Professional Documents
Culture Documents
Section 1.1. A Solaris Security Story Section 1.2. Security Services in the Solaris OS Section 1.3. Configurable Security Services in the Solaris OS Notes
Chapter 2. Hardening Solaris Systems
Section 2.1. Securing Network Services Section 2.2. Configuration Hardening Section 2.3. Basic Audit and Reporting Tool Section 2.4. Signed ELF Filesystem Objects Section 2.5. Solaris Fingerprint Database (sfpDB) References Notes
Chapter 3. System Protection with SMF
Section 3.1. Service Management Facility (SMF) Section 3.2. How SMF Configuration Works Section 3.3. Modifying Solaris Services Defaults Further Reading
Chapter 4. File System Security
Section 4.1. Traditional UNIX File System Security Section 4.2. ZFS/NFSv4 ACLs Section 4.3. Maintaining File System Integrity Section 4.4. UFS and NFSv4 Mount Options
Section 4.5. ZFS Mount Options Section 4.6. ZFS Delegated Administration
Chapter 5. Privileges and Role-Based Access Control
Section 5.1. Traditional UNIX Security Model Section 5.2. Solaris Fine-Grained Privileges Section 5.3. Solaris Role-Based Access Control Section 5.4. Privileges for System Services Further Reading Notes
Chapter 6. Pluggable Authentication Modules (PAM)
Section 6.1. The PAM Framework Section 6.2. The PAM Modules Section 6.3. The PAM Configuration File Section 6.4. PAM Consumers Section 6.5. The PAM Library Section 6.6. PAM Tasks Notes
Chapter 7. Solaris Cryptographic Framework
Section 7.1. PKCS #11 Standard and Library Section 7.2. User-Level Commands Section 7.3. Administration of the Solaris Cryptographic Framework Section 7.4. Hardware Acceleration Section 7.5. Examples of Using the Cryptographic Framework
Chapter 8. Key Management Framework (KMF)
Section 8.1. Key Management Administrative Utility Section 8.2. KMF Policy-Enforcement Mechanism Section 8.3. Key Management Policy Configuration Utility Section 8.4. KMF Programming Interfaces
Chapter 9. Auditing
Section 9.1. Introduction and Background Section 9.2. Definitions and Concepts Section 9.3. Configuring Auditing Section 9.4. Analyzing the Audit Trail Section 9.5. Managing the Audit Trail Section 9.6. Common Auditing Customizations Notes
Chapter 10. Solaris Network Security
Section 10.1. IP Filter Section 10.2. What Is IPsec? Section 10.3. Solaris Secure Shell (SunSSH) Section 10.4. Configuring SunSSH Section 10.5. OpenSSL Section 10.6. Kerberos Section 10.7. Kerberos in the Solaris OS Section 10.8. Kerberos Administration Section 10.9. Application Servers Section 10.10. Interoperability with Microsoft Active Directory
Notes
Chapter 11. Zones Virtualization Security
Section 11.1. The Concept of OS Virtualization: Introduction and Motivation Section 11.2. The Architecture of Solaris Zones Section 11.3. Getting Started with Zones Section 11.4. The Security Advantages of OS Virtualization Section 11.5. Monitoring Events in Zones References
Chapter 12. Configuring and Using Trusted Extensions
Section 12.1. Why Use Trusted Extensions? Section 12.2. Enabling Trusted Extensions Section 12.3. Getting Started Section 12.4. Configuring Your Trusted Network Section 12.5. Creating Users and Roles Section 12.6. Creating Labeled Zones Section 12.7. Using the Multilevel Desktop Summary Index
GlassFish Security
By: Masoud Kalali Publisher: Packt Publishing Pub. Date: May 11,2010 Print ISBN-13: 978-1-847199-38-6 Pages in Print Edition: 296
Credits AbouttheAuthor AbouttheReviewers Preface Chapter1.JavaEESecurityModel OverviewofJavaEEarchitecture UnderstandingatypicalJavaEEapplication AccessingprotectedresourceinsideaWebmodule UnderstandingtheEJBmodules Understandingtheapplicationclientmodule DeclaringsecurityrolesinApplicationlevel Summary Chapter2.GlassFishSecurityRealms Securityrealms GlassFishsecurityrealms AddingacustomauthenticationmethodtoGlassFish Summary Chapter3.DesigningandDevelopingSecureJavaEEApplications Understandingthesampleapplication
Analyzingsampleapplicationbusinesslogic ImplementingtheBusinessandPersistencelayers DevelopingthePresentationlayer DeployingtheapplicationclientmoduleintheApplicationClientContainer Summary Chapter4.SecuringGlassFishEnvironment Securingahostoperatingsystem Estimatingsecurityrisks:Auditing Summary Chapter5.SecuringGlassFish AdministratingGlassFish Securingdifferentnetworklisteners HostingmultipledomainsusingoneIP SharingsecuritycontextbetweendifferentapplicationsusingSSO Summary Chapter6.IntroducingOpenDS:OpenSourceDirectoryService Storinghierarchicalinformation:Directoryservices IntroducingOpenDS InstallingandadministratingOpenDS AdministratingandmanagingOpenDS EmbeddingOpenDS ReplicatingDirectoryInformationTree(DIT) Summary Chapter7.OpenSSO,theSinglesignonSolution WhatisSSO
WhatisOpenSSO Authenticationchaining SecuringourapplicationsusingOpenSSO Summary Chapter8.SecuringJavaEEApplicationsusingOpenSSO UnderstandingPolicyAgents InstallingJ2EEAgent3.0forGlassFish Summary Chapter9.SecuringWebServicesbyOpenSSO JavaEEandWebServicessecurity UnderstandingWebServicessecurity DevelopingsecureWebServices DownloadingandinstallingWebServicessecurityagents SecuringtheEchoWebService Summary Index
Junos Security
By: Rob Cameron; Brad Woodberg; Patricio Giecco; Timothy Eberhard; James Quinn Publisher: O'Reilly Media, Inc. Pub. Date: August 25, 2010 Print ISBN-13: 978-1-4493-8171-4 Pages in Print Edition: 848
Copyright Foreword Preface Chapter1.IntroductiontotheSRX Section1.1.EvolvingintotheSRX Section1.2.TheSRXSeriesPlatform Section1.3.DeploymentSolutions Section1.4.SRXSeriesProductLines Section1.5.BranchSRXSeries Section1.6.DataCenterSRXSeries Section1.7.Summary Section1.8.ChapterReviewQuestions Section1.9.ChapterReviewAnswers Chapter2.WhatMakesJunosSoSpecial? Section2.1.OSBasics Section2.2.ComingfromOtherProducts Section2.3.Summary Section2.4.ChapterReviewQuestions Section2.5.ChapterReviewAnswers
Chapter3.HandsOnJunos Section3.1.Introduction Section3.2.DrivingtheCommandLine Section3.3.OperationalMode Section3.4.ConfigurationMode Section3.5.CommitModel Section3.6.RestartingProcesses Section3.7.JunosAutomation Section3.8.JunosConfigurationEssentials Section3.9.Summary Section3.10.ChapterReviewQuestions Section3.11.ChapterReviewAnswers Chapter4.SecurityPolicy Section4.1.SecurityPolicyOverview Section4.2.SRXPolicyProcessing Section4.3.ViewingSRXPolicyTables Section4.4.ViewingPolicyStatistics Section4.5.ViewingSessionFlows Section4.6.PolicyStructure Section4.7.PolicyLogging Section4.8.TroubleshootingSecurityPolicyandTrafficFlows Section4.9.ApplicationLayerGatewayServices Section4.10.PolicySchedulers Section4.11.WebandProxyAuthentication Section4.12.CaseStudy41
Section4.13.CaseStudy42 Section4.14.ConvertersandScripts Section4.15.Summary Section4.16.ChapterReviewQuestions Section4.17.ChapterReviewAnswers Chapter5.NetworkAddressTranslation Section5.1.HowtheSRXProcessesNAT Section5.2.SourceNAT Section5.3.DestinationNAT Section5.4.StaticNAT Section5.5.Summary Section5.6.ChapterReviewQuestions Section5.7.ChapterReviewAnswers Chapter6.IPsecVPN Section6.1.VPNArchitectureOverview Section6.2.IPsecVPNConceptsOverview Section6.3.Phase1IKENegotiations Section6.4.Phase2IKENegotiations Section6.5.FlowProcessingandIPsecVPNs Section6.6.SRXVPNTypes Section6.7.OtherSRXVPNComponents Section6.8.SelectingtheAppropriateVPNConfiguration Section6.9.IPsecVPNConfiguration Section6.10.VPNVerificationandTroubleshooting Section6.11.CaseStudies
Section6.12.Summary Section6.13.ChapterReviewQuestions Section6.14.ChapterReviewAnswers Chapter7.HighPerformanceAttackMitigation Section7.1.NetworkProtectionToolsOverview Section7.2.ProtectingAgainstNetworkReconnaissance Section7.3.ProtectingAgainstBasicIPAttacks Section7.4.BasicDenialofServiceScreens Section7.5.AdvancedDenialofServiceandDistributedDenialofServiceProtection Section7.6.ICMPFloods Section7.7.UDPFloods Section7.8.SYN/TCPFloods Section7.9.SYNCookies Section7.10.SessionLimitation Section7.11.AppDoS Section7.12.ApplicationProtection Section7.13.ProtectingtheSRX Section7.14.Summary Section7.15.ChapterReviewQuestions Section7.16.ChapterReviewAnswers Chapter8.IntrusionPrevention Section8.1.TheNeedforIPS Section8.2.ConfiguringIPSFeaturesontheSRX Section8.3.DeployingandTuningIPS Section8.4.TroubleshootingIPS
Section8.5.CaseStudy81 Section8.6.Summary Section8.7.ChapterReviewQuestions Section8.8.ChapterReviewAnswers Chapter9.UnifiedThreatManagement Section9.1.WhatIsUTM? Section9.2.UTMMonitoring Section9.3.CaseStudy91:SmallBranchOffice Section9.4.Summary Section9.5.ChapterReviewQuestions Section9.6.ChapterReviewAnswers Chapter10.HighAvailability Section10.1.UnderstandingHighAvailabilityintheSRX Section10.2.Configuration Section10.3.FaultMonitoring Section10.4.TroubleshootingtheCluster Section10.5.Summary Section10.6.ChapterReviewQuestions Section10.7.ChapterReviewAnswers Chapter11.Routing Section11.1.HowtheSRXRoutesIPPackets Section11.2.StaticRouting Section11.3.DynamicRouting Section11.4.RoutingPolicy Section11.5.InternetPeering
Section11.6.RoutingInstances Section11.7.FilterBasedForwarding Section11.8.Summary Section11.9.ChapterReviewQuestions Section11.10.ChapterReviewAnswers Chapter12.TransparentMode Section12.1.TransparentModeOverview Section12.2.ConfiguringTransparentMode Section12.3.TransparentModeCommandsandTroubleshooting Section12.4.CaseStudy121 Section12.5.Summary Section12.6.ChapterReviewQuestions Section12.7.ChapterReviewAnswers Chapter13.SRXManagement Section13.1.TheManagementInfrastructure Section13.2.JWeb Section13.3.NSMandJunosSpace Section13.4.NETCONF Section13.5.ScriptingandAutomation Section13.6.KeepingYourScriptsUptoDate Section13.7.CaseStudies Section13.8.Summary Section13.9.ChapterReviewQuestions Section13.10.ChapterReviewAnswers
Intended Audience Organization of This Book Acknowledgments About the Author About the Technical Editor
Part I: Introduction to Risk Management Chapter 1. The Security Evolution
Introduction Applying Risk Management to Information Security Business-Driven Security Program Security as an Investment Qualitative versus Quantitative Summary References
Chapter 3. The Risk Management Lifecycle
Introduction Stages of the Risk Management Lifecycle Business Impact Assessment A Vulnerability Assessment Is Not a Risk Assessment Making Risk Decisions Mitigation Planning and Long-Term Strategy Process Ownership Summary
Part II: Risk Assessment and AnalysisTechniques Chapter 4. Risk Profiling
Introduction
How Risk Sensitivity Is Measured Asking the Right Questions Assessing Risk Appetite Summary Reference
Chapter 5. Formulating a Risk
Introduction Breaking Down a Risk Who or What Is the Threat? Summary References
Chapter 6. Risk Exposure Factors
Introduction Risk Evaluation Risk Mitigation Planning Policy Exceptions and Risk Acceptance Summary
Chapter 9. Reports and Consulting
Introduction Risk Management Artifacts A Consultant's Perspective Writing Audit Responses Summary References
Chapter 10. Risk Assessment Techniques
Introduction
Building Blocks Threat Identification Advisories and Testing An Efficient Workflow The FAIR Approach Summary References
Chapter 12. Security Risk Reviews
Introduction Assessing the State of Compliance Implementing a Process Process Optimization: A Review of Key Points The NIST Approach Summary References
Chapter 13. A Blueprint for Security
Introduction Risk in the Development Lifecycle Security Architecture Patterns and Baselines Architectural Risk Analysis Summary Reference
Introduction Designing a Risk Program Prerequisites for a Risk Management Program Risk at the Enterprise Level Linking the Program Components Program Roadmap Summary Reference
Appendix A: Sample Security Risk Profile
A. General Information B. Information Sensitivity C Regulatory Requirements D. Business Requirements E. Definitions Appendix B: Qualitative Risk Scale Reference Tables
Appendix C: Architectural Risk Analysis Reference Tables
Baseline Security Levels and Sample Controls Security Enhancement Levels and Sample Controls Mapping Security Levels
Book Overview and Key Learning Points Book Audience Diagrams and Figures The Smart Grid
How This Book Is Organized
Chapter 2: About Industrial Networks Chapter 3: Introduction to Industrial Network Security Chapter 4: Industrial Network Protocols Chapter 5: How Industrial Networks Operate
Chapter 6: Vulnerability and Risk Assessment Chapter 7: Establishing Secure Enclaves Chapter 8: Exception, Anomaly, and Threat Detection Chapter 9: Monitoring Enclaves Chapter 10: Standards and Regulations Chapter 11: Common Pitfalls and Mistakes Conclusion
2 About Industrial Networks Industrial Networks and Critical Infrastructure
Homeland Security Presidential DirectiveSeven/HSPD-7 NIST Special Publications (800 Series) NERC CIP Nuclear Regulatory Commission Federal Information Security Management Act Chemical Facility Anti-Terrorism Standards ISA-99 ISO 27002
Common Industrial Security Recommendations
Networks, Routable and Non-routable Assets, Critical Assets, Cyber Assets, and Critical Cyber Assets Enclaves Electronic Security Perimeters Summary Endnotes
3 Introduction to Industrial Network Security
The Advanced Persistent Threat Cyber War Emerging Trends in APT and Cyber War Still to Come Defending Against APT
What It Does How It Works Variants Where It Is Used Security Concerns Security Recommendations
ICCP/TASE.2
What It Does How It Works Where It Is Used Security Concerns Security Improvements over Modbus Security Recommendations
DNP3
What It Does How It Works OPC-UA and OPC-XI Where It Is Used Security Concerns Security Recommendations
Other Industrial Network Protocols
IEDs RTUs PLCs HMIs Supervisory Workstations Data Historians Business Information Consoles and Dashboards Other Assets
Network Architectures
Topologies Used
Control System Operations
Control Loops Control Processes Feedback Loops Business Information Management Control Process Management Smart Grid Operations Summary Endnotes
The Business Network The SCADA DMZ The Control System Common Vulnerabilities The Smart Grid
Determining Vulnerabilities
Why Vulnerability Assessment Is Important Vulnerability Assessment in Industrial Networks Vulnerability Scanning for Configuration Assurance Where to Perform VA Scans Cyber Security Evaluation Tool
Vulnerability Management
Patch Management Configuration Management Device Removal and Quarantine Summary Endnotes
Network Connectivity Control Loops Supervisory Controls Control Processes Control Data Storage Trading Communications Remote Access Users and Roles Protocols Criticality Using Functional Groups to Identify Enclaves
Establishing Enclaves
Identifying Enclave Perimeters Network Alterations Enclaves and Security Policy Development Enclaves and Security Device Configurations
Securing Enclave Perimeters
Selecting Perimeter Security Devices Implementing Perimeter Security Devices Intrusion Detection and Prevention (IDS/IPS) Configuration Guidelines
Exception Reporting
Behavioral Anomaly Detection
Log Collection Direct Monitoring Inferred Monitoring Information Collection and Management Tools (Log Management Systems, SIEMs) Monitoring Across Secure Boundaries
Information Management
NERC CIP CFATS ISO/IEC 27002:2005 NRC Regulation 5.71 NIST SP 800-82
Mapping Industrial Network Security to Compliance
Perimeter Security Controls Host Security Controls Security Monitoring Controls Mapping Compliance Controls to Network Security Functions
Common Criteria and FIPS Standards
Vulnerability Assessments vs. Zero-Days Real Security vs. Policy and Awareness The Air Gap Myth
Misconfigurations
Default Accounts and Passwords Lack of Outbound Security and Monitoring The Executive Override The Ronco Perimeter
Compliance vs. Security
Modbus Organization DNP3 Users Group OPC Foundation Common Industrial Protocol/ODVA
Appendix B
North American Reliability Corporation (NERC) The United States Nuclear Regulatory Commission (NRC) United States Department of Homeland Security (DHS)
International Standards Association (ISA) The International Standards Organization (ISO) and International Electrotechnical Commission (IEC) Appendix C
Security Fundamentals: The Five Pillars Building a Security Program Security Controls Managing Risk How, What, and Why You Audit
IT Security Laws Hacking, Cracking, and Fraud Laws Intellectual Property Laws CAN-SPAM Act of 2003 State and Local Laws Reporting a Crime Regulatory Compliance Laws Summary References in This Chapter Federal Hacking Laws State Laws
Chapter 3. Information Security Governance, Frameworks, and Standards
Understanding Information Security Governance Process: Security Governance Frameworks Technology: Standards Procedures and Guidelines Summary References in This Chapter Web Resources
Evaluating Security Controls Auditing Security Practices Testing Security Technology Security Testing Frameworks Security Auditing Tools Summary References in This Chapter
Chapter 5. Auditing Cisco Security Solutions
Auditors and Technology Security as a System Cisco Security Auditing Domains Defining the Audit Scope of a Domain Identifying Security Controls to Assess Mapping Security Controls to Cisco Solutions The Audit Checklist Summary
Chapter 6. Policy, Compliance, and Management
Do You Know Where Your Policy Is? Auditing Security Policies Standard Policies Policies for Regulatory and Industry Compliance
Cisco Policy Management and Monitoring Tools Checklist Summary References in This Chapter
Chapter 7. Infrastructure Security
Infrastructure Threats Policy Review Infrastructure Operational Review Infrastructure Architecture Review Technical Testing Checklist Summary References in This Chapter
Chapter 8. Perimeter Intrusion Prevention
Perimeter Threats and Risk Policy Review Perimeter Operations Review Perimeter Architecture Review Auditing Firewalls Auditing IPS Technical Control Testing Checklist
Fundamentals of Access Control Access Control Threats and Risks Access Control Policy Access Control Operational Review Access Control Architecture Review Technical Testing Checklist Summary References in This Chapter
Chapter 10. Secure Remote Access
Defining the Network Edge VPN Fundamentals Remote Access Threats and Risks Remote Access Policies Remote Access Operational Review Remote Access Architecture Review Technical Testing Checklist Summary
Endpoint Risks Endpoint Threats Policy Review Endpoint Protection Operational Control Review Endpoint Architecture Review Technical Testing Checklist Summary References in This Chapter
Chapter 12. Unified Communications
Unified Communications Risks VoIP Threats UC Policy and Standards Review UC Operational Control Review UC Architecture Review Technical Testing Monitoring and Incident Detection Checklist Summary References in This Chapter
Index
Endpoint Security
By: Mark S. Kadrich - CISSP Publisher: Addison-Wesley Professional Pub. Date: March 30, 2007 Print ISBN-10: 0-321-43695-4 Print ISBN-13: 978-0-321-43695-5 Pages in Print Edition: 384
Copyright PraiseforEndpointSecurity Foreword Preface AbouttheAuthor Chapter1.DefiningEndpoints Prcis SpecialPointsofInterest WindowsEndpoints NonWindowsEndpoints EmbeddedEndpoints MobilePhonesandPDAs Palm WindowsCEWindowsMobile SymbianOperatingSystem Blackberry DisappearingPerimeterHumbug!
KeyPoints Chapter2.WhySecurityFails Prcis SpecialPointsofInterest SettingtheStage VendorsDriveProcess Viruses,Worms,Trojans,andBots PredictablyPoorResults IsSomethingMissing? KeyPoints Chapter3.SomethingIsMissing Prcis SpecialPointsofInterest PresentAttemptsHaveFailed(PresentModeling) WeDontUnderstandWhy WeContinuetoUseOldThinking DefineNetworkasControlProblem IdentifyingControlNodes CompletingthePicture KeyPoints Chapter4.MissingLinkDiscovered Prcis SpecialPointsofInterest TwoDataPointsHintataSolution EndpointsLookLiketheLink
WhatNeedstoHappen NetworkAccessControl KeyPoints Chapter5.EndpointsandNetworkIntegration Prcis SpecialPointsofInterest ArchitectureIsKey Basics DoINeedaForklift? EndpointSupport VulnerabilitiesandRemediation ContractorsandVisitors KeyPoints Chapter6.TrustworthyBeginnings Prcis SpecialPointsofInterest StartwithaSecureBuild IncludeSomeTools Trust,butVerify KeyPoints Chapter7.ThreatVectors Prcis SpecialPointsofInterest ProtectingtheOperatingSystem KillerApplications
KeyPoints Chapter8.MicrosoftWindows Prcis SpecialPointsofInterest AWordAboutVista InitialHealthCheck HardeningtheOperatingSystem Applications EnterpriseSecurity Servers ClosingtheLoop ToolsandVendors KeyPoints Chapter9.AppleOSX Prcis SpecialPointsofInterest InitialHealthCheck HardeningtheOperatingSystem Applications Networking ToolsandVendors ClosingtheLoop KeyPoints Chapter10.Linux Prcis
SpecialPointsofInterest InitialHealthCheck HardeningtheOperatingSystem Applications Networking EnterpriseManagement ToolsandVendors ClosingtheLoop KeyPoints Chapter11.PDAsandSmartphones Prcis PointsofInterest OperatingSystems SecuringHandhelds Applications Networking ToolsandVendors ClosingtheLoop KeyPoints Chapter12.EmbeddedDevices Prcis SpecialPointsofInterest WhatIsanEmbeddedSystem? WhereAreEmbeddedSystems? WhyShouldIWorry?
