Attacks
      3. 1.3.3 Risk Matrix
    4. 1.4 Prioritizing Risks
    5. 1.5 Drafting Security Requirements
      1. 1.5.1 Analyzing Alice’s Risks
      2. 1.5.2 Monitoring Security Measures
    6. 1.6 Ethical Issues in Security Analysis
      1. 1.6.1 Searching for Vulnerabilities
      2. 1.6.2 Sharing and Publishing Cyber Vulnerabilities
    7. 1.7 Resources
      1. 1.7.1 Review Questions
      2. 1.7.2 Exercises
  7. Chapter 2 Controlling a Computer
    1. 2.1 Computers and Programs
      1. 2.1.1 Input/Output
      2. 2.1.2 Program Execution
      3. 2.1.3 Procedures
    2. 2.2 Programs and Processes
      1. 2.2.1 Switching Between Processes
      2. 2.2.2 The Operating System
    3. 2.3 Buffer Overflows and the Morris Worm
      1. 2.3.1 The “Finger” Overflow
      2. 2.3.2 Security Alerts
      3. 2.3.3 Studying Cyberattacks
    4. 2.4 Access Control Strategies
      1. 2.4.1 Puzzles and Patterns
      2. 2.4.2 Chain of Control: Another Basic Principle
    5. 2.5 Keeping Processes Separate
      1. 2.5.1 Sharing a Program
      2. 2.5.2 Sharing Data
    6. 2.6 Selecting Security Controls
    7. 2.7 Security Plan: Process Protection
    8. 2.8 Resources
      1. 2.8.1 Review Questions
      2. 2.8.2 Exercises
  8. Chapter 3 Controlling Files
    1. 3.1 The File System
      1. 3.1.1 File Ownership and Access Rights
      2. 3.1.2 Directory Access Rights
    2. 3.2 Executable Files
      1. 3.2.1 Execution Access Rights
      2. 3.2.2 Computer Viruses
      3. 3.2.3 Macro Viruses
      4. 3.2.4 Modern Malware: A Rogue’s Gallery
    3. 3.3 Sharing and Protecting Files
      1. 3.3.1 Security Policies for Sharing and Protection
    4. 3.4 Security Controls for Files
      1. 3.4.1 Deny by Default: A Basic Principle
      2. 3.4.2 Managing Access Rights
    5. 3.5 File Security Controls
      1. 3.5.1 File Permission Flags
      2. 3.5.2 Security Controls to Enforce the Isolation Policy
      3. 3.5.3 States and State Diagrams
    6. 3.6 Patching Security Flaws
    7. 3.7 Resources
      1. 3.7.1 Review Questions
      2. 3.7.2 Exercises
  9. Chapter 4 Sharing Files
    1. 4.1 Controlled Sharing
      1. 4.1.1 Basic File Sharing on Windows
      2. 4.1.2 User Groups
      3. 4.1.3 Least Privilege and Administrative Users
    2. 4.2 File Permission Flags
      1. 4.2.1 Permission Flags and Ambiguities
      2. 4.2.2 Permission Flag Examples
    3. 4.3 Access Control Lists and OS X
    4. 4.4 Microsoft Windows ACLs
      1. 4.4.1 Denying Access
      2. 4.4.2 Default File Protection
      3. 4.4.3 A Different Trojan Horse
    5. 4.5 Monitoring Cyber System Security
      1. 4.5.1 Logging Events
      2. 4.5.2 External Security Requirements
    6. 4.6 Resources
      1. 4.6.1 Review Questions
      2. 4.6.2 Exercises
  10. Chapter 5 Storing Files
    1. 5.1 Incident Response and Attack
      1. 5.1.1 The Aftermath of an Incident
      2. 5.1.2 Legal Disputes
    2. 5.2 Digital Evidence
      1. 5.2.1 Collecting Legal Evidence
      2. 5.2.2 Digital Evidence Procedures
