Handbook of Information Security, Volume 1, Key Concepts, Infrastructure, Standards, and Protocols

Handbook of Information Security, Volume 1, Key Concepts, Infrastructure, Standards, and Protocols

Released January 2006
Publisher(s): Wiley
ISBN: 9780471648307

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

The Handbook of Information Security is a definitive 3-volume handbook that offers coverage of both established and cutting-edge theories and developments on information and computer security. The text contains 180 articles from over 200 leading experts, providing the benchmark resource for information security, network security, information privacy, and information warfare.

Table of contents

  1. Cover Page
  2. Title Page
  3. Copyright
  4. Dedication
  5. About the Editor-in-Chief
  6. Editorial Board
  7. Contents
  8. Contributors
  9. Preface
    1. TOPIC CATEGORIES
  10. Guide to The Handbook of Information Security
  11. PART 1: Key Concepts and Applications Related to Information Security
    1. Internet Basics
      1. INTRODUCTION
      2. INFORMATION SUPERHIGHWAY AND THE WORLD WIDE WEB
      3. DOMAIN NAME SYSTEMS
      4. NAVIGATIONAL TOOLS, SEARCH ENGINES, AND DIRECTORIES
      5. INTERNET SERVICES THAT SUPPORT ELECTRONIC COMMERCE
      6. WHAT IS AN INTRANET?
      7. INTERNET VERSUS INTRANETS
      8. SELECTED APPLICATIONS OF AN INTRANET
      9. WHAT IS AN EXTRANET?
      10. SELECTED INTERNET APPLICATIONS
      11. GLOSSARY
      12. CROSS REFERENCES
      13. REFERENCES
      14. FURTHER READING
    2. Digital Economy
      1. INTRODUCTION
      2. INFORMATION TECHNOLOGY, THE DIGITAL ECONOMY, AND E-COMMERCE
      3. SIZE AND GROWTH OF THE DIGITAL ECONOMY
      4. IMPLICATIONS FOR MARKETS AND ORGANIZATIONS
      5. SECURITY
      6. GOVERNMENT POLICIES
      7. WORK, PLAY, AND COMMUNITIES
      8. CONCLUSION
      9. GLOSSARY
      10. CROSS REFERENCES
      11. REFERENCES
      12. FURTHER READING
    3. Online Retail Banking: Security Concerns, Breaches, and Controls
      1. INTRODUCTION
      2. TYPES OF ONLINE RETAIL BANKING SERVICES
      3. ONLINE BANKING SECURITY CONCERNS
      4. DEFINITION OF SECURITY
      5. SOURCES AND CONTROLS OF EXTERNAL INFORMATION SECURITY BREACHES
      6. SOURCES AND CONTROLS OF INTERNAL INFORMATION SECURITY BREACHES
      7. CONCLUSION
      8. GLOSSARY
      9. CROSS REFERENCES
      10. REFERENCES
      11. FURTHER READING
    4. Digital Libraries: Security and Preservation Considerations
      1. INTRODUCTION
      2. CONSTRUCTING DIGITAL LIBRARIES
      3. SECURITY AND DIGITAL LIBRARIES
      4. PRESERVATION AND DIGITAL LIBRARIES
      5. CONTINUITY OF DIGITAL LIBRARIES
      6. CONCLUSION
      7. GLOSSARY
      8. CROSS REFERENCES
      9. REFERENCES
    5. E-Mail and Instant Messaging
      1. INTRODUCTION
      2. ELECTRONIC MAIL
      3. INSTANT MESSAGING
      4. SECURITY IN E-MAIL AND IM ENVIRONMENTS
      5. CONCLUSION
      6. GLOSSARY
      7. CROSS REFERENCES
      8. REFERENCES
      9. FURTHER READING
    6. Internet Relay Chat
      1. SECURE COMMUNICATION USING INTERNET RELAY CHAT
      2. STRUCTURE AND OPERATION
      3. SOCIAL FACTORS
      4. SECURITY AND LEGAL ISSUES
      5. FUTURE OF IRC
      6. GLOSSARY
      7. CROSS REFERENCES
      8. REFERENCES
      9. FURTHER READING