EmbeddedThreats InitialHealthCheck Applications Networking ToolsandVendors EmbeddedSecurity ClosingtheLoop KeyPoints Chapter13.CaseStudiesofEndpointSecurityFailures Prcis CaseStudy1 CaseStudy2 CaseStudy3 CaseStudy4 KeyPoints
IPv6 Security
By: Scott CCIE No. 5133 Hogg; Eric Vyncke Publisher: Cisco Press Pub. Date: December 11, 2008 Print ISBN-10: 1-58705-594-5 Print ISBN-13: 978-1-58705-594-2 Web ISBN-10: 1-58705-838-3 Web ISBN-13: 978-1-58705-838-7 Pages in Print Edition: 576
Copyright AbouttheAuthors AbouttheTechnicalReviewers Acknowledgments IconsUsedinThisBook Introduction GoalsandMethods WhoShouldReadThisBook HowThisBookIsOrganized Chapter1.IntroductiontoIPv6Security ReintroductiontoIPv6 IPv6Update IPv6Vulnerabilities HackerExperience IPv6SecurityMitigationTechniques
Summary RecommendedReadingsandResources Chapter2.IPv6ProtocolSecurityVulnerabilities TheIPv6ProtocolHeader ExtensionHeaderThreats ReconnaissanceonIPv6Networks Layer3andLayer4Spoofing Summary References Chapter3.IPv6InternetSecurity LargeScaleInternetThreats Ingress/EgressFiltering SecuringBGPSessions IPv6overMPLSSecurity CustomerPremisesEquipment PrefixDelegationThreats MultihomingIssues Summary References Chapter4.IPv6PerimeterSecurity IPv6Firewalls CiscoIOSRouterACLs CiscoIOSFirewall CiscoPIX/ASA/FWSMFirewalls Summary
References Chapter5.LocalNetworkSecurity WhyLayer2IsImportant ICMPv6Layer2VulnerabilitiesforIPv6 ICMPv6ProtocolProtection NetworkDetectionofICMPv6Attacks NetworkMitigationAgainstICMPv6Attacks PrivacyExtensionAddressesfortheBetterandtheWorse DHCPv6ThreatsandMitigation PointtoPointLink EndpointSecurity Summary References Chapter6.HardeningIPv6NetworkDevices ThreatsAgainstNetworkDevices CiscoIOSVersions DisablingUnnecessaryNetworkServices LimitingRouterAccess IPv6DeviceManagement ThreatsAgainstInteriorRoutingProtocol FirstHopRedundancyProtocolSecurity ControllingResources QoSThreats Summary References
Chapter7.ServerandHostSecurity IPv6HostSecurity HostFirewalls SecuringHostswithCiscoSecurityAgent6.0 Summary References Chapter8.IPsecandSSLVirtualPrivateNetworks IPSecuritywithIPv6 HosttoHostIPsec SitetoSiteIPsecConfiguration RemoteAccesswithIPsec SSLVPNs Summary References Chapter9.SecurityforIPv6Mobility MobileIPv6Operation MIPv6Messages ThreatsLinkedtoMIPv6 UsingIPsecwithMIPv6 FilteringforMIPv6 OtherIPv6MobilityProtocols Summary References Chapter10.SecuringtheTransitionMechanisms UnderstandingIPv4toIPv6TransitionTechniques
ImplementingDualStackSecurity HackingtheTunnels AttackingNATPT IPv6LatentThreatsAgainstIPv4Networks Summary References Chapter11.SecurityMonitoring ManagingandMonitoringIPv6Networks ManagingIPv6Tunnels UsingForensics UsingIntrusionDetectionandPreventionSystems ManagingSecurityInformationwithCSMARS ManagingtheSecurityConfiguration Summary References Chapter12.IPv6SecurityConclusions ComparingIPv4andIPv6Security ChangingSecurityPerimeter CreatinganIPv6SecurityPolicy OntheHorizon ConsolidatedListofRecommendations Summary References
SOA Security
By: Ramarao Kanneganti; Prasad A Chodavarapu Publisher: Manning Publications Pub. Date: January 11, 2008 Print ISBN-10: 1-932394-68-0 Print ISBN-13: 978-1-932394-68-9 Pages in Print Edition: 500
Copyright Preface Acknowledgments AboutthisBook PartI:SOAbasics Chapter1.SOArequiresnewapproachestosecurity Section1.1.SOAlowerslongstandingbarriers Section1.2.Loweringofbarriersforcesustorethinksecurity Section1.3.Functionalaspectsofsecurity:WithandwithoutSOA Section1.4.Nonfunctionalaspectsofsecurity Section1.5.NewsecurityapproachesforSOA Section1.6.CurrentSOAsecurityimplementationchoices Section1.7.Summary Suggestionsforfurtherreading Chapter2.Gettingstartedwithwebservices Section2.1.Settinguptoolsandenvironment Section2.2.XMLbasics
Section2.3.SOAPbasics Section2.4.WSDLbasics Section2.5.WebservicesinactionwithApacheAxis Section2.6.Choicesinservicedesign Section2.7.Relatedtechnologies:UDDI Section2.8.Summary Suggestionsforfurtherreading Chapter3.ExtendingSOAPforsecurity Section3.1.FindingtherightapproachforsecurityinSOAP Section3.2.ExtendingSOAPwithheaders Section3.3.WSSecurity:Thestandardextensionforsecurity Section3.4.ProcessingSOAPextensionsusinghandlers Section3.5.ProcessingSOAPextensionsusingintermediaries Section3.6.SOAPExtensionsFAQ Section3.7.Summary Suggestionsforfurtherreading PartII:BuildingblocksofSOAsecurity Chapter4.Claimingandverifyingidentitywithpasswords Section4.1.Authenticationwithusernameandpassword Section4.2.Usingpassworddigestforauthentication Section4.3.Ispasswordauthenticationtherightsolutionforyou? Section4.4.Summary Suggestionsforfurtherreading Chapter5.SecureauthenticationwithKerberos Section5.1.AuthenticationrequirementsinSOA
Section5.2.IntroductiontoKerberos Section5.3.ImplementingKerberoswithJAASandGSSAPIs Section5.4.UsingKerberoswithWSSecurity Section5.5.Whatauthenticationschemetouse? Section5.6.Summary Suggestionsforfurtherreading Chapter6.Protectingconfidentialityofmessagesusingencryption Section6.1.Encryptioninaction:anexample Section6.2.Thebasicsofencryption Section6.3.Programmingwithdigitalcertificates Section6.4.EncryptingSOAPmessages Section6.5.Practicalissueswithencryption Section6.6.Summary Suggestionsforfurtherreading Chapter7.Usingdigitalsignatures Section7.1.ThebasicsofXMLsignatures Section7.2.SigningSOAPmessages Section7.3.Practicalissueswithsignatures Section7.4.Summary Suggestionsforfurtherreading PartIII:EnterpriseSOAsecurity Chapter8.Implementingsecurityasaservice Section8.1.Securityasaservice Section8.2.Analyzingpossibleusesofasecurityservice Section8.3.Conveyingthefindingsofasecurityservice:SAML
Section8.4.ExampleimplementationusingOpenSAML Section8.5.Standardsforsecurityserviceinterfaces Section8.6.Summary Suggestionsforfurtherreading Chapter9.Codifyingsecuritypolicies Section9.1.Introducingdeclarativesecurity Section9.2.InteroperabilitychallengesinSOAsecurity Section9.3.Webservicespolicyframework Section9.4.WSSecurityPolicy Section9.5.Summary Suggestionsforfurtherreading Chapter10.DesigningSOAsecurityforarealworldenterprise Section10.1.MeetingthedemandsofenterpriseITenvironments Section10.2.Securingdiverseservices Section10.3.Choosingadeploymentarchitecture Section10.4.Makingthesolutionindustrialstrength Section10.5.Vulnerabilitymanagement Section10.6.Summary Suggestionsforfurtherreading AppendixA.LimitationsofApacheAxis SectionA.1.BuggyimplementationofW3CDOMAPIinAxis1.x A.2Axis2doesnotsupportJAXRPChandlers AppendixB.WSSecureConversation Suggestionsforfurtherreading AppendixC.AttachingandsecuringbinarydatainSOAP
C.1SOAPwithAttachments(SwA) SectionC.2.SOAPMTOM Suggestionsforfurtherreading AppendixD.SecuringSAMLassertions D.1Detectingforgeryandtampering D.2Defendingagainstreplayattacks D.3Protectingconfidentialityandprivacy AppendixE.ApplicationOrientedNetworking(AON) Suggestionsforfurtherreading Index
Chapter2.ChangingHowPeopleandBusinessesCommunicate EvolutionofVoiceCommunications VoIPandSIPRisks,Threats,andVulnerabilities ConvertingtoaTCP/IPWorld MultimodalCommunications EvolutionfromBrickandMortartoeCommerce WhyBusinessesTodayNeedanInternetMarketingStrategy TheWebEffectonPeople,Businesses,andOtherOrganizations CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER2ASSESSMENT Chapter3.MaliciousAttacks,Threats,andVulnerabilities MaliciousActivityontheRise WhatAreYouTryingtoProtect? WhomAreYouTryingtoCatch? AttackTools WhatIsaSecurityBreach? WhatAreVulnerabilitiesandThreats? WhatIsaMaliciousAttack? WhatIsMaliciousSoftware? WhatAreCountermeasures? CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER3ASSESSMENT Chapter4.TheDriversoftheInformationSecurityBusiness
DefiningRiskManagement ImplementingaBIA,aBCP,andaDRP AssessingRisks,Threats,andVulnerabilities ClosingtheInformationSecurityGap AdheringtoComplianceLaws KeepingPrivateDataConfidential CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER4ASSESSMENT PartTWO:TheSystemsSecurityCertifiesPractitioner(SSCP)ProfessionalCertificationfrom(ISC)2 Chapter5.AccessControls TheFourPartsofAccessControl TheTwoTypesofAccessControl DefininganAuthorizationPolicy IdentificationMethodsandGuidelines AuthenticationProcessesandRequirements AccountabilityPoliciesandProcedures FormalModelsofAccessControl ThreatstoAccessControls EffectsofAccessControlViolations CentralizedandDecentralizedAccessControl CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER5ASSESSMENT Chapter6.SecurityOperationsandAdministration
SecurityAdministration Compliance ProfessionalEthics TheInfrastructureforanITSecurityPolicy DataClassificationStandards ConfigurationManagement TheChangeManagementProcess TheSystemLifeCycle(SLC)andSystemDevelopmentLifeCycle(SDLC) SoftwareDevelopmentandSecurity CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER6ASSESSMENT Chapter7.Auditing,Testing,andMonitoring SecurityAuditingandAnalysis DefiningYourAuditPlan AuditingBenchmarks AuditDataCollectionMethods PostAuditActivities SecurityMonitoring TypesofLogInformationtoCapture HowtoVerifySecurityControls MonitoringandTestingSecuritySystems CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER7ASSESSMENT
Chapter8.Risk,Response,andRecovery RiskManagementandInformationSecurity TheProcessofRiskManagement RiskAnalysis TwoApproaches:QuantitativeandQualitative DevelopingaStrategyforDealingwithRisk EvaluatingCountermeasures ControlsandTheirPlaceintheSecurityLifeCycle PlanningtoSurvive BackingUpDataandApplications StepstoTakeinHandlinganIncident RecoveryfromaDisaster PrimaryStepstoDisasterRecovery CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER8ASSESSMENT Chapter9.Cryptography WhatIsCryptography? BusinessandSecurityRequirementsforCryptography CryptographicApplicationsandUsesinInformationSystemSecurity CryptographicPrinciples,Concepts,andTerminology CryptographicApplications,Tools,andResources PrinciplesofCertificatesandKeyManagement CHAPTERSUMMARY KEYCONCEPTSANDTERMS
CHAPTER9ASSESSMENT Chapter10.NetworksandTelecommunications TheOpenSystemsInterconnectionReferenceModel TheTwoTypesofNetworks TCP/IPandHowItWorks NetworkSecurityRisks BasicNetworkSecurityDefenseTools WirelessNetworks CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER10ASSESSMENT Chapter11.MaliciousCodeandActivity Characteristics,Architecture,andOperationsofMaliciousSoftware TheMainTypesofMalware ABriefHistoryofMaliciousCodeThreats ThreatstoBusinessOrganizations AnatomyofanAttack AttackPreventionToolsandTechniques IncidentDetectionToolsandTechniques CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER11ASSESSMENT PartTHREE:InformationSecurityStandards,Education,Certifications,andLaws Chapter12.InformationSecurityStandards StandardsOrganizations
ISO17799 ISO/IEC27002 PCIDSS CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER12ASSESSMENT Chapter13.InformationSecurityEducationandTraining SelfStudy AdultContinuingEducationPrograms PostSecondaryDegreePrograms InformationSecurityTrainingPrograms CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER13ASSESSMENT Chapter14.InformationSecurityProfessionalCertifications VendorNeutralProfessionalCertifications VendorSpecificProfessionalCertifications DoD/Military8570.01 CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER14ASSESSMENT Chapter15.U.S.ComplianceLaws ComplianceandtheLaw TheFederalInformationSecurityManagementAct TheHealthInsurancePortabilityandAccountabilityAct
TheBadGuysAreVerySophisticated ManagementSeesSecurityasaDrainontheBottomLine 2.TenStepstoBuildingaSecureOrganization A.EvaluatetheRisksandThreats B.BewareofCommonMisconceptions C.ProvideSecurityTrainingforITStaffNowandForever D.Think"OutsidetheBox" E.TrainEmployees:DevelopaCultureofSecurity F.IdentifyandUtilizeBuiltInSecurityFeaturesoftheOperatingSystemandApplications G.MonitorSystems H.HireaThirdPartytoAuditSecurity I.Don'tForgettheBasics J.Patch,Patch,Patch References Chapter2:ACryptographyPrimer 1.WhatIsCryptography?WhatIsEncryption? HowIsCryptographyDone? 2.FamousCryptographicDevices TheLorenzCipher Enigma 3.Ciphers TheSubstitutionCipher TheShiftCipher ThePolyalphabeticCipher TheKasiski/KerckhoffMethod
4.ModernCryptography TheVernamCipher(StreamCipher) TheOneTimePad CrackingCiphers SomeStatisticalTestsforCryptographicApplicationsbyAdrianFleissig TheXORCipherandLogicalOperands BlockCiphers 5.TheComputerAge DataEncryptionStandard TheoryofOperation Implementation Rivest,Shamir,andAdleman(RSA) AdvancedEncryptionStandard(AESorRijndael) References Chapter3:PreventingSystemIntrusions 1.So,WhatIsanIntrusion? 2.SoberingNumbers 3.KnowYourEnemy:HackersversusCrackers 4.Motives 5.ToolsoftheTrade 6.Bots 7.SymptomsofIntrusions 8.WhatCanYouDo? KnowToday'sNetworkNeeds NetworkSecurityBestPractices
9.SecurityPolicies 10.RiskAnalysis VulnerabilityTesting Audits Recovery 11.ToolsofYourTrade Firewalls IntrusionPreventionSystems ApplicationFirewalls AccessControlSystems UnifiedThreatManagement 12.ControllingUserAccess Authentication,Authorization,andAccounting WhattheUserKnows WhattheUserHas TheUserIsAuthenticated,ButIsSheAuthorized? Accounting KeepingCurrent 13.Conclusion References Chapter4:GuardingAgainstNetworkIntrusions 1.TraditionalReconnaissanceandAttacks 2.MaliciousSoftware 3.DefenseinDepth 4.PreventiveMeasures
AccessControl VulnerabilityTestingandPatching ClosingPorts Firewalls AntivirusandAntispywareTools SpamFiltering Honeypots NetworkAccessControl 5.IntrusionMonitoringandDetection HostBasedMonitoring TrafficMonitoring SignatureBasedDetection BehaviorAnomalies IntrusionPreventionSystems 6.ReactiveMeasures Quarantine Traceback 7.Conclusions References Chapter5:UnixandLinuxSecurity 1.UnixandSecurity TheAimsofSystemSecurity AchievingUnixSecurity 2.BasicUnixSecurity TraditionalUnixSystems
StandardFileandDeviceAccessSemantics 4.ProtectingUserAccountsandStrengtheningAuthentication EstablishingSecureAccountUse TheUnixLoginProcess ControllingAccountAccess NoninteractiveAccess OtherNetworkAuthenticationMechanisms RisksofTrustedHostsandNetworks ReplacingTelnet,rlogin,andFTPServersandClientswithSSH 5.ReducingExposuretoThreatsbyLimitingSuperuserPrivileges ControllingRootAccess 6.SafeguardingVitalDatabySecuringLocalandNetworkFileSystems DirectoryStructureandPartitioningforSecurity References Chapter6:EliminatingtheSecurityWeaknessofLinuxandUNIXOperatingSystems 1.IntroductiontoLinuxandUnix WhatIsUnix? WhatIsLinux? SystemArchitecture 2.HardeningLinuxandUnix NetworkHardening HostHardening SystemsManagementSecurity 3.ProactiveDefenseforLinuxandUnix VulnerabilityAssessment
IncidentResponsePreparation OrganizationalConsiderations References Chapter7:InternetSecurity 1.InternetProtocolArchitecture CommunicationsArchitectureBasics GettingMoreSpecific 2.AnInternetThreatModel TheDolevYaoAdversaryModel LayerThreats 3.DefendingAgainstAttacksontheInternet LayerSessionDefenses SessionStartupDefenses 4.Conclusion Chapter8:TheBotnetProblem 1.Introduction 2.BotnetOverview OriginsofBotnets BotnetTopologiesandProtocols 3.TypicalBotLifeCycle 4.TheBotnetBusinessModel 5.BotnetDefense DetectingandRemovingIndividualBots DetectingC&CTraffic DetectingandNeutralizingtheC&CServers
AttackingEncryptedC&CChannels LocatingandIdentifyingtheBotmaster 6.BotmasterTraceback TracebackChallenges TracebackBeyondtheInternet 7.Summary References Chapter9:IntranetSecurity 1.PluggingtheGaps:NetworkAccessControlandAccessControl 2.MeasuringRisk:Audits 3.GuardianattheGate:AuthenticationandEncryption 4.WirelessNetworkSecurity 5.ShieldingtheWire:NetworkProtection 6.WeakestLinkinSecurity:UserTraining 7.DocumentingtheNetwork:ChangeManagement 8.RehearsetheInevitable:DisasterRecovery 9.ControllingHazards:PhysicalandEnvironmentalProtection 10.KnowYourUsers:PersonnelSecurity 11.ProtectingDataFlow:InformationandSystemIntegrity 12.SecurityAssessments 13.RiskAssessments 14.Conclusion References Chapter10:LocalAreaNetworkSecurity 1.IdentifyNetworkThreats
Disruptive UnauthorizedAccess 2.EstablishNetworkAccessControls 3.RiskAssessment 4.ListingNetworkResources 5.Threats 6.SecurityPolicies 7.TheIncidentHandlingProcess 8.SecureDesignthroughNetworkAccessControls 9.IntrusionDetectionSystemDefined 10.NetworkBasedIDS:ScopeandLimitations 11.APracticalIllustrationofNIDS UDPAttacks TCPSYN(HalfOpen)Scanning SomeNotSoRobustFeaturesofNIDS 12.Firewalls FirewallSecurityPolicy ConfigurationScriptforsfRouter 13.DynamicNATConfiguration 14.ThePerimeter 15.AccessListDetails 16.TypesofFirewalls 17.PacketFiltering:IPFilteringRouters 18.ApplicationLayerFirewalls:ProxyServers 19.StatefulInspectionFirewalls
20.NetworkBasedIDSComplementsFirewalls 21.MonitorandAnalyzeSystemActivities 22.SignatureAnalysis 23.StatisticalAnalysis 24.SignatureAlgorithms PatternMatching StatefulPatternMatching ProtocolDecodeBasedAnalysis HeuristicBasedAnalysis AnomalyBasedAnalysis Chapter11:WirelessNetworkSecurity 1.CellularNetworks CellularTelephoneNetworks 802.11WirelessLANs 2.WirelessAdHocNetworks WirelessSensorNetworks MeshNetworks 3.SecurityProtocols WiredEquivalentPrivacy WPAandWPA2 SPINS:SecurityProtocolsforSensorNetworks 4.SecureRouting SEAD Ariadne ARAN
SLSP 5.KeyEstablishment Bootstrapping KeyManagement References Chapter12:CellularNetworkSecurity 1.Introduction 2.OverviewofCellularNetworks OverallCellularNetworkArchitecture CoreNetworkOrganization CallDeliveryService 3.TheStateoftheArtofCellularNetworkSecurity SecurityintheRadioAccessNetwork SecurityinCoreNetwork SecurityImplicationsofInternetConnectivity SecurityImplicationsofPSTNConnectivity 4.CellularNetworkAttackTaxonomy AbstractModel AbstractModelFindings ThreeDimensionalAttackTaxonomy 5.CellularNetworkVulnerabilityAnalysis CellularNetworkVulnerabilityAssessmentToolkit AdvancedCellularNetworkVulnerabilityAssessmentToolkit CellularNetworkVulnerabilityAssessmentToolkitforEvaluation 6.Discussion
References Chapter13:RadioFrequencyIdentificationSecurity 1.RadioFrequencyIdentificationIntroduction RFIDSystemArchitecture RFIDStandards RFIDApplications 2.RFIDChallenges Counterfeiting Sniffing Tracking DenialofService OtherIssues ComparisonofAllChallenges 3.RFIDProtections BasicRFIDSystem RFIDSystemUsingSymmetricKeyCryptography RFIDSystemUsingPublicKeyCryptography
Ajax Security
By: Billy Hoffman; Bryan Sullivan Publisher: Addison-Wesley Professional Pub. Date: December 06, 2007 Print ISBN-10: 0-321-49193-9 Print ISBN-13: 978-0-321-49193-0 Pages in Print Edition: 504
Copyright Preface Preface(TheRealOne) Acknowledgments AbouttheAuthors Chapter1.IntroductiontoAjaxSecurity AnAjaxPrimer JavaScript TheAjaxArchitectureShift ASecurityPerspective:ThickClientApplications APerfectStormofVulnerabilities Conclusions Chapter2.TheHeist Eve HackingHighTechVacations.net ATheftintheNight