    3. 5.3 Storing Data on a Hard Drive
      1. 5.3.1 Hard Drive Controller
      2. 5.3.2 Hard Drive Formatting
    4. 5.4 Common Drive Concepts
      1. 5.4.1 Error Detection and Correction
      2. 5.4.2 Drive Partitions
      3. 5.4.3 Memory Sizes and Address Variables
    5. 5.5 FAT: An Example File System
      1. 5.5.1 Boot Blocks
      2. 5.5.2 Building Files from Clusters
      3. 5.5.3 FAT Directories
    6. 5.6 Modern File Systems
      1. 5.6.1 Unix File System
      2. 5.6.2 Apple’s HFS Plus
      3. 5.6.3 Microsoft’s NTFS
    7. 5.7 Input/Output and File System Software
      1. 5.7.1 Software Layering
      2. 5.7.2 A Typical I/O Operation
      3. 5.7.3 Security and I/O
    8. 5.8 Resources
      1. 5.8.1 Review Questions
      2. 5.8.2 Exercises
  11. Chapter 6 Authenticating People
    1. 6.1 Unlocking a Door
      1. 6.1.1 Authentication Factors
      2. 6.1.2 Threat Agents and Risks
      3. 6.1.3 Database Thefts
    2. 6.2 Evolution of Password Systems
      1. 6.2.1 One-Way Hash Functions
      2. 6.2.2 Sniffing Credentials
    3. 6.3 Password Guessing
      1. 6.3.1 Password Search Space
      2. 6.3.2 Truly Random Password Selection
      3. 6.3.3 Cracking Speeds
    4. 6.4 Attacks on Password Bias
      1. 6.4.1 Biased Choices and Average Attack Space
      2. 6.4.2 Estimating Language-Based Password Bias
    5. 6.5 Authentication Tokens
      1. 6.5.1 Challenge-Response Authentication
      2. 6.5.2 One-Time Password Tokens
      3. 6.5.3 Token Vulnerabilities
    6. 6.6 Biometric Authentication
      1. 6.6.1 Biometric Accuracy
      2. 6.6.2 Biometric Vulnerabilities
    7. 6.7 Authentication Policy
      1. 6.7.1 Weak and Strong Threats
      2. 6.7.2 Policies for Weak Threat Environments
      3. 6.7.3 Policies for Strong and Extreme Threats
      4. 6.7.4 Password Selection and Handling
    8. 6.8 Resources
      1. 6.8.1 Review Questions
      2. 6.8.2 Exercises
  12. Chapter 7 Encrypting Files
    1. 7.1 Protecting the Accessible
      1. 7.1.1 The Encrypted Diary
      2. 7.1.2 Encryption Basics
      3. 7.1.3 Encryption and Information States
    2. 7.2 Encryption and Cryptanalysis
      1. 7.2.1 The Vigenère Cipher
      2. 7.2.2 Electromechanical Encryption
    3. 7.3 Computer-Based Encryption
      1. 7.3.1 Exclusive Or: A Crypto Building Block
      2. 7.3.2 Stream Ciphers: Another Building Block
      3. 7.3.3 Key Stream Security
      4. 7.3.4 The One-Time Pad
    4. 7.4 File Encryption Software
      1. 7.4.1 Built-In File Encryption
      2. 7.4.2 Encryption Application Programs
      3. 7.4.3 Erasing a Plaintext File
      4. 7.4.4 Choosing a File Encryption Program
    5. 7.5 Digital Rights Management
    6. 7.6 Resources
      1. 7.6.1 Review Questions
      2. 7.6.2 Exercises
  13. Chapter 8 Secret and Public Keys
    1. 8.1 The Key Management Challenge
      1. 8.1.1 Rekeying
      2. 8.1.2 Using Text for Encryption Keys
      3. 8.1.3 Key Strength
    2. 8.2 The Reused Key Stream Problem
      1. 8.2.1 Avoiding Reused Keys