    7. Online Communities
      1. INTRODUCTION
      2. DEFINITION AND ATTRIBUTES
      3. HISTORY OF ONLINE COMMUNITIES
      4. TYPES OF ONLINE COMMUNITIES
      5. ONLINE COMMUNITY CONSEQUENCES
      6. RESEARCH METHODS AND ISSUES
      7. CONCLUSION
      8. GLOSSARY
      9. CROSS REFERENCES
      10. REFERENCES
    8. Groupware: Risks, Threats, and Vulnerabilities in the Internet Age
      1. INTRODUCTION
      2. WHY GROUPWARE?
      3. GROUPWARE AND SECURITY
      4. DEFINING AND CLASSIFYING GROUPWARE IN THE INTERNET AGE
      5. GROUPWARE FUNCTIONALITIES IN THE INTERNET AGE
      6. GROUPWARE MANAGEMENT ISSUES: PRODUCTIVITY AND ORGANIZATIONAL EFFECTS
      7. CONCLUSION
      8. GLOSSARY
      9. CROSS REFERENCES
      10. REFERENCES
      11. FURTHER READING
    9. Search Engines: Security, Privacy, and Ethical Issues
      1. INTRODUCTION
      2. SEARCHER
      3. SEARCH ENGINE
      4. WEB SITE
      5. SEARCH ETHICS
      6. CONCLUSION
      7. GLOSSARY
      8. CROSS REFERENCES
      9. REFERENCES
      10. FURTHER READING
    10. Web Services
      1. INTRODUCTION
      2. THE GENESIS OF WEB SERVICES
      3. WEB SERVICES TODAY
      4. THE FUTURE OF WEB SERVICES
      5. CONCLUSION
      6. GLOSSARY
      7. CROSS REFERENCES
      8. REFERENCES
      9. FURTHER READING
    11. Electronic Commerce
      1. INTRODUCTION
      2. A BRIEF HISTORY OF E-COMMERCE
      3. INTERNET BUSINESS MODELS
      4. MARKETING STRATEGIES FOUND IN E-COMMERCE
      5. CONSUMERS IN E-COMMERCE
      6. INFORMATION SECURITY AND ONLINE PAYMENT IN E-COMMERCE
      7. EMERGING TECHNOLOGIES
      8. BARRIERS TO E-COMMERCE DEVELOPMENT
      9. THE ECONOMIC AND COMPETITIVE IMPACTS OF E-COMMERCE
      10. CONCLUSIONS
      11. GLOSSARY
      12. CROSS REFERENCES
      13. REFERENCES
    12. EDI Security
      1. INTRODUCTION
      2. THE BUSINESS ROLE OF EDI
      3. THE EDI PROCESS
      4. EDI VULNERABILITIES
      5. EDI SECURITY MECHANISMS
      6. COMMUNICATIONS NETWORK ALTERNATIVES
      7. EDI STANDARDS
      8. EDIFACT
      9. SECURE EDI APPLICATION EXAMPLES
      10. GUIDELINES FOR MANAGING EDI SYSTEMS RISKS
      11. CONCLUSIONS AND RECOMMENDATIONS
      12. GLOSSARY
      13. CROSS REFERENCES
      14. REFERENCES
    13. Electronic Payment Systems
      1. INTRODUCTION
      2. REQUIREMENTS FOR ELECTRONIC PAYMENT SYSTEMS
      3. TYPES OF ELECTRONIC PAYMENT SYSTEMS
      4. REPRESENTATIVE TECHNOLOGIES
      5. CONCLUSION AND FURTHER READING
      6. GLOSSARY
      7. CROSS REFERENCES
      8. REFERENCES
    14. Intranets: Principals, Privacy, and Security Considerations
      1. INTRODUCTION
      2. FEATURES OF AN INTRANET
      3. TECHNOLOGY
      4. BUILDING AND MAINTAINING SECURE INTRANETS
      5. CONCLUSION
      6. GLOSSARY
      7. CROSS REFERENCES
      8. REFERENCES
    15. Extranets: Applications, Development, Security, and Privacy
      1. INTRODUCTION
      2. STRATEGIC USES OF EXTRANETS
      3. PLANNING AND IMPLEMENTING AN ORGANIZATIONAL EXTRANET
      4. SECURITY AND INFORMATION PRIVACY
      5. CONCLUSION
      6. GLOSSARY
      7. CROSS REFERENCES
      8. REFERENCES
    16. Business-to-Business Electronic Commerce
      1. INTRODUCTION
      2. FOUNDATIONS OF B2B E-COMMERCE
      3. B2B STRATEGIES
      4. METHODS FOR IMPLEMENTING B2B