Chapter3.WebAttacks TheBasicAttackCategories ResourceEnumeration OtherAttacks ProtectingWebApplicationsfromResourceEnumerationandParameterManipulation Conclusions Chapter4.AjaxAttackSurface UnderstandingtheAttackSurface TraditionalWebApplicationAttackSurface TraditionalWebApplicationAttacks:AReportCard WebServiceAttackSurface AjaxApplicationAttackSurface ProperInputValidation RegularExpressions ValidatingRichUserInput TheMythofUserSuppliedContent Conclusion Chapter5.AjaxCodeComplexity MultipleLanguagesandArchitectures JavaScriptQuirks Asynchronicity BeCarefulWhoseAdviceYouTake Conclusions Chapter6.TransparencyinAjaxApplications BlackBoxesVersusWhiteBoxes
Example:MyLocalWeatherForecast.com TheWebApplicationasanAPI SpecificSecurityMistakes ImproperAuthorization SecuritythroughObscurity Conclusions Chapter7.HijackingAjaxApplications HijackingAjaxFrameworks HijackingOnDemandAjax HijackingJSONAPIs Conclusions Chapter8.AttackingClientSideStorage OverviewofClientSideStorageSystems HTTPCookies AdditionalCookieStorageSecurityNotes FlashLocalSharedObjects DOMStorage InternetExploreruserData GeneralClientSideStorageAttacksandDefenses CrossDirectoryAttacks Conclusions Chapter9.OfflineAjaxApplications OfflineAjaxApplications GoogleGears NativeSecurityFeaturesandShortcomingsofGoogleGears
LocalServerDataDisclosureandPoisoning DirectlyAccessingtheGoogleGearsDatabase SQLInjectionandGoogleGears Dojo.Offline ClientSideInputValidationBecomesRelevant OtherApproachestoOfflineApplications Conclusions Chapter10.RequestOriginIssues Robots,Spiders,Browsers,andOtherCreepyCrawlers Hello!MyNameIsFirefox.IEnjoyChunkedEncoding,PDFs,andLongWalksontheBeach. RequestOriginUncertaintyandJavaScript Yourself,orSomeoneLikeYou Defenses Conclusions Chapter11.WebMashupsandAggregators MachineConsumableDataontheInternet 2000s:TheMachineWebMatures Mashups:FrankensteinontheWeb ConstructingMashups Bridges,Proxies,andGatewaysOhMy! AttackingAjaxProxies InputValidationinMashups AggregateSites DegradedSecurityandTrust Conclusions
Chapter12.AttackingthePresentationLayer APinchofPresentationMakestheContentGoDown AttackingthePresentationLayer DataMiningCascadingStyleSheets LookandFeelHacks EmbeddedProgramLogic CascadingStyleSheetsVectors PreventingPresentationLayerAttacks Conclusion Chapter13.JavaScriptWorms OverviewofJavaScriptWorms JavaScriptWorms JavaScriptWormConstruction CaseStudy:SamyWorm ConclusionsAbouttheSamyWorm CaseStudy:YamannerWorm(JS/YamannerA) LessonsLearnedfromRealJavaScriptWorms Conclusions Chapter14.TestingAjaxApplications BlackMagic NotEveryoneUsesaWebBrowsertoBrowsetheWeb SecurityTestingToolsorWhyRealLifeIsNotLikeHollywood SiteCataloging AnalysisTool:ParosProxy AnalysisTool:LAPSE(LightweightAnalysisforProgramSecurityinEclipse)
AdditionalThoughtsonSecurityTesting Chapter15.AnalysisofAjaxFrameworks
Chapter3.Security'sRoleintheOrganization TheProtectiveServiceRole SpecialServices EducationalServices ManagementServices Summary ReviewQuestions Chapter4.TheSecurityDirector'sRole TheSecurityDirectorasaLeader AsaCompanyExecutive AsanExecutivewithHighVisibility AsanExecutivewithaBroadProfile AsanInnovator AsaCounselorandAdvisor(InHouseSecurityConsultant) AsaTrainer AsaContemporaryProfessional AsaGoalSetterandStrategicPlanner TheNewSecurityDirector Summary ReviewQuestions Chapter5.TheSecuritySupervisor'sRole TheSupervisorasanInspector TheSupervisorandtheIndividualEmployee SupervisoryAuthority TheSupervisorasthe"InBetween"Person
TheSupervisor'sSpanofControl OneBoss AutomaticShiftingintheLineofCommand FunctionalorStaffSupervision SupervisoryTraining Summary ReviewQuestions Chapter6.TheIndividualSecurityEmployee StandardsofConduct Summary ReviewQuestions PARTII.SecurityPersonnelManagement Chapter7.HiringSecurityPersonnel Hiring Summary ReviewQuestions Chapter8.JobDescriptions AccuracyandCompletenessinDescribingtheJob MatchingApplicanttotheJob Employee'sUnderstandingoftheJob MatchingTrainingtoJobDescription PerformanceEvaluationsBasedonJobDescriptions JobDescriptionsAreCurrent CompositionoftheJobDescription SampleJobDescription
Summary ReviewQuestions Chapter9.Training ShortcomingsofTypical"Training" TrainingDefined OntheJobTraining FormalorStructuredTraining POPFormula:Policy,Objective,Procedure TrainingasOngoingResponsibility TypesofSecurityTrainingPrograms MeetingOrganizationalNeeds SecurityManual Summary ReviewQuestions Chapter10.Discipline TheSupervisor'sRoleinDiscipline DisciplinaryProblemsArisingfromMisunderstoodAssignments BasicRulesoftheDisciplinaryProcess ProgressiveDiscipline SelfDiscipline Summary ReviewQuestions Chapter11.MotivationandMorale "TheoryX"and"TheoryY" OrganizationalBehavior
WorkMotivationTheory Demotivators Summary ReviewQuestions Chapter12.Promotions IdentifyingPromotionalCandidates SelectionoftheRightCandidate TheBoardInterview FollowingtheSelection Promotionfrom"within" VerticalPromotionoutsidetheDepartment AdvantagesofMultipleLayers "Temporary"Promotions "Retreating" Summary ReviewQuestions Chapter13.Communication TypesofCommunication AboutListening Summary ReviewQuestions Chapter14.Career(Proprietary)versusNoncareer(andContract)Personnel CareerPersonnel PartTimeNoncareerPersonnel ContractualNoncareerPersonnel
CombiningCareerandNoncareerPersonnel Summary ReviewQuestions PARTIII.OperationalManagement Chapter15.PlanningandBudgeting WhatIsaBudget? WhyDoWeHaveaBudget? WhenIsaBudgetPrepared? WhoParticipatesintheBudgetingProcess? HowIsaBudgetPrepared? JustifyingtheSecurityBudget Summary ReviewQuestions Chapter16.ProgramManagement TheSecurityInspectionProcess AssessmentofRisksandCountermeasures StatisticsinProgramManagement Summary ReviewQuestions Chapter17.Risk RiskDefined RiskProgramsandtheSecurityProfessional'sRole RiskProgramComponents Summary ReviewQuestions
Chapter18.TheSecuritySurvey WhatisaSecuritySurvey? ThePurposeofaSecuritySurvey DefiningSecuritySurveyGoals BuildingaSurveyProgram/ComponentsofaSecuritySurvey Summary ReviewQuestions Chapter19.OfficeAdministration DescriptionofFunctions OfficeSecurity TheOfficeEnvironment Summary ReviewQuestions Chapter20.WrittenPoliciesandProcedures HistoricalEvolution Policy Benefits Compliance CombiningPoliciesandProcedures FreeStandingPolicies ImportanceoftheWrittenPolicy Policies,Procedures,andtheSecurityManual FormatandMechanics PostOrders Summary
ReviewQuestions Chapter21.ComputersandEffectiveSecurityManagement Introduction PCHardware PCSoftware WordProcessing DatabaseManagement Spreadsheets DesktopPublishing EncryptionSoftware ComputerGraphics Telecommunications SpecializedManagementPrograms ArtificialIntelligence Multimedia RisksofUsingPCs Summary ReviewQuestions Chapter22.StatisticsasaSecurityManagementTool Introduction PlanningForFutureSecurityNeeds InternalStatisticalAnalysis ExternalStatisticalAnalysis Methodology InformationforRiskAnalysis
ReturnonInvestment Summary ReviewQuestions PARTIV.PublicRelations Chapter23.SellingSecuritywithintheOrganization HowtoSellSecurity Summary ReviewQuestions Chapter24.RelationshipwithLawEnforcement ServicesofthePublicSector ServicesofthePrivateSector Summary ReviewQuestions Chapter25.RelationshipwiththeIndustry EffectiveRelationshipCategories Summary ReviewQuestions Chapter26.CommunityRelations CommunityRelationsandtheSecurityProfessional Networking Summary ReviewQuestions PARTV.Mismanagement Chapter27.JackassManagementTraits 1TheManagerWhoSeekstoBe"Liked"RatherThanRespected
2TheManagerWhoIgnorestheOpinionsandAdviceofSubordinates 3TheManagerWhoFailstoDelegateProperly 4TheManagerWhoIgnorestheTrainingandDevelopmentalNeedsofSubordinates 5TheManagerWhoInsistsonDoingEverything"TheCompanyWay" 6TheManagerWhoFailstoGiveCreditWhenCreditIsDue 7TheManagerWhoTreatsSubordinatesasSubordinates 8TheManagerWhoIgnoresEmployees'Complaints 9TheManagerWhoDoesNotKeepPeopleInformed 10TheManagerWhoHoldsHisorHerAssistantBack 11TheManagerWhoViewstheDisciplinaryProcessasaPunitiveAction 12TheManagerWhoFailstoBackupHisorHerPeople 13TheManagerWhoseWordCannotBeTrusted 14TheManagerWhoAvoidsMakingDecisions 15TheManagerWho"PlaysFavorites" 16TheManagerWhoFailstoStayCurrentintheField 17TheManagerWhoEnjoys"Pouringon"MoreWorkthanaSubordinatecanHandle 18TheManagerWhoActsorOverreactsTooQuickly 19TheNewlyPromotedManagerWhoBelieveshisorherManureisOdorless 20TheManagerWhoIsMoody 21ManagersWhoFailtoPlanandPutPrioritiesontheirWork 22TheManagerWhoLacksEmotionandEmpathy 23TheManagerWhoHiresRelativesintotheOrganization 24TheManagerWhoViewsWomenasBeingLimitedtoPleasure,Breeding,andMenialFunctions 25TheManagerWhoFaithfullyPracticestheArtofPessimism 26TheManagerWhoStealsSubordinates'Ideas
27TheManagerWhoseStyleandAuthorityareBasedonAbsolutePower 28TheManagerWhoSeemsOblivioustoWhatIsHappening 29TheManagerWhoLovesto"Sack"Employees 30TheManagerWhoEmbarrassesSubordinatesinthePresenceofOthers 31TheManagerWhoFollows"DoubleStandards"intheOrganization 32TheManagerWhoIsaReligiousorRacialBigot Summary AppendixA.EmployeePerformanceEvaluation RATINGCODEDEFINITIONS PARTI 1.KNOWLEDGEOFJOB 2.QUALITYOFWORK 3.QUANTITYOFWORK 4.ADAPTABILITY 5.ATTITUDE 6.DEPENDABILITY 7.JUDGMENT 8.INITIATIVE 9.CUSTOMERSERVICE(AsApplicable) 10.MERCHANDISEKNOWLEDGE(AsApplicable) 11.SALESPERFORMANCE(AsApplicable) 12.APPEARANCE 13.ATTENDANCE PARTII SUMMARYRATING
PARTIII 1.DISPOSITION 2.RECOMMENDATIONSFORTRAININGOROTHERACTION 3.REMARKS PARTIV 1.REPORTOFINTERVIEW AppendixB.SecurityVulnerabilitySurvey I.GENERALFUNCTION II.BUILDING&PERIMETER III.VEHICULARMOVEMENT IV.LIGHTING V.LOCKINGCONTROLS VI.ALARMS VII.GUARDS/SECURITYCONTROLS VIII.EMPLOYEEANDVISITORCONTROLS IX.PRODUCTCONTROLS(ShippingandReceiving) X.MONEYCONTROLS XI.PROPRIETARYINFORMATION XII.OTHERVULNERABILITIES XIII.PERSONNELSECURITY AppendixC.SelectedSecurityRelatedOrganizations AppendixD.SuggestedSecurity/LossPreventionReferenceSources
Beautiful Security
By: Andy Oram; John Viega Publisher: O'Reilly Media, Inc. Pub. Date: April 28, 2009 Print ISBN-13: 978-0-596-52748-8 Pages in Print Edition: 304
Copyright Dedication Preface SectionP.1.WhySecurityIsBeautiful SectionP.2.AudienceforThisBook SectionP.3.Donation SectionP.4.OrganizationoftheMaterial SectionP.5.ConventionsUsedinThisBook SectionP.6.UsingCodeExamples SectionP.7.SafariBooksOnline SectionP.8.HowtoContactUs Chapter1.PsychologicalSecurityTraps Section1.1.LearnedHelplessnessandNavet Section1.2.ConfirmationTraps Section1.3.FunctionalFixation Section1.4.Summary Chapter2.WirelessNetworking:FertileGroundforSocialEngineering Section2.1.EasyMoney Section2.2.WirelessGoneWild
Section2.3.Still,WirelessIstheFuture Chapter3.BeautifulSecurityMetrics Section3.1.SecurityMetricsbyAnalogy:Health Section3.2.SecurityMetricsbyExample Section3.3.Summary Chapter4.TheUndergroundEconomyofSecurityBreaches Section4.1.TheMakeupandInfrastructureoftheCyberUnderground Section4.2.ThePayoff Section4.3.HowCanWeCombatThisGrowingUndergroundEconomy? Section4.4.Summary Chapter5.BeautifulTrade:RethinkingECommerceSecurity Section5.1.DeconstructingCommerce Section5.2.WeakAmeliorationAttempts Section5.3.ECommerceRedone:ANewSecurityModel Section5.4.TheNewModel Chapter6.SecuringOnlineAdvertising:RustlersandSheriffsintheNewWildWest Section6.1.AttacksonUsers Section6.2.AdvertisersAsVictims Section6.3.CreatingAccountabilityinOnlineAdvertising Chapter7.TheEvolutionofPGPsWebofTrust Section7.1.PGPandOpenPGP Section7.2.Trust,Validity,andAuthority Section7.3.PGPandCryptoHistory Section7.4.EnhancementstotheOriginalWebofTrustModel Section7.5.InterestingAreasforFurtherResearch
Section7.6.References Chapter8.OpenSourceHoneyclient:ProactiveDetectionofClientSideExploits Section8.1.EnterHoneyclients Section8.2.IntroducingtheWorldsFirstOpenSourceHoneyclient Section8.3.SecondGenerationHoneyclients Section8.4.HoneyclientOperationalResults Section8.5.AnalysisofExploits Section8.6.LimitationsoftheCurrentHoneyclientImplementation Section8.7.RelatedWork Section8.8.TheFutureofHoneyclients Chapter9.TomorrowsSecurityCogsandLevers Section9.1.CloudComputingandWebServices:TheSingleMachineIsHere Section9.2.ConnectingPeople,Process,andTechnology:ThePotentialforBusinessProcess Management Section9.3.SocialNetworking:WhenPeopleStartCommunicating,BigThingsChange Section9.4.InformationSecurityEconomics:SupercrunchingandtheNewRulesoftheGrid Section9.5.PlatformsoftheLongTailVariety:WhytheFutureWillBeDifferentforUsAll Section9.6.Conclusion Section9.7.Acknowledgments Chapter10.SecuritybyDesign Section10.1.MetricswithNoMeaning Section10.2.TimetoMarketorTimetoQuality? Section10.3.HowaDisciplinedSystemDevelopmentLifecycleCanHelp Section10.4.Conclusion:BeautifulSecurityIsanAttributeofBeautifulSystems Chapter11.ForcingFirmstoFocus:IsSecureSoftwareinYourFuture? Section11.1.ImplicitRequirementsCanStillBePowerful
Section11.2.HowOneFirmCametoDemandSecureSoftware Section11.3.EnforcingSecurityinOfftheShelfSoftware Section11.4.Analysis:HowtoMaketheWorldsSoftwareMoreSecure Chapter12.OhNo,HereCometheInfosecurityLawyers! Section12.1.Culture Section12.2.Balance Section12.3.Communication Section12.4.DoingtheRightThing Chapter13.BeautifulLogHandling Section13.1.LogsinSecurityLawsandStandards Section13.2.FocusonLogs Section13.3.WhenLogsAreInvaluable Section13.4.ChallengeswithLogs Section13.5.CaseStudy:BehindaTrashedServer Section13.6.FutureLogging Section13.7.Conclusions Chapter14.IncidentDetection:FindingtheOther68% Section14.1.ACommonStartingPoint Section14.2.ImprovingDetectionwithContext Section14.3.ImprovingPerspectivewithHostLogging Section14.4.Summary Chapter15.DoingRealWorkWithoutRealData Section15.1.HowDataTranslucencyWorks Section15.2.ARealLifeExample Section15.3.PersonalDataStoredAsaConvenience
Terminology SecurityData CommonProblems PacketCaptures TrafficFlows Firewalls IntrusionDetectionandPreventionSystems PassiveNetworkAnalysis OperatingSystems Applications Configurations Summary Chapter3.VisuallyRepresentingData GraphProperties SimpleCharts StackedCharts Histograms BoxPlots ScatterPlots ParallelCoordinates LinkGraphs Maps Treemaps ThreeDimensionalViews InteractionandAnimation
ChoosingtheRightGraph Challenges Summary Chapter4.FromDatatoGraphs InformationVisualizationProcess Step1:DefinetheProblem Step2:AssessAvailableData Step3:ProcessInformation Step4:VisualTransformation Step5:ViewTransformation Step6:InterpretandDecide ToolsforDataProcessing Summary Chapter5.VisualSecurityAnalysis Reporting HistoricalAnalysis RealTimeMonitoringandAnalysis Summary Chapter6.PerimeterThreat TrafficFlowMonitoringandAnalysis FirewallLogAnalysis IntrusionDetectionSystemSignatureTuning WirelessSniffing EmailDataAnalysis VulnerabilityDataVisualization
Summary Chapter7.Compliance Policies,Objectives,andControls RegulationsandIndustryMandates ITControlFrameworks LoggingRequirements Audit BusinessProcessMonitoring ComplianceMonitoring RiskManagement SeparationofDuties DatabaseMonitoring Summary Chapter8.InsiderThreat InsiderThreatVisualization WhatIsaMaliciousInsider? ThreeTypesofInsiderCrimes WhoAretheMaliciousInsiders? ADetectionFrameworkforMaliciousInsiders ImprovedInsiderDetectionProcess Challenges ProactiveMitigation SamplePrecursors Summary Chapter9.DataVisualizationTools
Security Monitoring
By: Chris Fry; Martin Nystrom Publisher: O'Reilly Media, Inc. Pub. Date: February 16, 2009 Print ISBN-13: 978-0-596-51816-5 Pages in Print Edition: 256
Copyright Preface SectionP.1.WhatThisBookIsNot SectionP.2.WhatThisBookIs SectionP.3.ConventionsUsedinThisBook SectionP.4.UsingCodeExamples SectionP.5.SafariBooksOnline SectionP.6.CommentsandQuestions SectionP.7.Acknowledgments Chapter1.GettingStarted Section1.1.ARapidlyChangingThreatLandscape Section1.2.WhyMonitor? Section1.3.ChallengestoMonitoring Section1.4.OutsourcingYourSecurityMonitoring Section1.5.MonitoringtoMinimizeRisk Section1.6.PolicyBasedMonitoring Section1.7.WhyShouldThisWorkforYou? Section1.8.OpenSourceVersusCommercialProducts Section1.9.IntroducingBlancoWireless
Chapter2.ImplementPoliciesforMonitoring Section2.1.BlacklistMonitoring Section2.2.AnomalyMonitoring Section2.3.PolicyMonitoring Section2.4.MonitoringAgainstDefinedPolicies Section2.5.TypesofPolicies Section2.6.PoliciesforBlancoWireless Section2.7.Conclusion Chapter3.KnowYourNetwork Section3.1.NetworkTaxonomy Section3.2.NetworkTelemetry Section3.3.TheBlancoWirelessNetwork Section3.4.Conclusion Chapter4.SelectTargetsforMonitoring Section4.1.MethodsforSelectingTargets Section4.2.PracticalConsiderationsforSelectingTargets Section4.3.RecommendedMonitoringTargets Section4.4.ChoosingComponentsWithinMonitoringTargets Section4.5.BlancoWireless:SelectingTargetsforMonitoring Section4.6.Conclusion Chapter5.ChooseEventSources Section5.1.EventSourcePurpose Section5.2.ChoosingEventSourcesforBlancoWireless Section5.3.Conclusion Chapter6.FeedandTune
Section6.1.NetworkIntrusionDetectionSystems Section6.2.NIDSDeploymentFramework Section6.3.SystemLogging Section6.4.NetFlow Section6.5.BlancosSecurityAlertSources Section6.6.Conclusion Chapter7.MaintainDependableEventSources Section7.1.MaintainDeviceConfigurations Section7.2.MonitortheMonitors Section7.3.MonitorDatabases Section7.4.AutomatedSystemMonitoring Section7.5.SystemMonitoringforBlancoWireless Section7.6.Conclusion Chapter8.Conclusion:KeepingItReal Section8.1.WhatCanGoWrong Section8.2.CaseStudies Section8.3.RealStoriesoftheCSIRT Section8.4.BareMinimumRequirements Section8.5.Conclusion AppendixA.DetailedOSUflowtoolsCollectorSetup SectionA.1.SetUptheServer SectionA.2.ConfiguringNetFlowExportfromtheRouter AppendixB.SLATemplate SectionB.1.ServiceLevelAgreement:InformationSecurityandNetworkEngineering AppendixC.CalculatingAvailability
ContentProviders AvoidingSQLInjection IntentReflection FilesandPreferences MassStorage BinderInterfaces AndroidSecurityTools Conclusion Chapter3.TheAppleiPhone History Development SecurityTesting ApplicationFormat PermissionsandUserControls LocalDataStorage:Files,Permissions,andEncryption Networking PushNotifications,Copy/Paste,andOtherIPC Conclusion Chapter4.WindowsMobileSecurity IntroductiontothePlatform KernelArchitecture DevelopmentandSecurityTesting PermissionsandUserControls LocalDataStorage Networking
Conclusion Chapter5.BlackBerrySecurity IntroductiontoPlatform DeviceandOSArchitecture DevelopmentandSecurityTesting PermissionsandUserControls LocalDataStorage Networking Conclusion Chapter6.JavaMobileEditionSecurity StandardsDevelopment Configurations,Profiles,andJSRs DevelopmentandSecurityTesting PermissionsandUserControls Conclusion Chapter7.SymbianOSSecurity IntroductiontothePlatform DevelopmentandSecurityTesting CodeSecurity ApplicationPackaging PermissionsandUserControls InterprocessCommunication PersistentDataStorage Conclusion Chapter8.WebOSSecurity
IntroductiontothePlatform DevelopmentandSecurityTesting CodeSecurity PermissionsandUserControls Conclusion PartII:MobileServices Chapter9.WAPandMobileHTMLSecurity WAPandMobileHTMLBasics AuthenticationonWAP/MobileHTMLSites Encryption ApplicationAttacksonMobileHTMLSites WAPandMobileBrowserWeaknesses Conclusion Chapter10.BluetoothSecurity OverviewoftheTechnology BluetoothTechnicalArchitecture BluetoothSecurityFeatures ThreatstoBluetoothDevicesandNetworks BluetoothVulnerabilities Recommendations Chapter11.SMSSecurity OverviewofShortMessageService OverviewofMultimediaMessagingService ProtocolAttacks ApplicationAttacks