      2. 8.2.2 Key Wrapping: Another Building Block
      3. 8.2.3 Separation of Duty: A Basic Principle
      4. 8.2.4 DVD Key Handling
    3. 8.3 Public-Key Cryptography
      1. 8.3.1 Sharing a Secret: Diffie-Hellman
      2. 8.3.2 Diffie-Hellman: The Basics of the Math
      3. 8.3.3 Elliptic Curve Cryptography
    4. 8.4 RSA: Rivest-Shamir-Adleman
      1. 8.4.1 Encapsulating Keys with RSA
      2. 8.4.2 An Overview of RSA Mathematics
    5. 8.5 Data Integrity and Digital Signatures
      1. 8.5.1 Detecting Malicious Changes
      2. 8.5.2 Detecting a Changed Hash Value
      3. 8.5.3 Digital Signatures
    6. 8.6 Publishing Public Keys
      1. 8.6.1 Public-Key Certificates
      2. 8.6.2 Chains of Certificates
      3. 8.6.3 Authenticated Software Updates
    7. 8.7 Resources
      1. 8.7.1 Review Questions
      2. 8.7.2 Exercises
  14. Chapter 9 Encrypting Volumes
    1. 9.1 Securing a Volume
      1. 9.1.1 Risks to Volumes
      2. 9.1.2 Risks and Policy Trade-Offs
    2. 9.2 Block Ciphers
      1. 9.2.1 Evolution of DES and AES
      2. 9.2.2 The RC4 Story
      3. 9.2.3 Qualities of Good Encryption Algorithms
    3. 9.3 Block Cipher Modes
      1. 9.3.1 Stream Cipher Modes
      2. 9.3.2 Cipher Feedback Mode
      3. 9.3.3 Cipher Block Chaining
    4. 9.4 Encrypting a Volume
      1. 9.4.1 Volume Encryption in Software
      2. 9.4.2 Block Modes for Volume Encryption
      3. 9.4.3 A “Tweakable” Encryption Mode
      4. 9.4.4 Residual Risks
    5. 9.5 Encryption in Hardware
      1. 9.5.1 The Drive Controller
      2. 9.5.2 Drive Locking and Unlocking
    6. 9.6 Managing Encryption Keys
      1. 9.6.1 Key Storage
      2. 9.6.2 Booting an Encrypted Drive
      3. 9.6.3 Residual Risks to Keys
    7. 9.7 Resources
      1. 9.7.1 Review Questions
      2. 9.7.2 Exercises
  15. Chapter 10 Connecting Computers
    1. 10.1 The Network Security Problem
      1. 10.1.1 Basic Network Attacks and Defenses
      2. 10.1.2 Physical Network Protection
      3. 10.1.3 Host and Network Integrity
    2. 10.2 Transmitting Data
      1. 10.2.1 Message Switching
      2. 10.2.2 Circuit Switching
      3. 10.2.3 Packet Switching
    3. 10.3 Putting Bits on a Wire
      1. 10.3.1 Wireless Transmission
      2. 10.3.2 Transmitting Packets
      3. 10.3.3 Recovering a Lost Packe
    4. 10.4 Ethernet: A Modern LAN
      1. 10.4.1 Wiring a Small Network
      2. 10.4.2 Ethernet Frame Format
      3. 10.4.3 Finding Host Addresses
      4. 10.4.4 Handling Collisions
    5. 10.5 The Protocol Stack
      1. 10.5.1 Relationships Between Layers
      2. 10.5.2 The OSI Protocol Model
    6. 10.6 Network Applications
      1. 10.6.1 Resource Sharing
      2. 10.6.2 Data and File Sharing
    7. 10.7 Resources
      1. 10.7.1 Review Questions
      2. 10.7.2 Exercises
  16. Chapter 11 Networks of Networks
    1. 11.1 Building Data Networks
      1. 11.1.1 Point-to-Point Network
      2. 11.1.2 Star Network
      3. 11.1.3 Bus Network
      4. 11.1.4 Tree Network
      5. 11.1.5 Mesh
    2. 11.2 Combining Computer Networks