      5. B2B E-COMMERCE CHALLENGES
      6. B2B E-COMMERCE IN PERSPECTIVE
      7. ACKNOWLEDGMENTS
      8. GLOSSARY
      9. CROSS REFERENCES
      10. FURTHER READING
    17. Click-and-Brick Electronic Commerce
      1. INTRODUCTION
      2. CLICK-AND-BRICK E-COMMERCE OVERVIEW
      3. SOURCES OF SYNERGY BETWEEN TRADITIONAL AND E-COMMERCE CHANNELS
      4. MANAGING CHANNEL CONFLICT IN MULTICHANNEL FIRMS
      5. SUMMARY OF THE CLICK-AND-BRICK FRAMEWORK
      6. EXPLORING THE FRAMEWORK WITH SEVERAL CLICK-AND-BRICK CASES
      7. CLICK-AND-BRICK E-COMMERCE IN PRACTICE
      8. INFORMATION SECURITY AND CLICK-AND-BRICK RETAILERS
      9. CONCLUSION
      10. CROSS REFERENCES
      11. REFERENCES
    18. Mobile Commerce
      1. INTRODUCTION
      2. MOBILE COMMERCE APPLICATIONS
      3. BUSINESS MODELS IN THE M-COMMERCE ENVIRONMENT
      4. ENABLING TECHNOLOGIES
      5. ARCHITECTURAL COMPONENTS
      6. SECURITY ISSUES
      7. PRIVACY ISSUES
      8. TRUST ISSUES
      9. RESOURCES
      10. CROSS REFERENCES
      11. REFERENCES
      12. FURTHER READING
    19. E-Education and Information Privacy and Security
      1. INTRODUCTION
      2. E-EDUCATION EXAMINED
      3. LEGAL FOUNDATIONS AND SECURITY AND PRIVACY ISSUES
      4. SECURITY AND PRIVACY IN E-EDUCATION
      5. CONCLUSION
      6. GLOSSARY
      7. CROSS REFERENCES
      8. REFERENCES
      9. FURTHER READING
    20. Security in E-Learning
      1. INTRODUCTION
      2. SECURITY RISK ANALYSIS
      3. FROM REQUIREMENTS TO DESIGNING AND IMPLEMENTING SOLUTIONS
      4. OUTLOOK: SECURITY IN M-LEARNING
      5. CONCLUSION
      6. GLOSSARY
      7. CROSS REFERENCES
      8. REFERENCES
    21. E-Government
      1. INTRODUCTION
      2. WHAT E-GOVERNMENT IS AND HOW IT IS USED
      3. HISTORY OF E-GOVERNMENT AT THE U.S. FEDERAL LEVEL
      4. E-GOVERNMENT ADOPTION IN THE UNITED STATES
      5. THEORY AND TYPOLOGY OF E-GOVERNMENT
      6. SECURITY AND PRIVACY
      7. CONCLUSION: THE FUTURE OF E-GOVERNMENT
      8. GLOSSARY
      9. CROSS REFERENCES
      10. REFERENCES
      11. FURTHER READING
    22. E-Government Security Issues and Measures
      1. E-GOVERNMENT INITIATIVES
      2. SECURITY ISSUES ASSOCIATED WITH E-GOVERNMENT
      3. Integrity
      4. SECURITY MEASURES FOR E-GOVERNMENT
      5. SUMMARY
      6. GLOSSARY
      7. CROSS REFERENCES
      8. REFERENCES
    23. International Security Issues of E-Government
      1. INTRODUCTION
      2. E-GOVERNMENT EVOLUTION
      3. E-GOVERNMENT BEYOND NATIONAL BORDERS
      4. NONGOVERNMENT ACTORS AND GOVERNMENT INFORMATION
      5. International Nongovernment Agencies
      6. GLOBAL INFORMATION—AREAS OF HIGH RISK
      7. CONCLUSIONS
      8. GLOSSARY
      9. CROSS REFERENCES
      10. REFERENCES
      11. FURTHER READING
  12. PART 2: Infrastructure for the Internet, Computer Networks, and Secure Information Transfer
    1. Conducted Communications Media
      1. INTRODUCTION
      2. OVERVIEW OF NETWORK TRANSMISSION BASICS
      3. COAXIAL CABLE
      4. TWISTED-PAIR CABLE
      5. FIBER OPTIC CABLE
      6. COMPARISONS AND CONTRASTS
      7. MEDIA SECURITY
      8. CONCLUSION
      9. GLOSSARY
      10. CROSS REFERENCES
      11. REFERENCES
    2. Routers and Switches
      1. INTRODUCTION
      2. ROUTERS AND SWITCHES IN A NUTSHELL