Walkthroughs Conclusion Chapter12.MobileGeolocation GeolocationMethods GeolocationImplementation GeolocationImplementation RisksofGeolocationServices GeolocationBestPractices Chapter13.EnterpriseSecurityontheMobileOS DeviceSecurityOptions SecureLocalStorage SecurityPolicyEnforcement Encryption ApplicationSandboxing,Signing,andPermissions BufferOverflowProtection SecurityFeatureSummary Conclusion PartIII:Appendixes AppendixA.MobileMalware ATourofImportantPastMalware ThreatScenarios MitigatingMobileMalwareMayhem AppendixB.MobileSecurityPenetrationTestingTools MobilePlatformAttackToolsandUtilities BrowserExtensions
Spring Security 3
By: Peter Mularien Publisher: Packt Publishing Pub. Date: May 26,2010 Print ISBN-13: 978-1-847199-74-4 Pages in Print Edition: 396
Copyright Credits Foreword AbouttheAuthor AbouttheReviewers Preface Chapter1.AnatomyofanUnsafeApplication Securityaudit Aboutthesampleapplication Reviewingtheauditresults UsingSpringSecurity3toaddresssecurityconcerns Summary Chapter2.GettingStartedwithSpringSecurity Coresecurityconcepts Securingourapplicationinthreeeasysteps Securityiscomplicated:Thearchitectureofsecuredwebrequests Summary Chapter3.EnhancingtheUserExperience Customizingtheloginpage
Understandinglogoutfunctionality Rememberme Implementingpasswordchangemanagement Summary Chapter4.SecuringCredentialStorage DatabasebackedauthenticationwithSpringSecurity AdvancedconfigurationofJdbcDaoImpl Configuringsecurepasswords Movingremembermetothedatabase SecuringyoursitewithSSL Summary Chapter5.FineGrainedAccessControl Rethinkingapplicationfunctionalityandsecurity MethodsofFineGrainedauthorization Securingthebusinesstier Advancedmethodsecurity Summary Chapter6.AdvancedConfigurationandExtension Writingacustomsecurityfilter WritingacustomAuthenticationProvider Sessionmanagementandconcurrency Understandingandconfiguringexceptionhandling ConfiguringSpringSecurityinfrastructurebeansmanually AdvancedSpringSecuritybeanbasedconfiguration Authenticationeventhandling
BuildingacustomimplementationofanSpELexpressionhandler Summary Chapter7.AccessControlLists UsingAccessControlListsforbusinessobjectsecurity BasicconfigurationofSpringSecurityACLsupport AdvancedACLtopics ConsiderationsforatypicalACLdeployment Summary Chapter8.OpeninguptoOpenID ThepromisingworldofOpenID EnablingOpenIDauthenticationwithSpringSecurity TheOpenIDuserregistrationproblem AttributeExchange IsOpenIDsecure? Summary Chapter9.LDAPDirectoryServices UnderstandingLDAP ConfiguringbasicLDAPintegration UnderstandinghowSpringLDAPauthenticationworks AdvancedLDAPconfiguration IntegratingwithanexternalLDAPserver ExplicitLDAPbeanconfiguration Summary Chapter10.SingleSignOnwithCentralAuthenticationService IntroducingCentralAuthenticationService
ConfiguringbasicCASintegration AdvancedCASconfiguration Summary Chapter11.ClientCertificateAuthentication HowClientCertificateauthenticationworks SettingupaClientCertificateauthenticationinfrastructure ConfiguringClientCertificateauthenticationinSpringSecurity ConfiguringClientCertificateauthenticationusingSpringBeans ConsiderationswhenimplementingClientCertificateauthentication Summary Chapter12.SpringSecurityExtensions SpringSecurityExtensions AprimeronKerberosandSPNEGOauthentication KerberosauthenticationinSpringSecurity ConfiguringLDAPUserDetailsServicewithKerberos UsingformloginwithKerberos Summary Chapter13.MigrationtoSpringSecurity3 MigratingfromSpringSecurity2 EnhancementsinSpringSecurity3 ChangestoconfigurationinSpringSecurity3 Changestopackagesandclasses Summary AppendixA.AdditionalReferenceMaterial GettingstartedwithJBCPPetssamplecode
Section2.3.EXAMININGHOWASP.NETWORKS Section2.4.SUMMARY Chapter3.SafelyAcceptingUserInput Section3.1.DEFININGINPUT Section3.2.DEALINGWITHINPUTSAFELY Section3.3.VALIDATINGFORMINPUT Section3.4.ACHECKLISTFORHANDLINGINPUT Chapter4.UsingQueryStrings,FormFields,Events,andBrowserInformation Section4.1.USINGTHERIGHTINPUTTYPE Section4.2.QUERYSTRINGS Section4.3.FORMFIELDS Section4.4.REQUESTFORGERYANDHOWTOAVOIDIT Section4.5.PROTECTINGASP.NETEVENTS Section4.6.AVOIDINGMISTAKESWITHBROWSERINFORMATION Section4.7.ACHECKLISTFORQUERYSTRINGS,FORMS,EVENTS,ANDBROWSERINFORMATION Chapter5.ControllingInformation Section5.1.CONTROLLINGVIEWSTATE Section5.2.ERRORHANDLINGANDLOGGING Section5.3.LIMITINGSEARCHENGINES Section5.4.PROTECTINGPASSWORDSINCONFIGFILES Section5.5.ACHECKLISTFORQUERYSTRINGS,FORMS,EVENTS,ANDBROWSERINFORMATION Chapter6.KeepingSecretsSecretHashingandEncryption Section6.1.PROTECTINGINTEGRITYWITHHASHING Section6.2.ENCRYPTINGDATA Section6.3.ACHECKLISTFORENCRYPTION
PartII:SecuringCommonASP.NETTasks Chapter7.AddingUsernamesandPasswords Section7.1.AUTHENTICATIONANDAUTHORIZATION Section7.2.DISCOVERINGYOUROWNIDENTITY Section7.3.ADDINGAUTHENTICATIONINASP.NET Section7.4.AUTHORIZATIONINASP.NET Section7.5.ACHECKLISTFORAUTHENTICATIONANDAUTHORIZATION Chapter8.SecurelyAccessingDatabases Section8.1.WRITINGBADCODE:DEMONSTRATINGSQLINJECTION Section8.2.FIXINGTHEVULNERABILITY Section8.3.MORESECURITYFORSQLSERVER Section8.4.ACHECKLISTFORSECURELYACCESSINGDATABASES Chapter9.UsingtheFileSystem Section9.1.ACCESSINGEXISTINGFILESSAFELY Section9.2.CREATINGFILESSAFELY Section9.3.HANDLINGUSERUPLOADS Section9.4.ACHECKLISTFORSECURELYACCESSINGFILES Chapter10.SecuringXML Section10.1.VALIDATINGXML Section10.2.QUERYINGXML Section10.3.SECURINGXMLDOCUMENTS Section10.4.ACHECKLISTFORXML PartIII:AdvancedASP.NETScenarios Chapter11.SharingDatawithWindowsCommunicationFoundation Section11.1.CREATINGANDCONSUMINGWCFSERVICES
Section11.2.SECURITYANDPRIVACYWITHWCF Section11.3.ADDINGSECURITYTOANINTERNETSERVICE Section11.4.SIGNINGMESSAGESWITHWCF Section11.5.LOGGINGANDAUDITINGINWCF Section11.6.VALIDATINGPARAMETERSUSINGINSPECTORS Section11.7.USINGMESSAGEINSPECTORS Section11.8.THROWINGERRORSINWCF Section11.9.ACHECKLISTFORSECURINGWCF Chapter12.SecuringRichInternetApplications Section12.1.RIAARCHITECTURE Section12.2.SECURITYINAJAXAPPLICATIONS Section12.3.SECURITYINSILVERLIGHTAPPLICATIONS Section12.4.USINGASP.NETAUTHENTICATIONANDAUTHORIZATIONINAJAXANDSILVERLIGHT Section12.5.ACHECKLISTFORSECURINGAJAXANDSILVERLIGHT Chapter13.UnderstandingCodeAccessSecurity Section13.1.UNDERSTANDINGCODEACCESSSECURITY Section13.2.ACHECKLISTFORCODENOTUNDERFULLTRUST Chapter14.SecuringInternetInformationServer(IIS) Section14.1.INSTALLINGANDCONFIGURINGIIS7 Section14.2.FILTERINGREQUESTS Section14.3.USINGLOGPARSERTOMINEIISLOGFILES Section14.4.USINGCERTIFICATES Section14.5.ACHECKLISTFORSECURINGINTERNETINFORMATIONSERVER(IIS) Chapter15.ThirdPartyAuthentication Section15.1.ABRIEFHISTORYOFFEDERATEDIDENTITY
Section15.2.USINGTHEWINDOWSIDENTITYFOUNDATIONTOACCEPTSAMLANDINFORMATION CARDS Section15.3.USINGOPENIDWITHYOURWEBSITE Section15.4.USINGWINDOWSLIVEIDWITHYOURWEBSITE Section15.5.ASTRATEGYFORINTEGRATINGTHIRDPARTYAUTHENTICATIONWITHFORMS AUTHENTICATION Section15.6.SUMMARY Chapter16.SecureDevelopmentwiththeASP.NETMVCFramework Section16.1.MVCINPUTANDOUTPUT Section16.2.AUTHENTICATIONANDAUTHORIZATIONWITHASP.NETMVC Section16.3.ERRORHANDLINGWITHASP.NETMVC Section16.4.ACHECKLISTFORSECUREDEVELOPMENTWITHTHEASP.NETMVCFRAMEWORK
Summary 2TransparentDataEncryption Encryption101 EncryptingDataStoredintheDatabase TheTransparentDataEncryptionSolution TablespaceEncryption:NewwithOracle11g Oracle11gConfiguration Summary 3AppliedAuditingandAuditVault AnEraofGovernance AuditingforNonsecurityReasons TheAuditDataWarehouse WhattoAuditandWhentoAudit TheAuditWarehouseBecomestheAuditVault InstallationOptions Summary PARTIIOracleDatabaseVault 4DatabaseVaultIntroduction TheSecurityGap DatabaseVaultComponents InstallingOracleDatabaseVault Summary:DatabaseVaultIsDifferentiatingSecurity 5DatabaseVaultFundamentals Realms CommandRules
RuleSets Factors DBVSecureApplicationRoles Summary 6AppliedDatabaseVaultforCustomApplications NotionalDatabaseApplicationsEnvironment FromRequirementstoSecurityProfileDesign RequirementsTechnique:UseCasesandScenarios IdentifyCoarseGrainedSecurityProfile IdentifyFineGrainedSecurityProfile IdentifyDBVFactorsBasedonBusinessorSystemConditions IdentifyDBVRealmsandRealmObjectsBasedonObjects IdentifyAccounts,Roles,andDBVRealmAuthorizationsfromUseCaseActors EstablishDBVCommandRulesfromConditions EstablishDBVSecureApplicationRolesfromConditions Summary 7AppliedDatabaseVaultforExistingApplications AuditCapturePreparation CapturingAudits AnalyzingtheAuditTrail IntegratingDBVwithOracleDatabaseFeatures AdvancedMonitoringandAlertingwithaDBVDatabase Summary PARTIIIIdentityManagement 8ArchitectingIdentityManagement
UnderstandingtheProblemwithIdentityManagement ArchitectingIdentityManagement OracleIdentityManagementSolutions Summary 9OracleIdentityManager TheUserProvisioningChallenge OracleIdentityManagerOverview UserProvisioningProcesses UserProvisioningIntegrations ReconciliationIntegrations ComplianceSolutions OIMDeployment Summary 10OracleDirectoryServices IdentityManagementandtheLDAPDirectory OracleInternetDirectory DirectoryVirtualizationandOracleVirtualDirectory OVDApplied Summary PARTIVAppliedSecurityforOracleAPEXandOracleBusinessIntelligence 11WebcentricSecurityinAPEX IntroductiontotheAPEXEnvironment SecuringanAPEXInstance ProtectingtheAPEXDatabaseSchemas Summary
12SecureCodingPracticesinAPEX AuthenticationandAuthorization SQLInjection CrosssiteScripting LeveragingDatabaseSecurityFeatures Summary 13SecuringAccesstoOracleBI TheChallengeinSecuringBI WhatNeedsToBeSecured MechanicsofAccessingDatawithOracleBI AuthenticationandAuthorization SingleSignOn DeployinginaSecureEnvironment SecuringtheBICache PublicfacingApplications Summary 14SecuringOracleBIContentandData SecuringWebCatalogContent ConveyingIdentitytotheDatabase SecuringDataPresentedbyOracleBI OracleBIandDatabaseVault Auditing BIFeatureswithSecurityImplications Summary APPENDIXUsingtheOracleBIExamples
UsersandGroups DatabasePreparations DatabaseAuditing DatabaseScripts OracleBISetup CredentialStore BIPublisherSuperuser OtherBIPublisherConfigurationSteps SampleBIPublisherReport SchedulerConfiguration UsageTracking RecommendTesting OracleBITests BIPublisherTests OracleDeliversTests SampleWebCatalogDescription SHDashboard UtilitiesDashboard OtherDashboards SampleRPDDescriptions CommontoAllRPDs InternalAuthentication InternalAuthenticationwithActasProxyEnabled ColumnbasedSecurity TablebasedAuthentication
FinalThoughts CHAPTER2SecurityFundamentals InputValidation AttackSurfaceReduction ClassifyingandPrioritizingThreats PARTIIWebApplicationSecurityPrinciples CHAPTER3Authentication AccessControlOverview AuthenticationFundamentals TwoFactorandThreeFactorAuthentication WebApplicationAuthentication SecuringPasswordBasedAuthentication SecureAuthenticationBestPractices CHAPTER4Authorization AccessControlContinued SessionManagementFundamentals SecuringWebApplicationSessionManagement CHAPTER5BrowserSecurityPrinciples:TheSameOriginPolicy DefiningtheSameOriginPolicy ExceptionstotheSameOriginPolicy FinalThoughtsontheSameOriginPolicy CHAPTER6BrowserSecurityPrinciples:CrossSiteScriptingandCrossSiteRequestForgery CrossSiteScripting CrossSiteRequestForgery CHAPTER7DatabaseSecurityPrinciples
StructuredQueryLanguage(SQL)Injection SettingDatabasePermissions StoredProcedureSecurity InsecureDirectObjectReferences CHAPTER8FileSecurityPrinciples KeepingYourSourceCodeSecret SecurityThroughObscurity ForcefulBrowsing DirectoryTraversal PARTIIISecureDevelopmentandDeployment CHAPTER9SecureDevelopmentMethodologies BakingSecurityIn TheHolisticApproachtoApplicationSecurity IndustryStandardSecureDevelopmentMethodologiesandMaturityModels EPILOGUETheWizard,theGiant,andtheMagicFruitTrees:AHappyEnding Index
RFID Security
By: Anita Campbell; Anand Das; John Kleinschmidt; Frank Thornton Publisher: Syngress Pub. Date: April 2006 Pages in Print Edition: 264
Copyright RFIDSecurity Acknowledgments LeadAuthor Contributors TechnicalEditor PartI:Overview Chapter1.WhatIsRFID? Section1.1.Introduction Section1.2.WhatThisBookIsandIsNot Section1.3.RFIDRadioBasics Section1.4.WhyUseRFID? Section1.5.RFIDArchitecture Section1.6.DataCommunications Section1.7.PhysicalFormFactor(TagContainer) Section1.8.Summary Section1.9.LinkstoSites Chapter2.RFIDUses Section2.1.Introduction Section2.2.AppliedUse
Section2.3.StandardsintheMarketplace Section2.4.FailuresintheMarketplace Section2.5.RFIDfortheConsumer:CaseStudies Section2.6.Summary Section2.7.References PartII:AttackingRFID Chapter3.ThreatandTargetIdentification Section3.1.Introduction Section3.2.AttackObjectives Section3.3.BlendedAttacks Chapter4.RFIDAttacks:TagEncodingAttacks Section4.1.Introduction Section4.2.CaseStudy:JohnsHopkinsvs.SpeedPass Section4.3.TheSpeedPass Section4.4.Summary Chapter5.RFIDAttacks:TagApplicationAttacks Section5.1.MIM Section5.2.ChipClonesFraudandTheft Section5.3.Tracking:Passports/Clothing Section5.4.ChipCloning>Fraud Section5.5.Disruption Section5.6.Summary Chapter6.RFIDAttacks:SecuringCommunicationsUsingRFIDMiddleware Section6.1.RFIDMiddlewareIntroduction Section6.2.AttackingMiddlewarewiththeAirInterface
Section6.3.UnderstandingSecurityFundamentalsandPrinciplesofProtection Section6.4.AddressingCommonRisksandThreats Section6.5.SecuringRFIDDataUsingMiddleware Section6.6.UsingDESinRFIDMiddlewareforRobustEncryption Section6.7.UsingStatefulInspectionintheApplicationLayerGatewayForMonitoringRFIDData Streams Section6.8.ProvidingBulletproofSecurityUsingDiscovery,Resolution,andTrustServicesinAdaptLink Section6.9.Summary Chapter7.RFIDSecurity:AttackingtheBackend Section7.1.Introduction Section7.2.OverviewofBackendSystems Section7.3.DataAttacks Section7.4.VirusAttacks Section7.5.RFIDDataCollectionToolBackendCommunicationAttacks Section7.6.AttacksonONS Section7.7.Summary PartIII:DefendingRFID Chapter8.ManagementofRFIDSecurity Section8.1.Introduction Section8.2.RiskandVulnerabilityAssessment Section8.3.RiskManagement Section8.4.ThreatManagement Section8.5.Summary Chapter9.CaseStudy:UsingCommerceEvents'AdaptLinktoSecuretheDoDSupplyNetwork LeveragingtheDoDRFIDMandate Section9.1.BackgroundontheUseofRFIDintheDoDSupplyChain
Section2.6.SpecifyingCustomPorts Section2.7.SpecifyingTargetstoScan Section2.8.DifferentScanTypes Section2.9.TuningtheScanSpeed Section2.10.ApplicationFingerprinting Section2.11.OperatingSystemDetection Section2.12.SavingNmapOutput Section2.13.ResumingNmapScans Section2.14.AvoidingDetection Section2.15.Conclusion Chapter3.VulnerabilityScanning Section3.1.Nessus Section3.2.Nikto Section3.3.WebInspect Chapter4.LANReconnaissance Section4.1.MappingtheLAN Section4.2.UsingettercapandarpspoofonaSwitchedNetwork Section4.3.DealingwithStaticARPTables Section4.4.GettingInformationfromtheLAN Section4.5.ManipulatingPacketData Chapter5.WirelessReconnaissance Section5.1.GettheRightWardrivingGear Section5.2.802.11NetworkBasics Section5.3.802.11Frames Section5.4.HowWirelessDiscoveryToolsWork
Section5.5.Netstumbler Section5.6.KismetataGlance Section5.7.UsingKismet Section5.8.SortingtheKismetNetworkList Section5.9.UsingNetworkGroupswithKismet Section5.10.UsingKismettoFindNetworksbyProbeRequests Section5.11.KismetGPSSupportUsinggpsd Section5.12.LookingCloseratTrafficwithKismet Section5.13.CapturingPacketsandDecryptingTrafficwithKismet Section5.14.WiresharkataGlance Section5.15.UsingWireshark Section5.16.AirDefenseMobile Section5.17.AirMagnetAnalyzers Section5.18.OtherWardrivingTools Chapter6.CustomPacketGeneration Section6.1.WhyCreateCustomPackets? Section6.2.Scapy Section6.3.PacketCraftingExampleswithScapy Section6.4.PacketManglingwithNetfilter Section6.5.References Part3:Penetration Chapter7.Metasploit Section7.1.MetasploitInterfaces Section7.2.UpdatingMetasploit Section7.3.ChoosinganExploit
Section7.4.ChoosingaPayload Section7.5.SettingOptions Section7.6.RunninganExploit Section7.7.ManagingSessionsandJobs Section7.8.TheMeterpreter Section7.9.SecurityDeviceEvasion Section7.10.SampleEvasionOutput Section7.11.EvasionUsingNOPsandEncoders Section7.12.InConclusion Chapter8.WirelessPenetration Section8.1.WEPandWPAEncryption Section8.2.Aircrack Section8.3.InstallingAircrackng Section8.4.RunningAircrackng Section8.5.Airpwn Section8.6.BasicAirpwnUsage Section8.7.AirpwnConfigurationFiles Section8.8.UsingAirpwnonWEPEncryptedNetworks Section8.9.ScriptingwithAirpwn Section8.10.Karma Section8.11.Conclusion Chapter9.ExploitationFrameworkApplications Section9.1.TaskOverview Section9.2.CoreImpactOverview Section9.3.NetworkReconnaissancewithCoreImpact
Section9.4.CoreImpactExploitSearchEngine Section9.5.RunninganExploit Section9.6.RunningMacros Section9.7.BouncingOffanInstalledAgent Section9.8.EnablinganAgenttoSurviveaReboot Section9.9.MassScaleExploitation Section9.10.WritingModulesforCoreImpact Section9.11.TheCanvasExploitFramework Section9.12.PortingExploitsWithinCanvas Section9.13.UsingCanvasfromtheCommandLine Section9.14.DiggingDeeperwithCanvas Section9.15.AdvancedExploitationwithMOSDEF Section9.16.WritingExploitsforCanvas Section9.17.ExploitingAlternativeTools Chapter10.CustomExploitation Section10.1.UnderstandingVulnerabilities Section10.2.AnalyzingShellcode Section10.3.TestingShellcode Section10.4.CreatingShellcode Section10.5.DisguisingShellcode Section10.6.ExecutionFlowHijacking Section10.7.References Part4:Control Chapter11.Backdoors Section11.1.ChoosingaBackdoor
Section11.2.VNC Section11.3.CreatingandPackagingaVNCBackdoor Section11.4.ConnectingtoandRemovingtheVNCBackdoor Section11.5.BackOrifice2000 Section11.6.ConfiguringaBO2kServer Section11.7.ConfiguringaBO2kClient Section11.8.AddingNewServerstotheBO2kWorkspace Section11.9.UsingtheBO2kBackdoor Section11.10.BO2kPowertools Section11.11.EncryptionforBO2kCommunications Section11.12.ConcealingtheBO2kProtocol Section11.13.RemovingBO2k Section11.14.AFewUnixBackdoors Chapter12.Rootkits Section12.1.WindowsRootkit:HackerDefender Section12.2.LinuxRootkit:Adoreng Section12.3.DetectingRootkitsTechniques Section12.4.WindowsRootkitDetectors Section12.5.LinuxRootkitDetectors Section12.6.CleaninganInfectedSystem Section12.7.TheFutureofRootkits Part5:Defense Chapter13.ProactiveDefense:Firewalls Section13.1.FirewallBasics Section13.2.NetworkAddressTranslation
Section13.3.SecuringBSDSystemswithipfw/natd Section13.4.SecuringGNU/LinuxSystemswithnetfilter/iptables Section13.5.SecuringWindowsSystemswithWindowsFirewall/InternetConnectionSharing Section13.6.VerifyingYourCoverage Chapter14.HostHardening Section14.1.ControllingServices Section14.2.TurningOffWhatYouDoNotNeed Section14.3.LimitingAccess Section14.4.LimitingDamage Section14.5.BastilleLinux Section14.6.SELinux Section14.7.PasswordCracking Section14.8.Chrooting Section14.9.SandboxingwithOSVirtualization Chapter15.SecuringCommunications Section15.1.TheSSH2Protocol Section15.2.SSHConfiguration Section15.3.SSHAuthentication Section15.4.SSHShortcomings Section15.5.SSHTroubleshooting Section15.6.RemoteFileAccesswithSSH Section15.7.SSHAdvancedUse Section15.8.UsingSSHUnderWindows Section15.9.FileandEmailSigningandEncryption Section15.10.GPG