      1. 11.2.1 Hopping Between Networks
      2. 11.2.2 Evolution of Internet Security
      3. 11.2.3 Internet Structure
    3. 11.3 Talking between Hosts
      1. 11.3.1 IP Addresses
      2. 11.3.2 IP Packet Format
      3. 11.3.3 Address Resolution Protocol
    4. 11.4 Internet Addresses in Practice
      1. 11.4.1 Addresses, Scope, and Reachability
      2. 11.4.2 Private IP Addresses
    5. 11.5 Network Inspection Tools
      1. 11.5.1 Wireshark Examples
      2. 11.5.2 Mapping a LAN with Nmap
    6. 11.6 Resources
      1. 11.6.1 Review Questions
      2. 11.6.2 Exercises
  17. Chapter 12 End-to-End Networking
    1. 12.1 “Smart” Versus “Dumb” Networks
    2. 12.2 Internet Transport Protocols
      1. 12.2.1 Transmission Control Protocol
      2. 12.2.2 Attacks on Protocols
    3. 12.3 Names on the Internet
      1. 12.3.1 Domain Names in Practice
      2. 12.3.2 Looking Up Names
      3. 12.3.3 DNS Protocol
      4. 12.3.4 Investigating Domain Names
      5. 12.3.5 Attacking DNS
    4. 12.4 Internet Gateways and Firewalls
      1. 12.4.1 Network Address Translation
      2. 12.4.2 Filtering and Connectivity
      3. 12.4.3 Software-Based Firewalls
    5. 12.5 Long-Distance Networking
      1. 12.5.1 Older Technologies
      2. 12.5.2 Mature Technologies
      3. 12.5.3 Evolving Technologies
    6. 12.6 Resources
      1. 12.6.1 Review Questions
      2. 12.6.2 Exercises
  18. Chapter 13 Enterprise Computing
    1. 13.1 The Challenge of Community
      1. 13.1.1 Companies and Information Control
      2. 13.1.2 Enterprise Risks
      3. 13.1.3 Social Engineering
    2. 13.2 Management Processes
      1. 13.2.1 Security Management Standards
      2. 13.2.2 Deployment Policy Directives
      3. 13.2.3 Management Hierarchies and Delegation
      4. 13.2.4 Managing Information Resources
      5. 13.2.5 Security Audits
      6. 13.2.6 Information Security Professionals
    3. 13.3 Enterprise Issues
      1. 13.3.1 Personnel Security
      2. 13.3.2 Physical Security
      3. 13.3.3 Software Security
    4. 13.4 Enterprise Network Authentication
      1. 13.4.1 Direct Authentication
      2. 13.4.2 Indirect Authentication
      3. 13.4.3 Off-Line Authentication
    5. 13.5 Contingency Planning
      1. 13.5.1 Data Backup and Restoration
      2. 13.5.2 Handling Serious Incidents
      3. 13.5.3 Disaster Preparation and Recovery
    6. 13.6 Resources
      1. 13.6.1 Review Questions
      2. 13.6.2 Exercises
  19. Chapter 14 Network Encryption
    1. 14.1 Communications Security
      1. 14.1.1 Crypto by Layers
      2. 14.1.2 Administrative and Policy Issues
    2. 14.2 Crypto Keys on a Network
      1. 14.2.1 Manual Keying: A Building Block
      2. 14.2.2 Simple Rekeying
      3. 14.2.3 Secret-Key Building Blocks
      4. 14.2.4 Public-Key Building Blocks
      5. 14.2.5 Public-Key Versus Secret-Key Exchanges
    3. 14.3 Crypto Atop the Protocol Stack
      1. 14.3.1 Transport Layer Security—SSL and TLS
      2. 14.3.2 SSL Handshake Protocol