      3. ROUTER AND SWITCH SECURITY
      4. CONCLUSION
      5. GLOSSARY
      6. CROSS REFERENCES
      7. REFERENCES
    3. Radio Frequency and Wireless Communications Security
      1. INTRODUCTION
      2. RF WIRELESS COMMUNICATION
      3. RADIO WAVE PROPAGATION
      4. WIRELESS COMMUNICATION TECHNIQUES
      5. CELLULAR COMMUNICATIONS
      6. ELEMENTS OF WIRELESS COMMUNICATION SECURITY
      7. SECURITY OF WLAN
      8. EMERGING TECHNOLOGIES AND SECURITY STANDARDS
      9. CONCLUDING REMARKS
      10. GLOSSARY
      11. CROSS REFERENCES
      12. REFERENCES
    4. Wireless Channels
      1. INTRODUCTION
      2. PROPAGATION OF SIGNALS
      3. INTERFERENCE IN CELLULAR ARCHITECTURE
      4. CONCLUDING REMARKS
      5. GLOSSARY
      6. APPENDIX (POWER UNITS)
      7. CROSS REFERENCES
      8. REFERENCES
      9. FURTHER READING
    5. Security in Circuit, Message, and Packet Switching
      1. INTRODUCTION
      2. LAYERING MODELS
      3. CIRCUIT, MESSAGE, AND PACKET SWITCHING
      4. SECURITY CONSIDERATIONS
      5. CONCLUSION
      6. GLOSSARY
      7. CROSS REFERENCES
      8. REFERENCES
      9. FURTHER READING
    6. Digital Communication
      1. INTRODUCTION
      2. FUNDAMENTALS OF DIGITAL COMMUNICATION
      3. IMPORTANT CONCEPTS IN DIGITAL COMMUNICATION
      4. A PERFORMANCE EXAMPLE
      5. CONNECTIONS WITH SECURITY
      6. CONCLUSION: FURTHER READING
      7. GLOSSARY
      8. CROSS REFERENCES
      9. REFERENCES
    7. Local Area Networks
      1. INTRODUCTION TO LOCAL AREA NETWORKS
      2. TYPES OF LANs
      3. LAN HARDWARE AND MEDIA
      4. LAN SOFTWARE
      5. ROLE AND APPLICATIONS OF LANs IN THE INTERNET, INTRANET, EXTRANET, AND E-COMMERCE WORLDS
      6. WIRELESS LOCAL AREA NETWORKS
      7. LAN INSTALLATION
      8. LAN ADMINISTRATION
      9. LAN SECURITY
      10. CONCLUSION
      11. GLOSSARY
      12. CROSS REFERENCES
      13. REFERENCES
    8. Wide Area and Metropolitan Area Networks
      1. INTRODUCTION
      2. HISTORY AND CONTEXT
      3. FACILITIES AND INFRASTRUCTURE
      4. SWITCHING, ROUTING, AND SIGNALING
      5. PROVIDERS AND SERVICES
      6. CONCLUSION
      7. GLOSSARY
      8. CROSS REFERENCES
      9. FURTHER READING
    9. Home Area Networking
      1. INTRODUCTION
      2. RELATED WORK AND NOVELTY OF CONTRIBUTION
      3. SECURITY IN HOME AREA NETWORKS
      4. DESIGN AND IMPLEMENTATION OF AN OSGI-BASED RESIDENTIAL GATEWAY
      5. CONCLUSION
      6. GLOSSARY
      7. CROSS REFERENCES
      8. REFERENCES
    10. Public Network Technologies and Security
      1. INTRODUCTION
      2. OVERVIEW OF PUBLIC NETWORK CONCEPTS, SERVICES, AND STRUCTURE
      3. PUBLIC NETWORK TECHNOLOGIES
      4. PUBLIC NETWORK SECURITY
      5. PUBLIC NETWORKS IN THE INTERNET AND E-COMMERCE ENVIRONMENTS
      6. CONCLUSIONS
      7. GLOSSARY
      8. CROSS REFERENCES
      9. REFERENCES
    11. Client/Server Computing: Principles and Security Considerations
      1. INTRODUCTION
      2. CLIENT/SERVER CLASSIFICATION
      3. ENABLING TECHNOLOGIES
      4. CLIENT/SERVER IMPLEMENTATIONS
      5. CONCLUSION
      6. GLOSSARY
      7. CROSS REFERENCES
      8. REFERENCES
    12. Peer-to-Peer Security
      1. INTRODUCTION
      2. ABOUT PEER-TO-PEER SYSTEMS
      3. IMPLEMENTING SECURE PEER-TO-PEER SYSTEMS
      4. REPUTATION AND ACCOUNTABILITY