Section15.11.CreateYourGPGKeys Section15.12.EncryptionandSignaturewithGPG Section15.13.PGPVersusGPGCompatibility Section15.14.EncryptionandSignaturewithS/MIME Section15.15.Stunnel Section15.16.DiskEncryption Section15.17.WindowsFilesystemEncryptionwithPGPDisk Section15.18.LinuxFilesystemEncryptionwithLUKS Section15.19.Conclusion Chapter16.EmailSecurityandAntiSpam Section16.1.NortonAntivirus Section16.2.TheClamAVProject Section16.3.ClamWin Section16.4.Freshclam Section16.5.Clamscan Section16.6.clamdandclamdscan Section16.7.ClamAVVirusSignatures Section16.8.Procmail Section16.9.BasicProcmailRules Section16.10.AdvancedProcmailRules Section16.11.ClamAVwithProcmail Section16.12.UnsolicitedEmail Section16.13.SpamFilteringwithBayesianFilters Section16.14.SpamAssassin Section16.15.SpamAssassinRules
Section16.16.PluginsforSpamAssassin Section16.17.SpamAssassinwithProcmail Section16.18.AntiPhishingTools Section16.19.Conclusion Chapter17.DeviceSecurityTesting Section17.1.ReplayTrafficwithTcpreplay Section17.2.TrafficIQPro Section17.3.ISICSuite Section17.4.Protos Part6:Monitoring Chapter18.NetworkCapture Section18.1.tcpdump Section18.2.Ethereal/Wireshark Section18.3.pcapUtilities:tcpflowandNetdude Section18.4.Python/ScapyScriptFixesChecksums Section18.5.Conclusion Chapter19.NetworkMonitoring Section19.1.Snort Section19.2.ImplementingSnort Section19.3.HoneypotMonitoring Section19.4.GluingtheStuffTogether Chapter20.HostMonitoring Section20.1.UsingFileIntegrityCheckers Section20.2.FileIntegrityHashing Section20.3.TheDoItYourselfWaywithrpmverify
Section20.4.ComparingFileIntegrityCheckers Section20.5.PreppingtheEnvironmentforSamhainandTripwire Section20.6.DatabaseInitializationwithSamhainandTripwire Section20.7.SecuringtheBaselineStoragewithSamhainandTripwire Section20.8.RunningFilesystemCheckswithSamhainandTripwire Section20.9.ManagingFileChangesandUpdatingStorageDatabasewithSamhainandTripwire Section20.10.RecognizingMaliciousActivitywithSamhainandTripwire Section20.11.LogMonitoringwithLogwatch Section20.12.ImprovingLogwatch'sFilters Section20.13.HostMonitoringinLargeEnvironmentswithPreludeIDS Section20.14.Conclusion Part7:Discovery Chapter21.Forensics Section21.1.Netstat Section21.2.TheForensicToolKit Section21.3.Sysinternals Chapter22.ApplicationFuzzing Section22.1.WhichFuzzertoUse Section22.2.DifferentTypesofFuzzersforDifferentTasks Section22.3.WritingaFuzzerwithSpike Section22.4.TheSpikeAPI Section22.5.FileFuzzingApps Section22.6.FuzzingWebApplications Section22.7.ConfiguringWebProxy Section22.8.AutomaticFuzzingwithWebInspect
IntroductiontoACS CiscoSecureAccessControlServerRelease4.2CharacteristicsandFeatures CiscoSecureAccessControlSystemRelease5.1CharacteristicsandFeatures InstallingCiscoSecureAccessControlServer4.2 InitialSetupofCiscoSecureAccessControlSystem5.1 LicensingModelofCiscoSecureAccessControlSystem5.1 CommonProblemsAfterInstallation Summary Chapter3.GettingFamiliarwithACS4.2 TheSevenServicesofACS TheGrandTouroftheACSInterface Summary Chapter4.GettingFamiliarwithACS5.1 MyWorkspace NetworkResources UsersandIdentityStores PolicyElements AccessPolicies MonitoringandReports ACS5.1CommandLineInterface(CLI) Summary Chapter5.ConfiguringExternalDatabases(IdentityStores)withACS ExternalDatabases/IdentityStores ConfiguringActiveDirectory ConfiguringLDAP
ConfiguringRSASecureID GroupMapping Summary Chapter6.AdministrativeAAAonIOS LocalDatabase UsingAAA LabScenario#2:Authentication,Authorization,andAccountingofAdministrativeSessionsUsing TACACS+ LabScenario#3:AuthenticationandAuthorizationofHTTPSessions Summary Chapter7.AdministrativeAAAonASA/PIX LocalDatabase PrivilegeLevels LabScenario#4:LocalAuthenticationandPrivilegeLevelsonASA UsingAAA LabScenario#5:Authentication,AuthorizationandAccountingofAdministrativeSessionsonASAusing TACACS+ Summary Chapter8.IOSSwitches IntroductiontoIEEE802.1X,EAP,andEAPOL EAPTypes IEEE802.1XConfigurationonaCiscoSwitch IEEE802.1XHostModes IEEE802.1XAuthenticationFeatures IEEE802.1XTimers ConfiguringAccounting
CertificateInstallationonACS ConfiguringEAPMD5onACS ConfiguringPEAPonACS ConfiguringEAPTLSonACS DynamicVLANAssignment:ACSConfiguration LabScenario#7:ConfiguringSwitch,ACS,andWindowsXPforIEEE802.1XAuthenticationUsingEAP MD5 LabScenario#8:ConfiguringSwitch,ACS,andWindowsXPforIEEE802.1XAuthenticationUsingPEAP LabScenario#9:ConfiguringSwitch,ACS,andWindowsXPforIEEE802.1XAuthenticationUsingEAPTLS UsefulshowCommands TroubleshootingIEEE802.1X Summary Chapter9.AccessPoints ConfiguringWirelessNASforIEEE802.1XAuthenticationonanAP ConfiguringWirelessNASforIEEE802.1XAuthenticationonaWLC ConfiguringACS4.2forLEAP ConfiguringACS5.1forLEAP ConfiguringACS4.2forEAPFAST ConfiguringACS5.1forEAPFAST LabScenario#10:ConfigureWLC,ACSandCiscoSecureServicesClientforIEEE802.1XAuthentication UsingLEAP LabScenario#11:ConfigureWLC,ACS,andCiscoSecureServicesClientforIEEE802.1XAuthentication UsingEAPFAST TroubleshootingIEEE802.1X Summary Chapter10.CutThroughProxyAAAonPIX/ASA CutThroughProxyAuthentication
VirtualTelnet,VirtualHTTP,andHTTPRedirection ConfiguringACSforCutThroughProxyAuthentication VerifyingandTroubleshootingCutThroughProxyAuthentication LabScenario#12:AuthenticatingCutThroughTrafficonASA CutThroughProxyAuthorization CutThroughProxyAccounting LabScenario#13:CutThroughProxyAuthentication,Authorization,andAccounting Summary Chapter11.Router PrerequisitesforAuthenticationProxy AuthenticatingHTTPSessions AuthenticatingFTPSessions AuthenticatingTelnetSessions ConfiguringACSforAuthenticationProxy ViewingandMaintainingAuthenticationProxyCache VerifyingandTroubleshootingAuthenticationProxy AuthenticationProxyAuthorization AuthenticationProxyAccounting LabScenario#14:AuthenticationProxy Summary Chapter12.AAAofVPNandPPPSessionsonIOS AuthenticatingVPNSessions VerifyingandTroubleshootingVPNAuthentication AuthorizingVPNSessions VerifyingandTroubleshootingVPNAuthorization
AccountingforIPsecRemoteAccessandSSLVPN LabScenario#15:VPNAAA AuthenticatingPPPSessions VerifyingandTroubleshootingPPPAuthentication AuthorizingPPPSessions VerifyingandTroubleshootingPPPAuthorization AccountingforPPPSessions Summary Chapter13.AAAofVPNonASA AuthenticatingRemoteAccessIPsecVPN(EzVPNRemote)andSSLVPNUsingRADIUS AuthorizingIPsecRemoteAccessandSSLVPNUsingRADIUS AccountingforIPsecandSSLVPNUsingRADIUS LabScenario#16:VPNAAAUsingRADIUS AuthenticatingIPsecandSSLVPNUsingLDAP AuthorizingIPsecandSSLVPNUsingLDAP LabScenario#17:VPNAuthenticationandAuthorizationUsingLDAP Summary Chapter14.ACS4.2AdvancedConfiguration NetworkAccessRestrictions BackupandRestore DatabaseReplication RDBMSSynchronization NetworkAccessProfiles LocalPasswordManagement RemoteLogging
LogFileManagement CSUtilDatabaseUtility Summary Chapter15.ACS5.1 Replication Dictionaries RemoteLogging ImportingNetworkResourcesandUsers ManagingSystemAdministrators BackupandRestore ScheduledBackups Summary
Task2.3:PatchingtheOperatingSystem Task2.4:SecurityTemplates Task2.5:SecuringAutoruns Task2.6:SecuringHardwareDevices Task2.7:Virtualization Task2.8:LockingtheComputerUsinganIdleTimeout Phase3:MaliciousSoftware Task3.1:Installing,Updating,andRunningAntivirusSoftware Task3.2:UsingaRootkitChecker Task3.3:Adware Task3.4:UsingaSpywareChecker Task3.5:MaliciousSoftwareRemovalTool Task3.6:McAfeeSiteAdvisor Task3.7:ARPPoisoningwithCain&Abel Task3.8:AttackingAuthenticationwithFiresheep Phase4:SecureStorage Task4.1:TheEncryptingFileSystem Task4.2:EFSDataRecovery Task4.3:ImplementingSyskey Task4.4:ConvertingFATtoNTFS Task4.5:ImplementingDiskFaultTolerancewithRAID Task4.6:BackingUpData Task4.7:RestoringDatafromaBackup Task4.8:SecuringShares Task4.9:BitLockerDriveEncryption
Task4.10:SecuringDatatoSatisfyFIPS1402UsingPGPDesktop Phase5:ManagingUserAccounts Task5.1:CreatingUserAccounts Task5.2:ImplementingthePasswordPolicy Task5.3:AuditingLogons Task5.4:SecuringtheDefaultUserAccounts Task5.5:ImplementingaDenyGroup Phase6:NetworkSecurity Task6.1:DeployingIPSec Task6.2:ConfiguringtheVPNServer Task6.3:ConfiguringtheVPNClient Task6.4:ImplementingSecureRemoteAdministration Task6.5:SecureAdministrationUsingRunAs Task6.6:ConfiguringaPacketFilter Task6.7:Implementing802.11WirelessSecurity Task6.8:ImplementinganIPSecVPNUsingAES Task6.9:ImplementingaPersonalFirewall Phase7:SecuringInternetActivity Task7.1:ConfiguringInternetAccess Task7.2:UsingInternetExplorerSecurityZones Task7.3:ConfiguringIEforSecureUseofCookies Task7.4:UsingInternetConnectionSharing Task7.5:SecuringEmail Task7.6:SpamManagement Task7.7:InstallingandUsingaDigitalCertificate
Task7.8:CertificateBackupandManagement Task7.9:PerformingSecureFileExchange Task7.10:ValidatingDownloadsandCheckingtheHash Task7.11:LoggingandRecordingInternetActivity Task7.12:UsingHTTPStoEncryptWebTraffic Task7.13:UsingForceTLStoAddSecuritytoWebBrowsing Phase8:SecurityTesting Task8.1:PenetrationTestingwithNessus Task8.2:PenetrationTestingwithRetina Task8.3:PerformingAssessmentswithMBSA Task8.4:PerformingSecurityAssessmentswithITShavlik Task8.5:PerformingInternetVulnerabilityProfiling Task8.6:TrackingHostileIPs Task8.7:InvestigatingNetcat Task8.8:ExploitingVulnerabilitieswithMetasploit Phase9:InvestigatingIncidents Task9.1:ConfiguringanAuditPolicyforObjectAccess Task9.2:ReviewingtheAuditLogs Task9.3:ForcingaMemoryDump Task9.4:CapturingPacketswiththePacketAnalyzer:Wireshark Task9.5:RecoveringPreviousVersionsofFiles Task9.6:RecoveringDeletedContentfromtheFileSystem Phase10:SecurityTroubleshooting Task10.1:BootingintoSafeMode Task10.2:ImplementingLastKnownGoodConfiguration
TheEssentialsandBeyond Chapter2:UnderstandingMalwareandSocialEngineering ComparingMalware ProtectingAgainstMalware ThwartingSocialEngineeringAttacks ProtectingEmail TheEssentialsandBeyond Chapter3:UnderstandingUserAuthentication ComparingtheThreeFactorsofAuthentication UsingPasswordsforAuthentication UsingSmartCardsandTokenDevicesforAuthentication UsingBiometricsforAuthentication StartingApplicationswithRunAsAdministrator PreventingTimeSkewwithKerberos IdentifyingRADIUSCapabilities IdentifyingUnsecureAuthenticationProtocols TheEssentialsandBeyond Chapter4:SecuringAccesswithPermissions ComparingNTFSPermissions ExploringSharePermissions IdentifyingActiveDirectoryPermissions AssigningRegistryPermissions TheEssentialsandBeyond Chapter5:UsingAuditPoliciesandNetworkAuditing ExploringAuditPolicies
EnablingAuditing ViewingAuditInformation ManagingSecurityLogs AuditingaNetworkwithMBSA TheEssentialsandBeyond Chapter6:ProtectingClientsandServers UnderstandingUserAccountControl KeepingSystemsUpdated ProtectingClients ProtectingServers ExploringDNSSecurityIssues TheEssentialsandBeyond Chapter7:ProtectingaNetwork IdentifyingCommonAttackMethods ExploringFirewalls ExploringNetworkAccessProtection IdentifyingProtocolSecurityMethods TheEssentialsandBeyond Chapter8:UnderstandingWirelessSecurity ComparingWirelessDevices ComparingWirelessSecurityMethods ConfiguringWirelessRouters ConfiguringWindows7forWireless TheEssentialsandBeyond Chapter9:UnderstandingPhysicalSecurity
ComparingSiteSecurityandComputerSecurity UsingGroupPolicytoEnhanceComputerSecurity ExploringMobileDeviceSecurity TheEssentialsandBeyond Chapter10:EnforcingConfidentialitywithEncryption ComparingEncryptionMethods SecuringEmail UnderstandingEFS ExploringBitLockerDriveEncryption TheEssentialsandBeyond Chapter11:UnderstandingCertificatesandaPKI UnderstandingaCertificate ExploringtheComponentsofaPKI TheEssentialsandBeyond Chapter12:UnderstandingInternetExplorerSecurity ExploringBrowserSettings ComparingSecurityZones UsingIEToolstoIdentifyMaliciousWebsites TheEssentialsandBeyond
BasicSecurityTerminology ConceptsandApproaches HowDoLegalIssuesImpactNetworkSecurity? OnlineSecurityResources Summary TestYourSkills Chapter2.NetworksandtheInternet Introduction NetworkBasics HowtheInternetWorks HistoryoftheInternet BasicNetworkUtilities OtherNetworkDevices AdvancedNetworkCommunicationsTopics Summary TestYourSkills Chapter3.CyberStalking,Fraud,andAbuse Introduction HowInternetFraudWorks IdentityTheft CyberStalking ProtectingYourselfagainstCyberCrime Summary TestYourSkills ChapterFootnotes
Chapter4.DenialofServiceAttacks Introduction DenialofService IllustratinganAttack Summary TestYourSkills Chapter5.Malware Introduction Viruses TrojanHorses TheBufferOverflowAttack TheSasserVirus/BufferOverflow Spyware OtherFormsofMalware DetectingandEliminatingVirusesandSpyware Summary TestYourSkills Chapter6.TechniquesUsedbyHackers Introduction BasicTerminology TheReconnaissancePhase ActualAttacks Summary TestYourSkills Chapter7.IndustrialEspionageinCyberspace
Introduction WhatIsIndustrialEspionage? InformationasanAsset RealWorldExamplesofIndustrialEspionage HowDoesEspionageOccur? PhoneTapsandBugs ProtectingagainstIndustrialEspionage IndustrialEspionageAct SpearPhishing Summary TestYourSkills Chapter8.Encryption Introduction CryptographyBasics HistoryofEncryption ModernMethods LegitimateVersusFraudulentEncryptionMethods EncryptionsUsedinInternet VirtualPrivateNetworks Summary TestYourSkills Chapter9.ComputerSecuritySoftware Introduction VirusScanners Firewalls
Antispyware IntrusionDetectionSoftware Summary TestYourSkills Chapter10.SecurityPolicies Introduction WhatIsaPolicy DefiningUserPolicies DefiningSystemAdministrationPolicies DefiningAccessControl DevelopmentalPolicies Standards,Guidelines,andProcedures Summary TestYourSkills Chapter11.NetworkScanningandVulnerabilityScanning Introduction BasicsofAssessingaSystem SecuringComputerSystems ScanningYourNetwork GettingProfessionalHelp Summary TestYourSkills Chapter12.CyberTerrorismandInformationWarfare Introduction ActualCasesofCyberTerrorism
ChinaEagleUnion EconomicAttacks MilitaryOperationsAttacks GeneralAttacks SupervisoryControlandDataAcquisitions InformationWarfare ActualCases FutureTrends DefenseagainstCyberTerrorism Summary TestYourSkills Chapter13.CyberDetective Introduction GeneralSearches CourtRecordsandCriminalChecks Usenet Summary TestYourSkills Chapter14.IntroductiontoForensics Introduction GeneralGuidelines FindingEvidenceonthePC FindingEvidenceinSystemLogs GettingBackDeletedFiles OperatingSystemUtilities
TheWindowsRegistry Summary TestYourSkills AppendixA.Glossary AppendixB.Resources GeneralComputerCrimeandCyberTerrorism GeneralKnowledge CyberStalking IdentityTheft PortScannersandSniffers PasswordCrackers Countermeasures Spyware CounterSpyware CyberInvestigationTools GeneralTools VirusResearch
Security on z/VM
By: Paola Bari; Helio Almeida; Gary Detro; David Druker; Marian Gasparovic; Manfred Gnirss; Jean Francois Jiguet Publisher: IBM Redbooks Pub. Date: November 19, 2007 Part Number: SG24-7471-00 Print ISBN-10: 0-7384-8854-2 Print ISBN-13: 978-0-7384-8854-7 Pages in Print Edition: 342
Notices Trademarks Preface Theteamthatwrotethisbook Becomeapublishedauthor Commentswelcome Chapter1.z/VMandsecurity Section1.1.Introductiontoz/VMvirtualization Section1.2.z/VMsecurityfeatures Section1.3.Additionalfeatures Chapter2.RACFfeatureofz/VM Section2.1.RACFz/VMconcepts Section2.2.InstallingandconfiguringRACF Section2.3.RACFmanagementprocesses Section2.4.RACFsecuritylabels Section2.5.RACFauditing
Section2.6.RACFdatabasebackup Chapter3.z/VMLDAPserver Section3.1.LDAPterminology Section3.2.z/VMLDAP Section3.3.Installingz/VMLDAPserver Chapter4.ImplementingPluggableAuthenticationModulesLDAPforLinuxservers Section4.1.PAMandNameServiceSwitch Section4.2.ConfiguringPAMLDAPandNSS Section4.3.Changingthepassword Chapter5.Enterpriseintegration Section5.1.Usingacentralz/VMLDAPserver Section5.2.SharingRACFdatabasewithanotherz/VMsystem Section5.3.SharingaRACFdatabasewithz/OS Section5.4.Usingacentralz/OSIBMTivoliDirectoryServer Section5.5.SynchronizingLDAP/RACFdatabasewithIBMTivoliDirectoryIntegrator Chapter6.Cryptographyonz/VM Section6.1.Securecommunicationtothez/VMSystemusingSSL Section6.2.PreparingSystemzforthehardwareencryptionsupport Section6.3.z/VMdefinitions Section6.4.UsingcryptographyhardwaresupportwithLinux Chapter7.IBMTivolizSecureforz/VMRACF Section7.1.ConsulInSightSuitebenefits Section7.2.TivolizSecureProSuite Section7.3.IntroducingTivolizSecure Section7.4.TivolizSecureinstallation
Section7.5.ConfiguringConsulzSecure Section7.6.ExamplesofsomereportsgeneratedbyConsulzSecure Section7.7.SampleUAUDITlist Section7.8.PersonalizedreportsforRACFuserswithspecialandoperationsauthority AppendixA:DirMaintimplementation SectionA.1.DirMaintimplementationandconfiguration SectionA.2.DirMaintinstallation SectionA.3.DirMainttailoring SectionA.4.DirMainttestingandoperations SectionA.5.Conclusion AppendixB:RACFproceduralchecklist SectionB.1.RACFinstallationsteps AppendixC:Additionalmaterial LocatingtheWebmaterial UsingtheWebmaterial Relatedpublications IBMRedbookspublications Otherpublications HowtogetIBMRedbookspublications HelpfromIBM
HistoryofAsyncOSVersions EmailSecurityLandscape SimpleMailTransferProtocol(SMTP) Summary Chapter2.ESAProductBasics HardwareOverview BasicSetupviatheWUISystemSetupWizard NetworkingDeploymentModels SecurityFilteringFeatures Summary Chapter3.ESAEmailPipeline ESAPipeline RecipientandSenderManipulation LDAPOperations WorkQueueandFilteringEngines DeliveryofMessages Summary Chapter4.ESAWebUserInterface Overview ConnectingtotheWUI WUITour WUIwithCentralizedManagement OtherWUIFeatures Summary Chapter5.CommandLineInterface
OverviewoftheESACommandLineInterface UsingSSHorTelnettoAccesstheCLI KeepingtheESACLISecure ESASetupUsingtheCLI CommandsinDepth Summary Chapter6.AdditionalManagementServices TheNeedforAdditionalProtocolSupport SimpleNetworkManagementProtocol(SNMP) WorkingwiththeESAFilesystem ESALogging UnderstandingIronPortTextMailLogs Summary Chapter7.DirectoriesandPolicies DirectoryIntegration BriefLDAPOverview LDAPSetuponESA IncomingandOutgoingMailPolicies OtherLDAPTechniques Summary Chapter8.SecurityFiltering Overview TheCriminalEcosystem ReputationFiltersandSenderBaseReputationScores IronPortAntiSpam(IPAS)
RecommendedAntiSpamSettings SophosandMcAfeeAntivirus(AV) IronPortOutbreakFilters(OF) RecommendedAVSettings UsingContentFiltersforSecurity Summary Chapter9.AutomatingTasks AdministeringESAfromOutsideServers CLIAutomationExamples WUIAutomationExamples PollingDatafromtheESA PushingDatatotheESAandMakingConfigurationChanges RetrievingReportingDatafromtheWUI Summary Chapter10.ConfigurationFiles ESAandtheXMLConfigurationFormat ConfigurationFileStructure ImportingandExportingConfigurationFiles EditingConfigurationFiles AutomatingConfigurationFileBackup ConfigurationBackupviaCLI ConfigurationBackupviaWUI ConfigurationFilesinCentralizedManagementClusters Summary Chapter11.MessageandContentFilters