      3. 14.3.3 SSL Record Transmission
    4. 14.4 Network Layer Cryptography
      1. 14.4.1 The Encapsulating Security Payload
      2. 14.4.2 Implementing a VPN
      3. 14.4.3 Internet Key Exchange Protocol
    5. 14.5 Link Encryption on 802.11 Wireless
      1. 14.5.1 Wireless Packet Protection
      2. 14.5.2 Security Associations
    6. 14.6 Cryptographic Security Requirements
    7. 14.7 Resources
      1. 14.7.1 Review Questions
      2. 14.7.2 Exercises
  20. Chapter 15 Internet Services and Email
    1. 15.1 Internet Services
    2. 15.2 Internet Email
      1. 15.2.1 Email Protocol Standards
      2. 15.2.2 Tracking an Email
      3. 15.2.3 Forging an Email Message
    3. 15.3 Email Security Problems
      1. 15.3.1 Spam
      2. 15.3.2 Phishing
      3. 15.3.3 Email Viruses and Hoaxes
    4. 15.4 Enterprise Firewalls
      1. 15.4.1 Controlling Internet Traffic
      2. 15.4.2 Traffic-Filtering Mechanisms
      3. 15.4.3 Implementing Firewall Rules
    5. 15.5 Enterprise Point of Presence
      1. 15.5.1 POP Topology
      2. 15.5.2 Attacking an Enterprise Site
      3. 15.5.3 The Challenge of Real-Time Media
    6. 15.6 Resources
      1. 15.6.1 Review Questions
      2. 15.6.2 Exercises
  21. Chapter 16 The World Wide Web
    1. 16.1 Hypertext Fundamentals
      1. 16.1.1 Addressing Web Pages
      2. 16.1.2 Retrieving a Static Web Page
    2. 16.2 Basic Web Security
      1. 16.2.1 Static Website Security
      2. 16.2.2 Server Authentication
      3. 16.2.3 Server Masquerades
    3. 16.3 Dynamic Websites
      1. 16.3.1 Scripts on the Web
      2. 16.3.2 States and HTTP
    4. 16.4 Content Management Systems
      1. 16.4.1 Database Management Systems
      2. 16.4.2 Password Checking: A CMS Example
      3. 16.4.3 Command Injection Attacks
    5. 16.5 Ensuring Web Security Properties
      1. 16.5.1 Web Availability
      2. 16.5.2 Web Privacy
    6. 16.6 Resources
      1. 16.6.1 Review Questions
      2. 16.6.2 Exercises
  22. Chapter 17 Governments and Secrecy
    1. 17.1 Secrecy in Government
      1. 17.1.1 The Challenge of Secrecy
      2. 17.1.2 Cybersecurity and Operations
    2. 17.2 Classifications and Clearances
      1. 17.2.1 Security Labeling
      2. 17.2.2 Security Clearances
      3. 17.2.3 Classification Levels in Practice
      4. 17.2.4 Compartments and Other Special Controls
    3. 17.3 National Policy Issues
      1. 17.3.1 Facets of National System Security
      2. 17.3.2 Security Planning
    4. 17.4 Communications Security
      1. 17.4.1 Cryptographic Technology
      2. 17.4.2 Crypto Security Procedures
      3. 17.4.3 Transmission Security
    5. 17.5 Data Protection
      1. 17.5.1 Protected Wiring
      2. 17.5.2 TEMPEST
    6. 17.6 Trustworthy Systems
      1. 17.6.1 Integrity of Operations
      2. 17.6.2 Multilevel Security
      3. 17.6.3 Computer Modes of Operation
    7. 17.7 Resources
      1. 17.7.1 Review Questions
      2. 17.7.2 Exercises
  23. Appendix A: Acronyms
  24. Appendix B: Alternative Security Terms and Concepts
  25. Index