      5. CONCLUSION
      6. GLOSSARY
      7. CROSS REFERENCES
      8. REFERENCES
    13. Security Middleware
      1. INTRODUCTION
      2. SECURITY MIDDLEWARE PROCESSES AND SERVICES
      3. APPLICATION-BASED AUTHENTICATION
      4. NETWORK-BASED AUTHENTICATION
      5. GLOSSARY
      6. CROSS REFERENCES
      7. REFERENCES
      8. FURTHER READING
    14. Internet Architecture
      1. INTRODUCTION
      2. NETWORK INTERCONNECTION—THE IP SERVICE
      3. BUILDING ON THE IP SERVICE
      4. MAKING THE IP LAYER WORK
      5. TRAFFIC MANAGEMENT IN THE INTERNET
      6. CONCLUSION
      7. GLOSSARY
      8. CROSS REFERENCES
      9. REFERENCES
    15. TCP/IP Suite
      1. INTRODUCTION
      2. LAYERS
      3. INTERNET PROTOCOL
      4. TRANSMISSION CONTROL PROTOCOL
      5. UDP, ICMP, DNS, ARP, AND RARP User Datagram Protocol
      6. APPLICATIONS
      7. SECURITY
      8. CONCLUSION
      9. GLOSSARY
      10. CROSS REFERENCES
      11. REFERENCES
      12. FURTHER READING
    16. Voice-over Internet Protocol (VoIP)
      1. INTRODUCTION
      2. COMMUNICATIONS THEORY: BITS OF TRANSMITTED INFORMATION
      3. THE TELEPHONY NETWORK
      4. VOICE-OVER-INTERNET PROTOCOL
      5. CONCLUSION
      6. GLOSSARY
      7. CROSS REFERENCES
    17. Security and Web Quality of Service
      1. INTRODUCTION TO SECURITY AND WEB QoS
      2. WEB QoS ARCHITECTURE AND SECURITY IMPLICATIONS
      3. THE CHALLENGE OF QoS GUARANTEES
      4. CURRENT WEB ARCHITECTURE
      5. PERFORMANCE GUARANTEES AND DENIAL-OF-QoS IN WEB SERVERS
      6. PERFORMANCE AND SECURITY CONSIDERATIONS IN WEB PROXY SERVERS
      7. OTHER SECURITY ISSUES
      8. CONCLUSIONS AND FUTURE TRENDS
      9. GLOSSARY
      10. CROSS REFERENCES
      11. REFERENCES
    18. Mobile Devices and Protocols
      1. INTRODUCTION
      2. MOBILE DEVICE FAMILIES
      3. MOBILE PROTOCOLS
      4. MOBILE DEVICES SECURITY AND MEASURES
      5. MOBILE DEVICE MOBILITY MANAGEMENT
      6. CONCLUSIONS AND FUTURE TRENDS
      7. GLOSSARY
      8. CROSS REFERENCES
      9. REFERENCES
    19. Bluetooth Technology
      1. INTRODUCTION
      2. BLUETOOTH WIRELESS TECHNOLOGY
      3. CONCLUSION
      4. GLOSSARY
      5. CROSS REFERENCES
      6. REFERENCES
      7. FURTHER READING
    20. Wireless Local Area Networks
      1. INTRODUCTION
      2. 802.11 PHYSICAL LAYER
      3. HIPERLANs HIPERLAN Type 1
      4. WLAN SECURITY
      5. QoS SUPPORT: IEEE 802.11E
      6. ADVANCED TOPICS
      7. GLOSSARY
      8. CROSS REFERENCES
      9. REFERENCES
    21. Security in Wireless Sensor Networks
      1. INTRODUCTION
      2. WIRELESS SENSOR NETWORKS
      3. SECURITY ISSUES IN SENSORS AND WIRELESS SENSOR NETWORKS
      4. WIRELESS SENSOR NETWORK SECURITY RESEARCH
      5. NEW APPROACH TO SECURING SENSORS AND WSNs
      6. CONCLUSION AND DIRECTIONS FOR FUTURE RESEARCH
      7. ACKNOWLEDGMENTS
      8. GLOSSARY
      9. CROSS REFERENCES
      10. REFERENCES
      11. FURTHER READING
    22. Cellular Networks
      1. INTRODUCTION
      2. BASIC CONCEPTS
      3. MULTIPLE ACCESS METHODS
      4. LOCATION MANAGEMENT
      5. HAND-OFF STRATEGIES AND CHANNEL ASSIGNMENT
      6. AUTHENTICATION AND ENCRYPTION
      7. EVOLUTION OF CELLULAR NETWORKS
      8. ALTERNATIVES TO CELLULAR NETWORKS
      9. SUMMARY
      10. ACKNOWLEDGMENTS