FilteringEmailMessageswithCustomRules FilterConditions FilterActions ActionVariables RegularExpressionsinFilters Dictionaries NotificationTemplates SmartIdentifiers ContentFilterandMailPolicyInteraction FilterPerformanceConsiderations FilterRecipes Summary Chapter12.AdvancedNetworking ESAwithMultipleIPInterfaces MultipleListeners ESAandVirtualLANs OtherAdvancedConfigurations Summary Chapter13.MultipleDeviceDeployments GeneralDeploymentGuidelines EmailAvailabilitywithMultipleESAs LoadBalancingStrategies MultitierArchitectures ArchitectureswithMixedMTAProducts Introducing,Replacing,orUpgradingESAinProduction
ManagementofMultipleAppliances Summary Chapter14.RecommendedConfiguration BestPractices SecurityFiltering BeingaGoodSender BounceVerification RecommendationsforSpecificEnvironments Summary Chapter15.AdvancedTopics RecentDevelopments AuthenticationStandards RegulatoryCompliance DataLossPrevention(DLP) Summary
OSRelationshipswiththeCPUArchitecture TheVirtualMachineMonitorandRing0Presentation TheVMMRoleExplored ThePopekandGoldbergRequirements TheChallenge:VMMsforthex86Architecture TypesofVirtualization ServerVirtualization StorageVirtualization NetworkVirtualization ApplicationVirtualization CommonUseCasesforVirtualization TechnologyRefresh BusinessContinuityandDisasterRecovery ProofofConceptDeployments VirtualDesktops RapidDevelopment,TestLab,andSoftwareConfigurationManagement Summary SolutionsFastTrack WhatIsVirtualization? WhyVirtualize? HowDoesVirtualizationWork? TypesofVirtualization CommonUseCasesforVirtualization FrequentlyAskedQuestions Chapter2:ChoosingtheRightSolutionfortheTask
Introduction IssuesandConsiderationsThatAffectVirtualizationImplementations Performance Redundancy Operations Backups Security Evolution Discovery Testing Production Mobility Grid DistinguishingOneTypeofVirtualizationfromAnother LibraryEmulation Wine Cygwin ProcessorEmulation OperatingSystemVirtualization ApplicationVirtualization PresentationVirtualization ServerVirtualization DedicatedHardware HardwareCompatibility Paravirtualization
I/OVirtualization HardwareVirtualization Summary SolutionsFastTrack IssuesandConsiderationsThatAffectVirtualizationImplementations DistinguishingOneTypeofVirtualizationfromAnother FrequentlyAskedQuestions Chapter3:BuildingaSandbox Introduction SandboxBackground TheVisibleSandbox cwsandbox.exe cwmonitor.dll ExistingSandboxImplementations DescribingCWSandbox CreatingaLiveDVDwithVMwareandCWSandbox SettingUpLinux SettingUpVMwareServerv1.05 SettingUpaVirtualMachineinVMwareServer SettingUpWindowsXPProfessionalintheVirtualMachine SettingUpCWSandboxv2.xinWindowsXPProfessional ConfiguringLinuxandVMwareServerforLiveDVDCreation UpdatingYourLiveDVD Summary SolutionsFastTrack
SandboxBackground ExistingSandboxImplementations DescribingCWSandbox CreatingaLiveDVDwithVMwareandCWSandbox FrequentlyAskedQuestions Notes Bibliography Chapter4:ConfiguringtheVirtualMachine Introduction ResourceManagement HardDriveandNetworkConfigurations HardDriveConfiguration GrowingDiskSizes VirtualDiskTypes UsingSnapshots NetworkConfiguration CreatinganInterface Bridged HostOnly Natted MultipleInterfaces PhysicalHardwareAccess PhysicalDisks USBDevices InterfacingwiththeHost
CutandPaste HowtoInstalltheVMwareToolsinaVirtualMachine HowtoInstalltheVirtualMachineAdditionsinVirtualPC Summary SolutionsFastTrack HardDriveandNetworkConfigurations PhysicalHardwareAccess InterfacingwiththeHost FrequentlyAskedQuestions Chapter5:Honeypotting Introduction HerdingofSheep Honeynets GenI GenII GenIII WheretoPutIt LocalNetwork DistributedNetwork Layer2Bridges Honeymole MultipleRemoteNetworks DetectingtheAttack IntrusionDetection NetworkTrafficCapture
MonitoringontheBox HowtoSetUpaRealisticEnvironment Nepenthes SettingUptheNetwork KeepingtheBadStuffin Summary SolutionsFastTrack HerdingofSheep DetectingtheAttack HowtoSetUpaRealisticEnvironment FrequentlyAskedQuestions Note Chapter6:MalwareAnalysis Introduction SettingtheStage HowShouldNetworkAccessBeLimited? Don'tPropagateItYourself TheResearcherMayGetDiscovered Createa"Victim"ThatIsasClosetoRealasPossible YouShouldHaveaVarietyofContenttoOffer GiveItThatLivedinLook MakingtheLocalNetworkMoreReal TestingonVMwareWorkstation MicrosoftVirtualPC LookingforEffectsofMalware
WhatIstheMalware'sPurpose? HowDoesItPropagate? DoestheMalwarePhoneHomeforUpdates? DoestheMalwareParticipateinaBotNet? DoestheMalwareSendtheSpoilsAnywhere? DoestheMalwareBehaveDifferentlyDependingontheDomain? HowDoestheMalwareHideandHowCanItBeDetected? HowDoYouRecoverfromIt? ExaminingaSampleAnalysisReport The<Analysis>Section Analysisof82f78a89bde09a71ef99b3cedb991bcc.exe Analysisofarman.exe InterpretinganAnalysisReport HowDoestheBotInstall? FindingOutHowNewHostsAreInfected HowDoestheBotProtecttheLocalHostandItself? DetermingHow/WhichC&CServersAreContacted HowDoestheBotGetBinaryUpdates? WhatMaliciousOperationsArePerformed? BotRelatedFindingsofOurLiveSandbox AntivirtualizationTechniques DetectingYouAreinaVirtualEnvironment VirtualizationUtilities VMwareI/OPort EmulatedHardwareDetection
HardwareIdentifiers MACAddresses HardDrives PCIIdentifiers DetectingYouAreinaHypervisorEnvironment Summary SolutionsFastTrack HowShouldNetworkAccessBeLimited? LookingforEffectsofMalware AntivirtualizationTechniques FrequentlyAskedQuestions Chapter7:ApplicationTesting Introduction GettingUptoSpeedQuickly DefaultPlatform CopyingaMachineinVMwareServer RegisteringaMachineinMicrosoftVirtualServer KnownGoodStartingPoint DownloadingPreconfiguredAppliances VMware'sApplianceProgram Microsoft'sTestDriveProgram Debugging KernelLevelDebugging TheAdvantageofOpenSourceVirtualization Summary
SolutionsFastTrack GettingUptoSpeedQuickly Debugging FrequentlyAskedQuestions Chapter8:Fuzzing Introduction WhatIsFuzzing? VirtualizationandFuzzing ChoosinganEffectiveStartingPoint UsingaCleanSlate ReducingStartupTime SettingUptheDebuggingTools PreparingtoTakeInput PreparingforExternalInteraction TakingtheSnapshot ExecutingtheTest ScriptingSnapshotStartup InteractingwiththeApplication SelectingTestData CheckingforExceptions SavingtheResults RunningConcurrentTests Summary SolutionsFastTrack WhatIsFuzzing?
VirtualizationandFuzzing ChoosinganEffectiveStartingPoint PreparingforExternalInteraction ExecutingtheTest FrequentlyAskedQuestions Chapter9:ForensicAnalysis Introduction PreparingYourForensicEnvironment CapturingtheMachine PreparingtheCapturedMachinetoBootonNewHardware WhatCanBeGainedbyBootingtheCapturedMachine? VirtualizationMayPermitYoutoObserveBehaviorThatIsOnlyVisibleWhileLive UsingtheSystemtoDemonstratetheMeaningoftheEvidence TheSystemMayHaveProprietary/OldFilesThatRequireSpecialSoftware AnalyzingTimeBombsandBoobyTraps EasiertoGetintheMindSetoftheSuspect CollectingIntelligenceaboutBotnetsorVirusInfectedSystems CollectingIntelligenceaboutaCase CapturingProcessesandDatainMemory PerformingForensicsofaVirtualMachine Caution:VMAwareMalwareAhead Summary SolutionsFastTrack PreparingYourForensicEnvironment CapturingtheMachine
PreparingtheCapturedMachinetoBootonNewHardware WhatCanBeGainedbyBootingtheCapturedMachine? FrequentlyAskedQuestions Chapter10:DisasterRecovery Introduction DisasterRecoveryinaVirtualEnvironment SimplifyingBackupandRecovery FileLevelBackupandRestore SystemLevelBackupandRestore SharedStorageBackupandRestore AllowingGreaterVariationinHardwareRestoration DifferentNumberofServers UsingVirtualizationforRecoveryofPhysicalSystems UsingVirtualizationforRecoveryofVirtualSystems RecoveringfromHardwareFailures RedistributingtheDataCenter Summary SolutionsFastTrack DisasterRecoveryinaVirtualEnvironment SimplifyingBackupandRecovery AllowingGreaterVariationinHardwarerestoration RecoveringfromHardwareFailures RedistributingtheDataCenter FrequentlyAskedQuestions Chapter11:HighAvailability:ResettoGood
Introduction UnderstandingHighAvailability ProvidingHighAvailabilityforPlannedDowntime ProvidingHighAvailabilityforUnplannedDowntime ResettoGood UtilizingVendorToolstoResettoGood UtilizingScriptingorOtherMechanismstoResettoGood DegradingoverTime ConfiguringHighAvailability ConfiguringSharedStorage ConfiguringtheNetwork SettingUpaPoolorClusterofServers MaintainingHighAvailability MonitoringforOvercommitmentofResources SecurityImplications PerformingMaintenanceonaHighAvailabilitySystem Summary SolutionsFastTrack UnderstandingHighAvailability ResettoGood ConfiguringHighAvailability MaintainingHighAvailability FrequentlyAskedQuestions Chapter12:BestofBothWorlds:DualBooting Introduction
HowtoSetUpLinuxtoRunBothNativelyandVirtually CreatingaPartitionforLinuxonanExistingDrive SettingUpDualHardwareProfiles IssueswithRunningWindowsBothNativelyandVirtualized PrecautionsWhenRunninganOperatingSystemonBothPhysicalandVirtualizedPlatforms BootingaSuspendedPartition DeletingtheSuspendedState ChangingHardwareConfigurationsCanAffectYourSoftware Summary SolutionsFastTrack HowtoSetUpLinuxtoRunBothNativelyandVirtually IssueswithRunningWindowsBothNativelyandVirtualized FrequentlyAskedQuestions Chapter13:ProtectioninUntrustedEnvironments Introduction MeaningfulUsesofVirtualizationinUntrustedEnvironments LevelsofMalwareAnalysisParanoia UsingVirtualMachinestoSegregateData UsingVirtualMachinestoRunSoftwareYouDon'tTrust UsingVirtualMachinesforUsersYouDon'tTrust SettinguptheClientMachine InstallingOnlyWhatYouNeed RestrictingHardwareAccess RestrictingSoftwareAccess ScriptingtheRestore
Summary SolutionsFastTrack UsingVirtualMachinestoSegregateData UsingVirtualMachinestoRunSoftwareYouDon'tTrust UsingVirtualMachinesforUsersYouDon'tTrust FrequentlyAskedQuestions Notes Chapter14:Training Introduction SettingUpScanningServers AdvantagesofUsingaVirtualMachineinsteadofaLiveCDDistribution Persistence Customization DisadvantagesofUsingaVirtualMachineinsteadofaLiveCD DefaultPlatformsAsWelltoUseaVarietyofTools ScanningServersinaVirtualEnvironment SettingUpTargetServers Very"Open"BoxesforDemonstratingduringClass SuggestedVulnerabilitiesforWindows SuggestedVulnerabilitiesforLinux SuggestedVulnerabilitiesforApplicationVulnerabilityTesting CreatingtheCapturetheFlagScenario HarderTargets SnapshotsSavedUs RequireResearchtoAccomplishtheTask
IntroduceFirewalls MultipleServersRequiringChainedAttacks AddingSomeRealism LoosePointsforDamagingtheEnvironment DemonstrateWhattheAttackLooksLikeonIDS OutBrief CleaningupAfterward SavingYourBack Summary SolutionsFastTrack SettingUpScanningServers SettingUpTargetServers CreatingtheCapturetheFlagScenario OutBrief CleaningUpAfterward SavingYourBack FrequentlyAskedQuestions
Security Warrior
By: Cyrus Peikari; Anton Chuvakin Publisher: O'Reilly Media, Inc. Pub. Date: January 12, 2004 Print ISBN-13: 978-0-596-00545-0 Pages in Print Edition: 552
Copyright Dedication Preface SectionP2.1.OrganizationofThisBook SectionP2.2.PartI:SoftwareCracking SectionP2.3.PartII:NetworkStalking SectionP2.4.PartIII:PlatformAttacks SectionP2.5.PartIV:AdvancedDefense SectionP2.6.PartV:Appendix SectionP2.7.ConventionsUsedinThisBook SectionP2.8.UsingCodeExamples SectionP2.9.CommentsandQuestions SectionP2.10.Acknowledgments PartI:SoftwareCracking Chapter1.AssemblyLanguage Section1.1.Registers Section1.2.ASMOpcodes Section1.3.References Chapter2.WindowsReverseEngineering
Section2.1.HistoryofRCE Section2.2.ReversingTools Section2.3.ReverseEngineeringExamples Section2.4.References Chapter3.LinuxReverseEngineering Section3.1.BasicToolsandTechniques Section3.2.AGoodDisassembly Section3.3.ProblemAreas Section3.4.WritingNewTools Section3.5.References Chapter4.WindowsCEReverseEngineering Section4.1.WindowsCEArchitecture Section4.2.CEReverseEngineeringFundamentals Section4.3.PracticalCEReverseEngineering Section4.4.ReverseEngineeringserial.exe Section4.5.References Chapter5.OverflowAttacks Section5.1.BufferOverflows Section5.2.UnderstandingBuffers Section5.3.SmashingtheStack Section5.4.HeapOverflows Section5.5.PreventingBufferOverflows Section5.6.ALiveChallenge Section5.7.References PartII:NetworkStalking
Chapter6.TCP/IPAnalysis Section6.1.ABriefHistoryofTCP/IP Section6.2.Encapsulation Section6.3.TCP Section6.4.IP Section6.5.UDP Section6.6.ICMP Section6.7.ARP Section6.8.RARP Section6.9.BOOTP Section6.10.DHCP Section6.11.TCP/IPHandshaking Section6.12.CovertChannels Section6.13.IPv6 Section6.14.Ethereal Section6.15.PacketAnalysis Section6.16.Fragmentation Section6.17.References Chapter7.SocialEngineering Section7.1.Background Section7.2.PerformingtheAttacks Section7.3.AdvancedSocialEngineering Section7.4.References Chapter8.Reconnaissance Section8.1.OnlineReconnaissance
Section8.2.Conclusion Section8.3.References Chapter9.OSFingerprinting Section9.1.TelnetSessionNegotiation Section9.2.TCPStackFingerprinting Section9.3.SpecialPurposeTools Section9.4.PassiveFingerprinting Section9.5.FuzzyOperatingSystemFingerprinting Section9.6.TCP/IPTimeoutDetection Section9.7.References Chapter10.HidingtheTracks Section10.1.FromWhomAreYouHiding? Section10.2.PostattackCleanup Section10.3.ForensicTracks Section10.4.MaintainingCovertAccess Section10.5.References PartIII:PlatformAttacks Chapter11.UnixDefense Section11.1.UnixPasswords Section11.2.FilePermissions Section11.3.SystemLogging Section11.4.NetworkAccessinUnix Section11.5.UnixHardening Section11.6.UnixNetworkDefense Section11.7.References
Chapter12.UnixAttacks Section12.1.LocalAttacks Section12.2.RemoteAttacks Section12.3.UnixDenialofServiceAttacks Section12.4.References Chapter13.WindowsClientAttacks Section13.1.DenialofServiceAttacks Section13.2.RemoteAttacks Section13.3.RemoteDesktop/RemoteAssistance Section13.4.References Chapter14.WindowsServerAttacks Section14.1.ReleaseHistory Section14.2.KerberosAuthenticationAttacks Section14.3.KerberosAuthenticationReview Section14.4.DefeatingBufferOverflowPrevention Section14.5.ActiveDirectoryWeaknesses Section14.6.HackingPKI Section14.7.SmartCardHacking Section14.8.EncryptingFileSystemChanges Section14.9.ThirdPartyEncryption Section14.10.References Chapter15.SOAPXMLWebServicesSecurity Section15.1.XMLEncryption Section15.2.XMLSignatures Section15.3.Reference
Chapter16.SQLInjection Section16.1.IntroductiontoSQL Section16.2.SQLInjectionAttacks Section16.3.SQLInjectionDefenses Section16.4.PHPNukeExamples Section16.5.References Chapter17.WirelessSecurity Section17.1.ReducingSignalDrift Section17.2.ProblemswithWEP Section17.3.CrackingWEP Section17.4.PracticalWEPCracking Section17.5.VPNs Section17.6.TKIP Section17.7.SSL Section17.8.AirborneViruses Section17.9.References PartIV:AdvancedDefense Chapter18.AuditTrailAnalysis Section18.1.LogAnalysisBasics Section18.2.LogExamples Section18.3.LoggingStates Section18.4.WhentoLookattheLogs Section18.5.LogOverflowandAggregation Section18.6.ChallengeofLogAnalysis Section18.7.SecurityInformationManagement
Section18.8.GlobalLogAggregation Section18.9.References Chapter19.IntrusionDetectionSystems Section19.1.IDSExamples Section19.2.BayesianAnalysis Section19.3.HackingThroughIDSs Section19.4.TheFutureofIDSs Section19.5.SnortIDSCaseStudy Section19.6.IDSDeploymentIssues Section19.7.References Chapter20.Honeypots Section20.1.Motivation Section20.2.BuildingtheInfrastructure Section20.3.CapturingAttacks Section20.4.References Chapter21.IncidentResponse Section21.1.CaseStudy:WormMayhem Section21.2.Definitions Section21.3.IncidentResponseFramework Section21.4.SmallNetworks Section21.5.MediumSizedNetworks Section21.6.LargeNetworks Section21.7.References Chapter22.ForensicsandAntiforensics Section22.1.HardwareReview
Section22.2.InformationDetritus Section22.3.ForensicsTools Section22.4.BootableForensicsCDROMs Section22.5.EvidenceEliminator Section22.6.ForensicsCaseStudy:FTPAttack Section22.7.References PartV:Appendix AppendixA.UsefulSoftICECommandsandBreakpoints SectionA.1.SoftICECommands SectionA.2.Breakpoints
SafariEnabled Acknowledgments PartI:ModifyingandHackingSecurityTools Chapter1.WritingPluginsforNessus Section1.1.TheNessusArchitecture Section1.2.InstallingNessus Section1.3.UsingNessus Section1.4.TheNASLInterpreter Section1.5.HelloWorld Section1.6.DatatypesandVariables Section1.7.Operators Section1.8.if...else Section1.9.Loops Section1.10.Functions Section1.11.PredefinedGlobalVariables Section1.12.ImportantNASLFunctions Section1.13.NessusPlugins Chapter2.DevelopingDissectorsandPluginsfortheEttercapNetworkSniffer Section2.1.InstallingandUsingEttercap Section2.2.WritinganEttercapDissector Section2.3.WritinganEttercapPlugin Chapter3.ExtendingHydraandNmap Section3.1.ExtendingHydra Section3.2.AddingServiceSignaturestoNmap Chapter4.WritingPluginsfortheNiktoVulnerabilityScanner
Section4.1.InstallingNikto Section4.2.UsingNikto Section4.3.NiktoUndertheHood Section4.4.ExistingNiktoPlugins Section4.5.AddingCustomEntriestothePluginDatabases Section4.6.UsingLibWhisker Section4.7.WritinganNTLMPluginforBruteForceTesting Section4.8.WritingaStandalonePlugintoAttackLotusDomino Chapter5.WritingModulesfortheMetasploitFramework Section5.1.IntroductiontoMSF Section5.2.OverviewofStackBufferOverflows Section5.3.WritingExploitsforMSF Section5.4.WritingaModulefortheMnoGoSearchOverflow Section5.5.WritinganOperatingSystemFingerprintingModuleforMSF Chapter6.ExtendingCodeAnalysistotheWebroot Section6.1.AttackingWebApplicationsattheSource Section6.2.Toolkit101 Section6.3.PMD Section6.4.ExtendingPMD PartII:ModifyingandHackingSecurityTools Chapter7.FunwithLinuxKernelModules Section7.1.HelloWorld Section7.2.InterceptingSystemCalls Section7.3.HidingProcesses Section7.4.Hidingfromnetstat
Chapter8.DevelopingWebAssessmentToolsandScripts Section8.1.WebApplicationEnvironment Section8.2.DesigningtheScanner Section8.3.BuildingtheLogParser Section8.4.BuildingtheScanner Section8.5.UsingtheScanner Section8.6.CompleteSourceCode Chapter9.AutomatedExploitTools Section9.1.SQLInjectionExploits Section9.2.TheExploitScanner Section9.3.UsingtheScanner Chapter10.WritingNetworkSniffers Section10.1.Introductiontolibpcap Section10.2.GettingStartedwithlibpcap Section10.3.libpcapand802.11WirelessNetworks Section10.4.libpcapandPerl Section10.5.libpcapLibraryReference Chapter11.WritingPacketInjectionTools Section11.1.Introductiontolibnet Section11.2.GettingStartedwithlibnet Section11.3.AdvancedlibnetFunctions Section11.4.Combininglibnetandlibpcap Section11.5.IntroducingAirJack Colophon
ThreatsAgainstanExtranetSite ThreatsAgainsttheCore ThreatsAgainsttheInternet ThreatsfromWithinaZoneofTrust ReconnaissanceAttacks Summary Part:IIAdvancedMPLSVPNSecurityIssues Chapter3.MPLSSecurityAnalysis VPNSeparation RobustnessAgainstAttacks HidingtheCoreInfrastructure ProtectionAgainstSpoofing SpecificInterASConsiderations SpecificCarrier'sCarrierConsiderations SecurityIssuesNotAddressedbytheMPLSArchitecture ComparisontoATM/FRSecurity Summary Footnotes Chapter4.SecureMPLSVPNDesigns InternetAccess ExtranetAccess MPLSVPNsandFirewalling DesigningDoSResistantNetworks InterASRecommendationsandTraversingMultipleProviderTrustModelIssues Carriers'Carrier