      11. GLOSSARY
      12. CROSS REFERENCES
      13. REFERENCES
    23. Mobile IP
      1. INTRODUCTION
      2. OVERVIEW OF MOBILE Ipv4
      3. MOBILE Ipv4 PROTOCOL OVERVIEW
      4. ADVANTAGES OF Ipv6 FOR MOBILE IP
      5. MOBILE Ipv6 OVERVIEW
      6. SECURITY THREATS IN MOBILE IP
      7. MOBILE Ipv4 SECURITY MECHANISMS
      8. MOBILE Ipv6 SECURITY MECHANISMS
      9. CONCLUSION
      10. GLOSSARY
      11. CROSS REFERENCES
      12. REFERENCES
    24. IP Multicast and Its Security
      1. INTRODUCTION
      2. IP MULTICAST
      3. SECURE MULTICAST
      4. KEY MANAGEMENT FOR SECURE MULTICAST
      5. CONCLUSION
      6. GLOSSARY
      7. CROSS REFERENCES
      8. REFERENCES
      9. FURTHER READING
    25. TCP over Wireless Links
      1. INTRODUCTION
      2. CONGESTION AVOIDANCE AND CONTROL
      3. TCP OVER WIRELESS
      4. PROPOSED SCHEMES FOR WIRELESS TCP
      5. SECURITY
      6. THREATS TO TCP
      7. SECURITY PROTOCOLS
      8. CONCLUSION
      9. GLOSSARY
      10. CROSS REFERENCES
      11. REFERENCES
    26. Air Interface Requirements for Mobile Data Services
      1. INTRODUCTION
      2. SPECTRAL EFFICIENCY AND INTERFERENCE
      3. SYSTEM REQUIREMENTS
      4. RADIO RESOURCE MANAGEMENT
      5. SUMMARY AND CONCLUSION
      6. GLOSSARY
      7. CROSS REFERENCES
      8. REFERENCES
    27. Wireless Internet: A Cellular Perspective
      1. INTRODUCTION
      2. HETEROGENEOUS NEXT-GENERATION WIRELESS NETWORKS
      3. WIRELESS LOCAL AREA NETWORKS
      4. TECHNICAL REQUIREMENTS OF MOBILE INTERNET ARCHITECTURE
      5. INTERNETWORKING OF THE HETEROGENEOUS WIRELESS INTERNET
      6. AUGMENTATED MOBILITY, RESOURCE, AND QoS MANAGEMENT
      7. MOBILE TERMINAL ARCHITECTURE
      8. RELIABLE MULTICASTING
      9. CONCLUSION
      10. ACKNOWLEDGMENTS
      11. GLOSSARY
      12. CROSS REFERENCES
      13. REFERENCES
    28. Security of Satellite Networks
      1. INTRODUCTION
      2. SHORT HISTORY OF SATELLITE COMMUNICATIONS
      3. WHY AND WHEN TO USE SATELLITES
      4. SATELLITE SYSTEM CHARACTERISTICS
      5. Orbits
      6. Application Layer
      7. SATELLITE AND SECURITY: REFERENCE SCENARIO
      8. COMMUNICATION, TRANSMISSION, AND INFORMATION SECURITY
      9. SECURE SYSTEMS AND APPLICATIONS IMPLEMENTED USING SATELLITES
      10. ELEMENTS ON MILITARY SATELLITES
      11. CONCLUSIONS
      12. GLOSSARY
      13. CROSS REFERENCES
      14. REFERENCES
    29. Security of Broadband Access Networks
      1. INTRODUCTION
      2. BROADBAND NETWORK SECURITY ISSUES
      3. HOW TO IMPROVE BROADBAND SECURITY
      4. CONCLUSION
      5. GLOSSARY
      6. CROSS REFERENCES
      7. REFERENCES
      8. FURTHER READING
    30. Ad Hoc Network Security
      1. INTRODUCTION
      2. ROUTING SECURITY
      3. KEY MANAGEMENT
      4. COOPERATION ENFORCEMENT
      5. VALIDATION OF COOPERATION ENFORCEMENT MECHANISMS THROUGH GAME THEORY
      6. CONCLUSION
      7. GLOSSARY
      8. CROSS REFERENCES
      9. REFERENCES
      10. FURTHER READING
  13. PART 3: Standards and Protocols for Secure Information Transfer
    1. Standards for Product Security Assessment
      1. INTRODUCTION
      2. APPROACHES FOR ASSESSING SECURITY
      3. COMMON CRITERIA PARADIGM
      4. COMMON CRITERIA IN PRACTICE
      5. CONCLUSION
      6. GLOSSARY
      7. CROSS REFERENCES
      8. REFERENCES
    2. Digital Certificates
      1. INTRODUCTION
      2. CERTIFICATE STRUCTURE
      3. ISSUES AND DISCUSSIONS
      4. APPLICATION PROTOCOLS BASED ON X.509 CERTIFICATES
      5. KEY PLAYERS IN THE INDUSTRY AND THEIR CERTIFICATION PRACTICES
      6. SUMMARY AND CONCLUSION
      7. GLOSSARY
      8. CROSS REFERENCES
      9. REFERENCES
    3. Internet E-Mail Architecture
      1. INTRODUCTION
      2. STRUCTURE
      3. TECHNOLOGY OF SYNTHESIS
      4. HISTORY
      5. INTERNET ELECTRONIC MAIL GENERAL ARCHITECTURE
      6. INFRASTRUCTURE SECURITY
      7. SUMMARY
      8. ACKNOWLEDGMENTS
      9. GLOSSARY
      10. CROSS REFERENCES
      11. REFERENCES
      12. FURTHER READING
    4. PKI (Public Key Infrastructure)
      1. INTRODUCTION
      2. Authentication
      3. FUNCTIONAL COMPARISON BETWEEN PUBLIC KEY– AND SECRET KEY–BASED SYSTEMS
      4. CONCLUSION
      5. GLOSSARY
      6. CROSS REFERENCES
      7. FURTHER READING
    5. S/MIME (Secure MIME)
      1. A BRIEF HISTORY OF MIME
      2. S/MIME OBJECTIVES AND THREAT ENVIRONMENT
      3. S/MIME USAGE
      4. S/MIME MECHANISMS
      5. CREATION AND INTERPRETATION OF S/MIME MESSAGES
      6. ENHANCED SECURITY SERVICES FOR S/MIME (RFC 2634)
      7. ALTERNATIVES TO S/MIME
      8. CONCLUSIONS
      9. GLOSSARY
      10. CROSS REFERENCES
      11. REFERENCES
    6. PGP (Pretty Good Privacy)
      1. INTRODUCTION
      2. HISTORY OF PGP
      3. PGP VARIANTS AND ALTERNATIVES
      4. PGP PROBLEMS AND LESSONS
      5. FUTURE DIRECTIONS AND CONCLUSION
      6. GLOSSARY
      7. CROSS REFERENCES
      8. REFERENCES
      9. FURTHER READING
    7. SMTP (Simple Mail Transfer Protocol)
      1. INTRODUCTION
      2. SMTP FUNDAMENTALS
      3. SMTP MODEL AND PROTOCOL
      4. USER AGENT
      5. MAIL TRANSFER AGENT
      6. SMTP SERVER
      7. ON-DEMAND MAIL RELAY
      8. MULTIPURPOSE INTERNET MAIL EXTENSIONS (MIME)
      9. MAIL TRANSMISSION TYPES
      10. MAIL ACCESS MODES
      11. MAIL ACCESS PROTOCOLS
      12. SMTP SECURITY ISSUES
      13. POP AND IMAP VULNERABILITIES
      14. STANDARDS, ORGANIZATIONS, AND ASSOCIATIONS
      15. CONCLUSION
      16. GLOSSARY
      17. CROSS REFERENCES
      18. REFERENCES
      19. FURTHER READING
    8. Internet Security Standards
      1. INTRODUCTION
      2. SECURITY THREATS
      3. DIALOGUE SECURITY
      4. ADDING OVERLAY SECURITY TO INDIVIDUAL DIALOGUES
      5. ADDING SECURITY TO INDIVIDUAL INTERNET STANDARDS
      6. THE STATE OF INTERNET SECURITY STANDARDS
      7. GLOSSARY
      8. CROSS REFERENCES
      9. REFERENCES
    9. Kerberos
      1. INTRODUCTION
      2. MOTIVATION
      3. KERBEROS VERSION 4
      4. KERBEROS VERSION 5
      5. PERFORMANCE ISSUES
      6. CONCLUSION
      7. GLOSSARY
      8. CROSS REFERENCES
      9. REFERENCES
      10. FURTHER READING
    10. IPsec: AH and ESP
      1. TCP/IP LIMITATIONS AND IPsec RESPONSE
      2. IPsec ARCHITECTURE
      3. IPsec PROCESSING
      4. SECURITY POLICY MANAGEMENT
      5. IPsec IMPLEMENTATIONS
      6. LIMITATIONS, PERSPECTIVES AND ADVANCED ISSUES OF IPSEC
      7. CONCLUDING REMARKS
      8. GLOSSARY
      9. CROSS REFERENCES
      10. REFERENCES
    11. IPsec: IKE (Internet Key Exchange)
      1. INTRODUCTION
      2. IKE USAGE SCENARIOS