Layer2SecurityConsiderations MulticastVPNSecurity Summary Footnotes Chapter5.SecurityRecommendations GeneralRouterSecurity CESpecificRouterSecurityandTopologyDesignConsiderations PESpecificRouterSecurity PEDataPlaneSecurity PECEConnectivitySecurityIssues PSpecificRouterSecurity SecuringtheCore RoutingSecurity CEPERoutingSecurityBestPractices InternetAccess SharingEndtoEndResources LANSecurityIssues IPsec:CEtoCE MPLSoverIPOperationalConsiderations:L2TPv3 SecuringCoreandRoutingCheckList Summary Part:IIIPracticalGuidelinestoMPLSVPNSecurity Chapter6.HowIPsecComplementsMPLS IPsecOverview LocationoftheIPsecTerminationPoints
DeployingIPseconMPLS UsingOtherEncryptionTechniques Summary Chapter7.SecurityofMPLSLayer2VPNs GenericLayer2SecurityConsiderations C2EthernetTopologies C3VPLSOverview C4VPWSOverview C5VPLSandVPWSServiceSummaryandMetroEthernetArchitectureOverview C6VPLSandVPWSSecurityOverview CustomerEdge Summary Chapter8.SecureOperationandMaintenanceofanMPLSCore ManagementNetworkSecurity SecurelyManagingCEDevices SecurelyManagingtheCoreNetwork Summary Part:IVCaseStudiesandAppendixes Chapter9.CaseStudies InternetAccess MultiLiteVRFMechanisms Layer2LANAccess Summary AppendixA:DetailedConfigurationExampleforaPE AppendixB:ReferenceList
CSACapabilities CSAComponentsOverview CSACommunication CSA'sRoleWithinSAFE Summary Part:IIUnderstandingtheCSABuildingBlocks Chapter3.UnderstandingCSAGroupsandHosts TheRelationshipBetweenGroupsandHosts UnderstandingCSAGroups UnderstandingCSAHosts Summary Chapter4.UnderstandingCSAPolicies,Modules,andRules TheRelationshipBetweenPolicies,Modules,andRules EstablishingAcceptableUseDocumentsandSecurityPolicies CSARules CSARuleModules CSAPolicies Summary Chapter5.UnderstandingApplicationClassesandVariables UsingApplicationClasses IntroducingVariables Summary Part:IIICSAAgentInstallationandLocalAgentUse Chapter6.UnderstandingCSAComponentsandInstallation GeneralCSAAgentComponentsOverview
CSAInstallationRequirements AgentKits Summary Chapter7.UsingtheCSAUserInterface WindowsAgentInterface LinuxAgentInterface SolarisAgentInterface Summary Part:IVMonitoringandReporting Chapter8.MonitoringCSAEvents StatusSummary EventLog EventMonitor EventLogManagement EventSets Alerts Summary Chapter9.UsingCSAMCReports AuditTrailReporting EventReporting GroupDetailReporting HostDetailReporting PolicyDetailReporting ReportViewing CreatingaSampleReport
Summary Part:VAnalyzingCSA Chapter10.ApplicationDeploymentInvestigation UsingApplicationDeploymentInvestigation UsingApplicationDeploymentReports Summary Chapter11.ApplicationBehaviorAnalysis UnderstandingApplicationBehaviorInvestigationComponents ConfiguringApplicationBehaviorInvestigation UsingApplicationBehaviorInvestigationontheRemoteAgent AnalyzingLogData ViewingBehaviorReports ExportingtheBehaviorAnalysisReportData AnalyzingUNIXApplicationBehavior CreatingBehaviorAnalysisRuleModules Summary Part:VICreatingPolicy,ImplementingCSA,andMaintainingtheCSAMC Chapter12.CreatingandTuningPolicy CreatingPolicy TuningPolicy Summary Chapter13.DevelopingaCSAProjectImplementationPlan PlanningforSuccess TheProjectPlan OutliningtheProjectPhases
Summary Chapter14.CSAMCAdministrationandMaintenance CSALicensing CSAMCRegistrationControl CSAMCComponentSharing CSAMCRoleBasedAccessControl OtherCSAMCAdministrativeFeatures CSAMCBackupandRestoreProcedures Summary Part:VIIAppendixes AppendixA:VMSandCSAMC4.5Installation VMSv2.3Components Installation Summary AppendixB:SecurityMonitorIntegration AddingtheCSAMCtotheSecurityMonitor ConfiguringtheSecurityMonitor VerifyingConnectivity ViewingEventsintheSecurityMonitor Summary AppendixC:CSAMIB CSAMCMIBDefinitions
Section2.3.Process:ApplyingHumanFactorsKnowledgeandUserCenteredApproachestoSecurity Design Section2.4.Panorama:UnderstandingtheImportanceoftheEnvironment Section2.5.Conclusion Section2.6.AbouttheAuthors ChapterThree.DesignforUsability Section3.1.DeathbySecurity Section3.2.BalanceSecurityandUsability Section3.3.BalancePrivacyandSecurity Section3.4.BuildaSecureInternet Section3.5.Conclusion Section3.6.AbouttheAuthor ChapterFour.UsabilityDesignandEvaluationforPrivacyandSecuritySolutions Section4.1.UsabilityintheSoftwareandHardwareLifeCycle Section4.2.CaseStudy:UsabilityInvolvementinaSecurityApplication Section4.3.CaseStudy:UsabilityInvolvementintheDevelopmentofaPrivacyPolicyManagementTool Section4.4.Conclusion Section4.5.AbouttheAuthors ChapterFive.DesigningSystemsThatPeopleWillTrust Section5.1.Introduction Section5.2.TheTrustRiskRelationship Section5.3.TheTimeCourseofTrust Section5.4.ModelsofTrust Section5.5.TrustDesigns Section5.6.FutureResearchDirections Section5.7.AbouttheAuthors
PartII:AuthenticationMechanisms ChapterSix.EvaluatingAuthenticationMechanisms Section6.1.Authentication Section6.2.AuthenticationMechanisms Section6.3.QualityCriteria Section6.4.EnvironmentalConsiderations Section6.5.ChoosingaMechanism Section6.6.Conclusion Section6.7.AbouttheAuthor ChapterSeven.TheMemorabilityandSecurityofPasswords Section7.1.Introduction Section7.2.ExistingAdviceonPasswordSelection Section7.3.ExperimentalStudy Section7.4.Method Section7.5.Results Section7.6.Discussion Section7.7.Acknowledgments Section7.8.AbouttheAuthors ChapterEight.DesigningAuthenticationSystemswithChallengeQuestions Section8.1.ChallengeQuestionsasaFormofAuthentication Section8.2.CriteriaforBuildingandEvaluatingaChallengeQuestionSystem Section8.3.TypesofQuestionsandAnswers Section8.4.DesigningaChallengeQuestionAuthenticationSystem Section8.5.SomeExamplesofCurrentPractice ChapterNine.GraphicalPasswords
Section9.1.Introduction Section9.2.APictureIsWorthaThousandWords Section9.3.PicturePerfect? Section9.4.Let'sFaceIt Section9.5.AbouttheAuthors ChapterTen.UsableBiometrics Section10.1.Introduction Section10.2.WhereAreBiometricsUsed? Section10.3.BiometricsandPublicTechnology:TheATMExample Section10.4.EvaluatingBiometrics Section10.5.IncorporatingUserFactorsintoTesting Section10.6.Conclusion Section10.7.AbouttheAuthor ChapterEleven.IdentifyingUsersfromTheirTypingPatterns Section11.1.TypingPatternBiometrics Section11.2.Applications Section11.3.OverviewofPreviousResearch Section11.4.EvaluatingPreviousResearch Section11.5.PrivacyandSecurityIssues Section11.6.Conclusion Section11.7.AbouttheAuthors ChapterTwelve.TheUsabilityofSecurityDevices Section12.1.Introduction Section12.2.OverviewofSecurityDevices Section12.3.UsabilityTestingofSecurityDevices
Section12.4.AUsabilityStudyofCryptographicSmartCards Section12.5.RecommendationsandOpenResearchQuestions Section12.6.Conclusion Section12.7.Acknowledgments Section12.8.AbouttheAuthors PartIII:SecureSystems ChapterThirteen.GuidelinesandStrategiesforSecureInteractionDesign Section13.1.Introduction Section13.2.DesignGuidelines Section13.3.DesignStrategies Section13.4.Conclusion Section13.5.Acknowledgments Section13.6.AbouttheAuthor ChapterFourteen.FightingPhishingattheUserInterface Section14.1.Introduction Section14.2.AttackTechniques Section14.3.Defenses Section14.4.LookingAhead Section14.5.AbouttheAuthors ChapterFifteen.SanitizationandUsability Section15.1.Introduction Section15.2.TheRemembranceofDataPassedStudy Section15.3.RelatedWork:SanitizationStandards,Software,andPractices Section15.4.MovingForward:APlanforCleanComputing Section15.5.Acknowledgments
Section15.6.AbouttheAuthor ChapterSixteen.MakingtheImpossibleEasy:UsablePKI Section16.1.PublicKeyInfrastructures Section16.2.ProblemswithPublicKeyInfrastructures Section16.3.MakingPKIUsable Section16.4.AbouttheAuthors ChapterSeventeen.SimpleDesktopSecuritywithChameleon Section17.1.Introduction Section17.2.ChameleonUserInterface Section17.3.ChameleonInterfaceDevelopment Section17.4.ChameleonImplementation Section17.5.Conclusion Section17.6.Acknowledgments Section17.7.AbouttheAuthors ChapterEighteen.SecurityAdministrationToolsandPractices Section18.1.Introduction Section18.2.Attacks,Detection,andPrevention Section18.3.SecurityAdministrators Section18.4.SecurityAdministration:CasesfromtheField Section18.5.Conclusion Section18.6.Acknowledgments Section18.7.AbouttheAuthors PartIV:PrivacyandAnonymitySystems ChapterNinteen.PrivacyIssuesandHumanComputerInteraction Section19.1.Introduction
Section19.2.PrivacyandHCI Section19.3.RelevantHCIResearchStreams Section19.4.Conclusion Section19.5.AbouttheAuthors ChapterTwenty.AUserCentricPrivacySpaceFramework Section20.1.Introduction Section20.2.SecurityandPrivacyFrameworks Section20.3.ResearchingthePrivacySpace Section20.4.PrivacyasaProcess Section20.5.Conclusion Section20.6.AbouttheAuthor ChapterTwentyOne.FivePitfallsintheDesignforPrivacy Section21.1.Introduction Section21.2.Faces:(Mis)ManagingUbicompPrivacy Section21.3.FivePitfallstoHeedWhenDesigningforPrivacy Section21.4.Discussion Section21.5.Conclusion Section21.6.Acknowledgments Section21.7.AbouttheAuthors ChapterTwentyTwo.PrivacyPoliciesandPrivacyPreferences Section22.1.Introduction Section22.2.ThePlatformforPrivacyPreferences(P3P) Section22.3.PrivacyBirdDesign Section22.4.PrivacyBirdEvaluation Section22.5.BeyondtheBrowser
Section22.6.AbouttheAuthor ChapterTwentyThree.PrivacyAnalysisfortheCasualUserwithBugnosis Section23.1.Introduction Section23.2.TheAudienceforBugnosis Section23.3.Cookies,WebBugs,andUserTracking Section23.4.TheGraphicIdentity Section23.5.MakingItSimpleIsComplicated Section23.6.LookingAhead Section23.7.Acknowledgments Section23.8.AbouttheAuthor ChapterTwentyFour.InformedConsentbyDesign Section24.1.Introduction Section24.2.AModelofInformedConsentforInformationSystems Section24.3.PossibilitiesandLimitationsforInformedConsent:RedesigningCookieHandlinginaWeb Browser Section24.4.InformingThroughInteractionDesign:WhatUsersUnderstandAboutSecureConnections ThroughTheirWebBrowsing Section24.5.TheScopeofInformedConsent:QuestionsMotivatedbyGmail Section24.6.Acknowledgments Section24.7.AbouttheAuthors ChapterTwentyFive.SocialApproachestoEndUserPrivacyManagement Section25.1.AConcretePrivacyProblem Section25.2.Acumen:ASolutionUsingSocialProcesses Section25.3.SupportingPrivacyManagementActivitieswithSocialProcesses Section25.4.Deployment,Adoption,andEvaluation Section25.5.GamingandAntigaming
Section25.6.GeneralizingOurApproach Section25.7.Conclusion Section25.8.AbouttheAuthors ChapterTwentySix.AnonymityLovesCompany:UsabilityandtheNetworkEffect Section26.1.UsabilityforOthersImpactsYourSecurity Section26.2.UsabilityIsEvenMoreImportantforPrivacy Section26.3.Bootstrapping,Confidence,andReputability Section26.4.TechnicalChallengestoGuessingtheNumberofUsersinaNetwork Section26.5.Conclusion Section26.6.AbouttheAuthors PartV:CommercializingUsability:TheVendorPerspective ChapterTwentySeven.ZoneAlarm:CreatingUsableSecurityProductsforConsumers Section27.1.AboutZoneAlarm Section27.2.DesignPrinciples Section27.3.EfficientProductionforaFastMarket Section27.4.Conclusion Section27.5.AbouttheAuthor ChapterTwentyEight.FirefoxandtheWorryFreeWeb Section28.1.UsabilityandSecurity:BridgingtheGap Section28.2.TheFiveGoldenRules Section28.3.Conclusion Section28.4.AbouttheAuthor ChapterTwentyNine.UsersandTrust:AMicrosoftCaseStudy Section29.1.UsersandTrust Section29.2.ConsentDialogs
Section29.3.WindowsXPServicePack2ACaseStudy Section29.4.PopUpBlocking Section29.5.TheIdeal Section29.6.Conclusion Section29.7.AbouttheAuthor ChapterThirty.IBMLotusNotes/Domino:EmbeddingSecurityinCollaborativeApplications Section30.1.UsableSecureCollaboration Section30.2.EmbeddingandSimplifyingPublicKeySecurity Section30.3.DesigningSecurityDisplays Section30.4.UserControlofActiveContentSecurity Section30.5.Conclusion Section30.6.AbouttheAuthor ChapterThirtyOne.AchievingUsableSecurityinGrooveVirtualOffice Section31.1.AboutGrooveVirtualOffice Section31.2.GrooveVirtualOfficeDesign Section31.3.Administrators'StrengthsandWeaknesses Section31.4.SecurityandUsability Section31.5.AbouttheAuthors PartVI:TheClassics ChapterThirtyTwo.UsersAreNottheEnemy Section32.1.TheStudy Section32.2.UsersLackSecurityKnowledge Section32.3.SecurityNeedsUserCenteredDesign Section32.4.MotivatingUsers Section32.5.UsersandPasswordBehavior
Section32.6.AbouttheAuthors ChapterThirtyThree.UsabilityandPrivacy:AStudyofKaZaAP2PFileSharing Section33.1.Introduction Section33.2.UsabilityGuidelines Section33.3.ResultsoftheCognitiveWalkthrough Section33.4.ATwoPartUserStudy Section33.5.Conclusion Section33.6.Acknowledgments Section33.7.AbouttheAuthors ChapterThirtyFour.WhyJohnnyCan'tEncrypt Section34.1.Introduction Section34.2.UnderstandingtheProblem Section34.3.EvaluationMethods Section34.4.CognitiveWalkthrough Section34.5.UserTest Section34.6.Conclusion Section34.7.RelatedWork Section34.8.Acknowledgments Section34.9.AbouttheAuthors Colophon
Section2.7.SpoofedHTTPRequests Chapter3.DatabasesandSQL Section3.1.ExposedAccessCredentials Section3.2.SQLInjection Section3.3.ExposedData Chapter4.SessionsandCookies Section4.1.CookieTheft Section4.2.ExposedSessionData Section4.3.SessionFixation Section4.4.SessionHijacking Chapter5.Includes Section5.1.ExposedSourceCode Section5.2.BackdoorURLs Section5.3.FilenameManipulation Section5.4.CodeInjection Chapter6.FilesandCommands Section6.1.TraversingtheFilesystem Section6.2.RemoteFileRisks Section6.3.CommandInjection Chapter7.AuthenticationandAuthorization Section7.1.BruteForceAttacks Section7.2.PasswordSniffing Section7.3.ReplayAttacks Section7.4.PersistentLogins Chapter8.SharedHosting
Section8.1.ExposedSourceCode Section8.2.ExposedSessionData Section8.3.SessionInjection Section8.4.FilesystemBrowsing Section8.5.SafeMode AppendixA.ConfigurationDirectives SectionA.1.allow_url_fopen SectionA.2.disable_functions SectionA.3.display_errors SectionA.4.enable_dl SectionA.5.error_reporting SectionA.6.file_uploads SectionA.7.log_errors SectionA.8.magic_quotes_gpc SectionA.9.memory_limit SectionA.10.open_basedir SectionA.11.register_globals SectionA.12.safe_mode AppendixB.Functions SectionB.1.eval() SectionB.2.exec() SectionB.3.file() SectionB.4.file_get_contents() SectionB.5.fopen() SectionB.6.include
SectionB.7.passthru() SectionB.8.phpinfo() SectionB.9.popen() SectionB.10.preg_replace() SectionB.11.proc_open() SectionB.12.readfile() SectionB.13.require SectionB.14.shell_exec() SectionB.15.system() AppendixC.Cryptography SectionC.1.StoringPasswords SectionC.2.Usingmcrypt SectionC.3.StoringCreditCardNumbers SectionC.4.EncryptingSessionData AbouttheAuthor Colophon
Section2.5.WhatFunctionalityIsGained,Degraded,orEnhancedonVoIPNetworks? Section2.6.Summary Section2.7.SolutionsFastTrack Section2.8.FrequentlyAskedQuestions Chapter3.TheHardwareInfrastructure Section3.1.Introduction Section3.2.TraditionalPBXSystems Section3.3.PBXAlternatives Section3.4.VoIPTelephonyandInfrastructure Section3.5.Summary Section3.6.SolutionsFastTrack Section3.7.FrequentlyAskedQuestions Chapter4.PSTNArchitecture Section4.1.Introduction Section4.2.PSTN:WhatIsIt,andHowDoesItWork? Section4.3.PSTNCallFlow Section4.4.PSTNProtocolSecurity Section4.5.Summary Section4.6.SolutionsFastTrack Section4.7.FrequentlyAskedQuestions Chapter5.H.323Architecture Section5.1.Introduction Section5.2.TheH.323ProtocolSpecification Section5.3.ThePrimaryH.323VoIPRelatedProtocols Section5.4.H.235SecurityMechanisms
Section5.5.Summary Section5.6.SolutionsFastTrack Section5.7.FrequentlyAskedQuestions Chapter6.SIPArchitecture Section6.1.Introduction Section6.2.UnderstandingSIP Section6.3.SIPFunctionsandFeatures Section6.4.SIPArchitecture Section6.5.InstantMessagingandSIMPLE Section6.6.Summary Section6.7.SolutionsFastTrack Section6.8.FrequentlyAskedQuestions Chapter7.OtherVoIPCommunicationArchitectures Section7.1.Introduction Section7.2.Skype Section7.3.SkypeMessagingSequence Section7.4.H.248 Section7.5.H.248MessagingSequence Section7.6.IAX Section7.7.IAXMessagingSequence Section7.8.MicrosoftLiveCommunicationServer2005 Section7.9.Summary Section7.10.SolutionsFastTrack Section7.11.FrequentlyAskedQuestions Chapter8.SupportProtocols
Section8.1.Introduction Section8.2.DNS Section8.3.TFTP Section8.4.HTTP Section8.5.SNMP Section8.6.DHCP Section8.7.RSVP Section8.8.SDP Section8.9.Skinny Section8.10.Summary Section8.11.SolutionsFastTrack Section8.12.FrequentlyAskedQuestions Chapter9.ThreatstoVoIPCommunicationsSystems Section9.1.Introduction Section9.2.DenialofServiceorVoIPServiceDisruption Section9.3.CallHijackingandInterception Section9.4.H.323SpecificAttacks Section9.5.SIPSpecificAttacks Section9.6.Summary Section9.7.SolutionsFastTrack Section9.8.FrequentlyAskedQuestions Chapter10.ValidateExistingSecurityInfrastructure Section10.1.Introduction Section10.2.SecurityPoliciesandProcesses Section10.3.PhysicalSecurity
Section10.4.ServerHardening Section10.5.SupportingServices Section10.6.UnifiedNetworkManagement Section10.7.Summary Section10.8.SolutionsFastTrack Section10.9.FrequentlyAskedQuestions Chapter11.ConfirmUserIdentity Section11.1.Introduction Section11.2.802.1xand802.11i(WPA2) Section11.3.PublicKeyInfrastructure Section11.4.MinorAuthenticationMethods Section11.5.Summary Section11.6.SolutionsFastTrack Section11.7.FrequentlyAskedQuestions Chapter12.ActiveSecurityMonitoring Section12.1.Introduction Section12.2.NetworkIntrusionDetectionSystems Section12.3.HostBasedIntrusionDetectionSystems Section12.4.Logging Section12.5.PenetrationandVulnerabilityTesting Section12.6.Summary Section12.7.SolutionsFastTrack Section12.8.FrequentlyAskedQuestions Chapter13.LogicallySegregateNetworkTraffic Section13.1.Introduction
Section13.2.VLANs Section13.3.QoSandTrafficShaping Section13.4.NATandIPAddressing Section13.5.Firewalls Section13.6.AccessControlLists Section13.7.Summary Section13.8.SolutionsFastTrack Section13.9.FrequentlyAskedQuestions Chapter14.IETFEncryptionSolutionsforVoIP Section14.1.Introduction Section14.2.SuitesfromtheIETF Section14.3.S/MIME:MessageAuthentication Section14.4.TLS:KeyExchangeandSignalingPacketSecurity Section14.5.SRTP:Voice/VideoPacketSecurity Section14.6.Summary Section14.7.IETFRFCs Section14.8.FrequentlyAskedQuestions Chapter15.RegulatoryCompliance Section15.1.Introduction Section15.2.SOX:SarbanesOxleyAct Section15.3.GLBA:GrammLeachBlileyAct Section15.4.HIPAA:HealthInsurancePortabilityandAccountabilityAct Section15.5.CALEA:CommunicationsAssistanceforLawEnforcementAct Section15.6.E911:Enhanced911andRelatedRegulations Section15.7.EUandEUMemberSates'eCommunicationsRegulations
Section15.8.Summary Section15.9.SolutionsFastTrack Section15.10.FrequentlyAskedQuestions Chapter16.TheIPMultimediaSubsystem:TrueConvergedCommunications Section16.1.Introduction Section16.2.IMSArchitecture Section16.3.CommunicationFlowinIMS Section16.4.IMSSecurityArchitecture Section16.5.IMSSecurityIssues Section16.6.Summary Section16.7.References Section16.8.SolutionsFastTrack Section16.9.FrequentlyAskedQuestions Chapter17.Recommendations Section17.1.Introduction Section17.2.ReuseExistingSecurityInfrastructureWisely Section17.3.ConfirmUserIdentity Section17.4.ActiveSecurityMonitoring Section17.5.LogicallySegregateVoIPfromDataTraffic Section17.6.Summary Section17.7.SolutionsFastTrack Section17.8.FrequentlyAskedQuestions Index