      3. IKE PROTOCOL HANDSHAKE
      4. EXTENSIONS AND VARIATIONS
      5. DIFFERENCES BETWEEN IKEV1 AND IKEV2
      6. GLOSSARY
      7. CROSS REFERENCES
      8. REFERENCES
      9. FURTHER READING
    12. Secure Sockets Layer (SSL)
      1. SECURE COMMUNICATION CHANNELS
      2. INTERNETWORKING CONCEPTS
      3. CRYPTOGRAPHIC CONCEPTS USED IN SSL AND TLS
      4. SSL ARCHITECTURE
      5. STATUS OF SSL
      6. GLOSSARY
      7. CROSS REFERENCES
      8. REFERENCES
      9. FURTHER READING
    13. PKCS (Public Key Cryptography Standards)
      1. INTRODUCTION
      2. PKCS 1: RSA CRYPTOGRAPHY STANDARD
      3. PKCS 5: PASSWORD-BASED CRYPTOGRAPHY STANDARD
      4. PKCS 6: EXTENDED-CERTIFICATE SYNTAX STANDARD (HISTORIC)
      5. PKCS 7 AND RFC 3369: CRYPTOGRAPHIC MESSAGE SYNTAX (CMS)
      6. PKCS 8: PRIVATE KEY INFORMATION SYNTAX STANDARD
      7. PKCS 9: SELECTED OBJECT CLASSES AND ATTRIBUTE TYPES
      8. PKCS 10: CERTIFICATION REQUEST SYNTAX STANDARD
      9. PKCS 11: CRYPTOGRAPHIC TOKEN INTERFACE STANDARD
      10. PKCS 12: PERSONAL INFORMATION EXCHANGE SYNTAX STANDARD
      11. PKCS 15: CRYPTOGRAPHIC TOKEN INFORMATION SYNTAX STANDARD
      12. AN EXAMPLE
      13. ACKNOWLEDGMENTS
      14. GLOSSARY
      15. CROSS REFERENCES
      16. REFERENCES
      17. FURTHER READING
    14. Public Key Standards: Secure Shell
      1. SSH INTRODUCTION AND ITS HISTORY
      2. SSH FUNCTIONALITY AND SERVICES
      3. SSH DATA TYPES, MESSAGE FORMATS AND ALGORITHM NAMING
      4. SSH PROTOCOL ARCHITECTURE
      5. SECURE FILE TRANSFER PROTOCOL
      6. SECURE TUNNELING: TCP PORT FORWARDING AND X FORWARDING
      7. SSH KEY MANAGEMENT
      8. SECURITY
      9. SSH IN THE REAL WORLD
      10. CONCLUSION
      11. ACKNOWLEDGMENT
      12. GLOSSARY
      13. CROSS REFERENCES
      14. REFERENCES
    15. Security and the Wireless Application Protocol
      1. THE WIRELESS APPLICATION PROTOCOL
      2. MOBILE ACCESS TO THE WORLD WIDE WEB AND OTHER DATA RESOURCES
      3. WAP PUBLIC KEY INFRASTRUCTURE
      4. LOOKING AHEAD
      5. GLOSSARY
      6. CROSS REFERENCES
      7. REFERENCES
      8. FURTHER READING
    16. Wireless Network Standards and Protocol 802.11
      1. INTRODUCTION
      2. INTRODUCTION TO THE IEEE 802.11 STANDARD
      3. THE IEEE 802.11 MAC LAYER
      4. THE IEEE 802.11 PHYSICAL LAYER ALTERNATIVES
      5. SECURITY ISSUES AND IMPLEMENTATION IN IEEE 802.11
      6. RECENT ACTIVITIES
      7. GLOSSARY
      8. CROSS REFERENCES
      9. REFERENCES
    17. P3P (Platform for Privacy Preferences Project)
      1. INTRODUCTION
      2. HOW P3P WORKS
      3. P3P POLICIES
      4. POLICY attributes
      5. TEST
      6. ENTITY
      7. ACCESS
      8. DISPUTES
      9. REMEDIES
      10. STATEMENT
      11. NONIDENTIFIABLE
      12. CONSEQUENCE
      13. PURPOSE
      14. RECIPIENT
      15. RETENTION
      16. DATA
      17. A P3P PREFERENCE EXCHANGE LANGUAGE
      18. P3P SOFTWARE
      19. P3P ADOPTION
      20. CONCLUSION
      21. GLOSSARY
      22. CROSS REFERENCES
      23. REFERENCES
      24. FURTHER READING
  14. Reviewers List
  15. Index

Product information

  • Title: Handbook of Information Security, Volume 1, Key Concepts, Infrastructure, Standards, and Protocols
  • Author(s):
  • Release date: January 2006
  • Publisher(s): Wiley
  • ISBN: 9780471648307