Section1.8.CommercialSolutions:ArcSightandNetforensics Section1.9.Summary Section1.10.SolutionsFastTrack Section1.11.FrequentlyAskedQuestions Chapter2.IDSReporting Section2.1.Introduction Section2.2.Session/FlowLoggingwithSnort Section2.3.Session/FlowLoggingwithArgus Section2.4.CanYouDetermineWhenaDDoS/DoSAttackIsOccurring? Section2.5.UsingSnortforBandwidthMonitoring Section2.6.UsingBrotoLogandCaptureApplicationLevelProtocols Section2.7.TrackingUsers'WebActivitieswithBro Section2.8.UsingBrotoGatherDNSandWebTrafficData Section2.9.UsingBroforBlackholingTraffictoMalwareInfestedDomains Section2.10.UsingBrotoIdentifyTopEMailSenders/Receivers Section2.11.Summary Section2.12.SolutionsFastTrack Section2.13.FrequentlyAskedQuestions Chapter3.FirewallReporting Section3.1.FirewallReporting:AReflectionoftheEffectivenessofSecurityPolicies Section3.2.TheSupportingInfrastructureforFirewallLogManagement Section3.3.Summary Section3.4.SolutionsFastTrack Section3.5.FrequentlyAskedQuestions Chapter4.SystemsandNetworkDeviceReporting
Section4.1.Introduction Section4.2.WebServerLogs Section4.3.ReconandAttackInformation Section4.4.CorrelatingDatawiththeHostSystem Section4.5.TopAttackerandTopUserfortheWebServer Section4.6.Summary Section4.7.SolutionsFastTrack Section4.8.FrequentlyAskedQuestions Chapter5.CreatingaReportingInfrastructure Section5.1.Introduction Section5.2.CreatingIDSReportsfromSnortLogsExampleReportQueries Section5.3.CreatingIDSReportsfromBroLogsApplicationLogInformation Section5.4.Summary Section5.5.SolutionsFastTrack Section5.6.FrequentlyAskedQuestions Chapter6.ScalableEnterpriseSolutions(ESMDeployments) Section6.1.Introduction Section6.2.WhatIsESM? Section6.3.WhenDeployingESMMakesSense Section6.4.WhichSecurityReportingToolstoAggregateintoESM Section6.5.UsingESMReportingforMaximumPerformance Section6.6.SpecialConsiderationsforUsingESM Section6.7.LessonsLearnedImplementingESM Section6.8.Summary Section6.9.SolutionsFastTrack
Section6.10.FrequentlyAskedQuestions Chapter7.ManagingLogFileswithMicrosoftLogParser Section7.1.Introduction Section7.2.LogFileConversion Section7.3.LogRotationandArchival Section7.4.SeparatingLogs Section7.5.Summary Section7.6.SolutionsFastTrack Section7.7.FrequentlyAskedQuestions Chapter8.InvestigatingIntrusionswithMicrosoftLogParser Section8.1.Introduction Section8.2.LocatingIntrusions Section8.3.MonitoringIIS Section8.4.Summary Section8.5.SolutionsFastTrack Section8.6.FrequentlyAskedQuestions Chapter9.ManagingSnortAlertswithMicrosoftLogParser Section9.1.Introduction Section9.2.BuildingSnortIDSReports Section9.3.Summary Index
HowTestersCanLeverageaThreatModel DataFlowDiagrams EnumerationofEntryPointsandExitPoints EnumerationofThreats HowTestersShouldUseaCompletedThreatModel ImplementationRarelyMatchestheSpecificationorThreatModel Summary Chapter3.FindingEntryPoints FindingandRankingEntryPoints CommonEntryPoints Summary Chapter4.BecomingaMaliciousClient Client/ServerInteraction TestingHTTP TestingSpecificNetworkRequestsQuickly TestingTips Summary Chapter5.BecomingaMaliciousServer UnderstandingCommonWaysClientsReceiveMaliciousServerResponses DoesSSLPreventMaliciousServerAttacks? ManipulatingServerResponses ExamplesofMaliciousResponseBugs Myth:ItIsDifficultforanAttackertoCreateaMaliciousServer UnderstandingDowngradeMITMAttacks TestingTips
Summary Chapter6.Spoofing GraspingtheImportanceofSpoofingIssues FindingSpoofingIssues GeneralSpoofing UserInterfaceSpoofing TestingTips Summary Chapter7.InformationDisclosure ProblemswithInformationDisclosure LocatingCommonAreasofInformationDisclosure IdentifyingInterestingData Summary Chapter8.BufferOverflowsandStackandHeapManipulation UnderstandingHowOverflowsWork TestingforOverruns:WheretoLookforCases BlackBox(Functional)Testing WhiteBoxTesting AdditionalTopics TestingTips Summary Chapter9.FormatStringAttacks WhatAreFormatStrings? UnderstandingWhyFormatStringsAreaProblem TestingforFormatStringVulnerabilities
Walkthrough:SeeingaFormatStringAttackinAction TestingTips Summary Chapter10.HTMLScriptingAttacks UnderstandingReflectedCrossSiteScriptingAttacksAgainstServers UnderstandingPersistentXSSAttacksAgainstServers IdentifyingAttackableDataforReflectedandPersistentXSSAttacks CommonWaysProgrammersTrytoStopAttacks UnderstandingReflectedXSSAttacksAgainstLocalFiles UnderstandingScriptInjectionAttacksintheMyComputerZone WaysProgrammersTrytoPreventHTMLScriptingAttacks UnderstandingHowInternetExplorerMitigatesXSSAttacksAgainstLocalFiles IdentifyingHTMLScriptingVulnerabilities FindingHTMLScriptingBugsThroughCodeReview Summary Chapter11.XMLIssues TestingNonXMLSecurityIssuesinXMLInputFiles TestingXMLSpecificAttacks SimpleObjectAccessProtocol TestingTips Summary Chapter12.CanonicalizationIssues UnderstandingtheImportanceofCanonicalizationIssues FindingCanonicalizationIssues FileBasedCanonicalizationIssues
WebBasedCanonicalizationIssues TestingTips Summary Chapter13.FindingWeakPermissions UnderstandingtheImportanceofPermissions FindingPermissionsProblems UnderstandingtheWindowsAccessControlMechanism FindingandAnalyzingPermissionsonObjects RecognizingCommonPermissionsProblems DeterminingtheAccessibilityofObjects OtherPermissionsConsiderations Summary Chapter14.DenialofServiceAttacks UnderstandingTypesofDoSAttacks TestingTips Summary Chapter15.ManagedCodeIssues DispellingCommonMythsAboutUsingManagedCode UnderstandingtheBasicsofCodeAccessSecurity FindingProblemsUsingCodeReviews UnderstandingtheIssuesofUsingAPTCA Decompiling.NETAssemblies TestingTips Summary Chapter16.SQLInjection
ExactlyWhatIsSQLInjection? UnderstandingtheImportanceofSQLInjection FindingSQLInjectionIssues AvoidingCommonMistakesAboutSQLInjection UnderstandingRepurposingofSQLStoredProcedures RecognizingSimilarInjectionAttacks TestingTips Summary Chapter17.ObservationandReverseEngineering ObservationWithoutaDebuggerorDisassembler UsingaDebuggertoTraceProgramExecutionandChangeitsBehavior UsingaDecompilerorDisassemblertoReverseEngineeraProgram AnalyzingSecurityUpdates TestingTips LegalConsiderations Summary Chapter18.ActiveXRepurposingAttacks UnderstandingActiveXControls ActiveXControlTestingWalkthrough TestingTips Summary Chapter19.AdditionalRepurposingAttacks UnderstandingDocumentFormatsThatRequestExternalData WebPagesRequestingExternalData UnderstandingRepurposingofWindowandThreadMessages
Summary Chapter20.ReportingSecurityBugs ReportingtheIssue ContactingtheVendor WhattoExpectAfterContactingtheVendor PublicDisclosure AddressingSecurityBugsinYourProduct Summary AppendixA.ToolsoftheTrade General ActiveX/COM Canonicalization CodeAnalysis Debugging DocumentsandBinaries Fuzzers Memory/Runtime Network Permissions SQL AppendixB.SecurityTestCasesCheatSheet NetworkRequestsandResponses Spoofing InformationDisclosures BufferOverflows
FormatStrings CrossSiteScriptingandScriptInjection XML SOAP CanonicalizationIssues WeakPermissions DenialofService ManagedCode SQLInjection ActiveX AbouttheAuthors TomGallagher BryanJeffries LawrenceLandauer
Phase1 Phase2 SSLVPNs IntrusionDetectionSystems(IDS)andIntrusionPreventionSystems(IPS) PatternMatching ProtocolAnalysis HeuristicBasedAnalysis AnomalyBasedAnalysis AnomalyDetectionSystems Authentication,Authorization,andAccounting(AAA)andIdentityManagement RADIUS TACACS+ IdentityManagementConcepts NetworkAdmissionControl NACAppliance NACFramework RoutingMechanismsasSecurityTools Summary PartII:SecurityLifestyle:FrameworksandMethodologies Chapter2.PreparationPhase RiskAnalysis ThreatModeling PenetrationTesting SocialEngineering SecurityIntelligence
CommonVulnerabilityScoringSystem CreatingaComputerSecurityIncidentResponseTeam(CSIRT) WhoShouldBePartoftheCSIRT? IncidentResponseCollaborativeTeams TasksandResponsibilitiesoftheCSIRT BuildingStrongSecurityPolicies InfrastructureProtection StrongDeviceAccessControl SecuringRoutingProtocols DisablingUnnecessaryServicesonNetworkComponents LockingDownUnusedPortsonNetworkAccessDevices ControlResourceExhaustion PolicyEnforcement AutomatedSecurityToolsWithinCiscoIOS Telemetry EndpointSecurity PatchManagement CiscoSecurityAgent(CSA) NetworkAdmissionControl PhasedApproach AdministrativeTasks StaffandSupport Summary Chapter3.IdentifyingandClassifyingSecurityThreats NetworkVisibility
TelemetryandAnomalyDetection NetFlow SYSLOG SNMP CiscoSecurityMonitoring,AnalysisandResponseSystem(CSMARS) CiscoNetworkAnalysisModule(NAM) OpenSourceMonitoringTools CiscoTrafficAnomalyDetectorsandCiscoGuardDDoSMitigationAppliances IntrusionDetectionandIntrusionPreventionSystems(IDS/IPS) TheImportanceofSignaturesUpdates TheImportanceofTuning AnomalyDetectionWithinCiscoIPSDevices Summary Chapter4.Traceback TracebackintheServiceProviderEnvironment TracebackintheEnterprise Summary Chapter5.ReactingtoSecurityIncidents AdequateIncidentHandlingPoliciesandProcedures LawsandComputerCrimes SecurityIncidentMitigationTools AccessControlLists(ACL) PrivateVLANs RemotelyTriggeredBlackHoleRouting Forensics
LogFiles LinuxForensicsTools WindowsForensics Summary Chapter6.PostmortemandImprovement CollectedIncidentData RootCauseAnalysisandLessonsLearned BuildinganActionPlan Summary Chapter7.ProactiveSecurityFramework SAVEVersusITUTX.805 IdentityandTrust AAA CiscoGuardActiveVerification DHCPSnooping IPSourceGuard DigitalCertificatesandPKI IKE NetworkAdmissionControl(NAC) RoutingProtocolAuthentication StrictUnicastRPF Visibility AnomalyDetection IDS/IPS CiscoNetworkAnalysisModule(NAM)
Layer2andLayer3Information(CDP,RoutingTables,CEFTables) Correlation CSMARS ArborPeakflowSPandPeakflowX CiscoSecurityAgentManagementConsole(CSAMC)BasicEventCorrelation InstrumentationandManagement CiscoSecurityManager ConfigurationLoggerandConfigurationRollback EmbeddedDeviceManagers CiscoIOSXRXMLInterface SNMPandRMON Syslog IsolationandVirtualization CiscoIOSRoleBasedCLIAccess(CLIViews) AnomalyDetectionZones NetworkDeviceVirtualization SegmentationwithVLANs SegmentationwithFirewalls SegmentationwithVRF/VRFLite PolicyEnforcement VisualizationTechniques Summary PartIII:DefenseInDepthApplied Chapter8.WirelessSecurity OverviewofCiscoUnifiedWirelessNetworkArchitecture
AuthenticationandAuthorizationofWirelessUsers WEP WPA 802.1xonWirelessNetworks EAPwithMD5 CiscoLEAP EAPTLS PEAP EAPTunneledTLSAuthenticationProtocol(EAPTTLS) EAPFAST EAPGTC Configuring802.1xwithEAPFASTintheCiscoUnifiedWirelessSolution ConfiguringtheWLC ConfiguringtheCiscoSecureACSServerfor802.1xandEAPFAST ConfiguringtheCSSC LightweightAccessPointProtocol(LWAPP) WirelessIntrusionPreventionSystemIntegration ConfiguringIDS/IPSSensorsintheWLC UploadingandConfiguringIDS/IPSSignatures ManagementFrameProtection(MFP) PreciseLocationTracking NetworkAdmissionControl(NAC)inWirelessNetworks NACApplianceConfiguration WLCConfiguration Summary
Chapter9.IPTelephonySecurity ProtectingtheIPTelephonyInfrastructure AccessLayer DistributionLayer Core SecuringtheIPTelephonyApplications ProtectingCiscoUnifiedCallManager ProtectingCiscoUnifiedCommunicationsManagerExpress(CME) ProtectingCiscoUnity ProtectingCiscoUnityExpress ProtectingCiscoPersonalAssistant HardeningtheCiscoPersonalAssistantOperatingEnvironment CiscoPersonalAssistantServerSecurityPolicies ProtectingAgainstEavesdroppingAttacks Summary Chapter10.DataCenterSecurity ProtectingtheDataCenterAgainstDenialofService(DoS)AttacksandWorms SYNCookiesinFirewallsandLoadBalancers IntrusionPreventionSystems(IPS)andIntrusionDetectionSystems(IDS) CiscoNetFlowintheDataCenter CiscoGuard DataCenterInfrastructureProtection DataCenterSegmentationandTieredAccessControl SegmentingtheDataCenterwiththeCiscoFWSM DeployingNetworkIntrusionDetectionandPreventionSystems
SendingSelectiveTraffictotheIDS/IPSDevices MonitoringandTuning DeployingtheCiscoSecurityAgent(CSA)intheDataCenter CSAArchitecture ConfiguringAgentKits PhasedDeployment Summary Chapter11.IPv6Security Reconnaissance FilteringinIPv6 FilteringAccessControlLists(ACL) ICMPFiltering ExtensionHeadersinIPv6 Spoofing HeaderManipulationandFragmentation BroadcastAmplificationorSmurfAttacks IPv6RoutingSecurity IPsecandIPv6 Summary PartIV:CaseStudies Chapter12.CaseStudies CaseStudyofaSmallBusiness RaleighOfficeCiscoASAConfiguration AtlantaOfficeCiscoIOSConfiguration LockingDowntheCiscoIOSRouter
ConfiguringBasicNetworkAddressTranslation(NAT) ConfiguringSitetoSiteVPN CaseStudyofaMediumSizedEnterprise ProtectingtheInternetEdgeRouters ConfiguringtheAIPSSMontheCiscoASA ConfiguringActiveStandbyFailoverontheCiscoASA ConfiguringAAAontheInfrastructureDevices CaseStudyofaLargeEnterprise CreatingaNewComputerSecurityIncidentResponseTeam(CSIRT) CreatingNewSecurityPolicies DeployingIPsecRemoteAccessVPN ReactingtoaSecurityIncident Identifying,Classifying,andTrackingtheSecurityIncidentorAttack ReactingtotheIncident Postmortem
IPBasedNetworkInfrastructure OpenorPublicNetworks OpenVoIPProtocol ExposedInterface RealTimeCommunications Mobility LackofSecurityFeaturesandDevices VoiceandDataIntegration VulnerableComponents MythsVersusReality LegacyVersusVoIPSystems ProtectingNetworksUsingStrictAuthenticationandEncryption ProtectingNetworksUsingaDataSecurityInfrastructure Summary EndNotes References Chapter2.VoIPThreatTaxonomy ThreatsAgainstAvailability CallFlooding MalformedMessages(ProtocolFuzzing) SpoofedMessages CallHijacking QoSAbuse ThreatsAgainstConfidentiality EavesdroppingMedia
CallPatternTracking DataMining Reconstruction ThreatsAgainstIntegrity MessageAlteration CallRerouting CallBlackHoling MediaAlteration ThreatsAgainstSocialContext Misrepresentation CallSpam(SPIT) IMSpam(SPIM) PresenceSpam(SPPP) Phishing Summary EndNotes References Chapter3.SecurityProfilesinVoIPProtocols H.323 Overview SecurityProfiles SIP Overview SecurityProfiles MGCP
Overview SecurityProfiles Summary EndNotes References Chapter4.Cryptography Symmetric(Private)KeyCryptography DES 3DES AES SubBytes ShiftRows MixColumns AddRoundKey Asymmetric(Public)KeyCryptography RSA DigitalSignature Hashing HashFunction(MD5) SHA MessageAuthenticationCode KeyManagement KeyDistribution Summary EndNotes
References Chapter5.VoIPNetworkElements SecurityDevices VoIPAwareFirewall NAT SessionBorderController LawfulInterceptionServer ServiceDevices CustomerPremiseEquipment CallProcessingServers Summary EndNotes References PartII:VoIPSecurityBestPractices Chapter6.AnalysisandSimulationofCurrentThreats DenialofService IntentionalFlooding Simulation Analysis Mitigation UnintentionalFlooding MalformedMessages Simulation Analysis Mitigation
Sniffing/Eavesdropping Simulation Analysis Mitigation Spoofing/IdentityTheft Simulation Analysis Mitigation VoIPSpam VoiceSpam IMSpam PresenceSpam Mitigation Summary EndNotes References Chapter7.ProtectionwithVoIPProtocol Authentication UsertoProxyAuthentication UsertoUserAuthentication Encryption MessageEncryption(S/MIME) S/MIMECertificates S/MIMEKeyExchange FormattingS/MIMEBodies
MediaEncryption TransportandNetworkLayerSecurity TransportLayerSecurity IPSec(Tunneling) ThreatModelandPrevention RegistrationHijacking ImpersonatingaServer TearingDownSessions DenialofServiceandAmplification Limitations DigestAuthenticationLimitations S/MIMELimitations TLSLimitations SIPSURILimitations Summary EndNotes References Chapter8.ProtectionwithSessionBorderController BorderIssues BetweenAccessandCoreNetworks BetweenCoreandPeerNetworks AccessandPeerSBCs SBCFunctionality NetworkTopologyHiding DoSProtection
PolicyDrivenAccessControl HardwareArchitecture OverloadPrevention NATTraversal LawfulInterception OtherFunctions ProtocolConversion Transcoding NumberTranslation QoSMarking ServiceArchitectureDesign HighAvailability NetworkConnectivity ServicePolicyAnalysis Virtualization OptimizationofTrafficFlow DeploymentLocation MediaControl Summary EndNotes References Chapter9.ProtectionwithEnterpriseNetworkDevices Firewall ASAandPIXFirewalls FWSMFirewall
Limitations UnifiedCommunicationsManagerExpress AccessControl PhoneRegistrationControl SecureGUIManagement ClassofRestriction AfterHoursCallBlocking UnifiedCommunicationsManager SecurityFeaturesandCertificates IntegrityandAuthentication Encryption ConfigurationGuideline AccessDevices IPPhone Switch VLANACL DeploymentExample Summary EndNotes References PartIII:LawfulInterception(CALEA) Chapter10.LawfulInterceptionFundamentals DefinitionandBackground RequirementsfromLawEnforcementAgents ReferenceModelfromanArchitecturalPerspective
AF(AccessFunction) DF(DeliveryFunction) CF(CollectionFunction) SPAF(ServiceProviderAdministrationFunction) LEAF(LawEnforcementAdministrationFunction) RequestandResponseInterfaces OperationalConsiderations DetectionbytheTargetSubscriber AddressInformationforCallContentInterception ContentEncryption UnauthorizedCreationandDetection CallForwardingorTransfer Capacity Summary EndNotes Chapter11.LawfulInterceptionImplementation InterceptRequestInterface SIPPDCSHeader InterceptProcessFlowforOutboundCall InterceptProcessFlowforInboundCall CiscoSII CallDataandContentConnectionInterfaces CallContentConnectionInterface CallDataConnectionInterface InterfaceBetweenMDandLEA
Summary EndNotes
Recipe2.1.InstallingFirefox Recipe2.2.InstallingFirefoxExtensions Recipe2.3.InstallingFirebug Recipe2.4.InstallingOWASPsWebScarab Recipe2.5.InstallingPerlandPackagesonWindows Recipe2.6.InstallingPerlandUsingCPANonLinux,Unix,orOSX Recipe2.7.InstallingCAL9000 Recipe2.8.InstallingtheViewStateDecoder Recipe2.9.InstallingcURL Recipe2.10.InstallingPornzilla Recipe2.11.InstallingCygwin Recipe2.12.InstallingNikto2 Recipe2.13.InstallingBurpSuite Recipe2.14.InstallingApacheHTTPServer Chapter3.BasicObservation Recipe3.1.ViewingaPagesHTMLSource Recipe3.2.ViewingtheSource,Advanced Recipe3.3.ObservingLiveRequestHeaderswithFirebug Recipe3.4.ObservingLivePostDatawithWebScarab Recipe3.5.SeeingHiddenFormFields Recipe3.6.ObservingLiveResponseHeaderswithTamperData Recipe3.7.HighlightingJavaScriptandComments Recipe3.8.DetectingJavaScriptEvents Recipe3.9.ModifyingSpecificElementAttributes Recipe3.10.TrackElementAttributesDynamically
Recipe3.11.Conclusion Chapter4.WebOrientedDataEncoding Recipe4.1.RecognizingBinaryDataRepresentations Recipe4.2.WorkingwithBase64 Recipe4.3.ConvertingBase36NumbersinaWebPage Recipe4.4.WorkingwithBase36inPerl Recipe4.5.WorkingwithURLEncodedData Recipe4.6.WorkingwithHTMLEntityData Recipe4.7.CalculatingHashes Recipe4.8.RecognizingTimeFormats Recipe4.9.EncodingTimeValuesProgrammatically Recipe4.10.DecodingASP.NETsViewState Recipe4.11.DecodingMultipleEncodings Chapter5.TamperingwithInput Recipe5.1.InterceptingandModifyingPOSTRequests Recipe5.2.BypassingInputLimits Recipe5.3.TamperingwiththeURL Recipe5.4.AutomatingURLTampering Recipe5.5.TestingURLLengthHandling Recipe5.6.EditingCookies Recipe5.7.FalsifyingBrowserHeaderInformation Recipe5.8.UploadingFileswithMaliciousNames Recipe5.9.UploadingLargeFiles Recipe5.10.UploadingMaliciousXMLEntityFiles Recipe5.11.UploadingMaliciousXMLStructure
Recipe5.12.UploadingMaliciousZIPFiles Recipe5.13.UploadingSampleVirusFiles Recipe5.14.BypassingUserInterfaceRestrictions Chapter6.AutomatedBulkScanning Recipe6.1.SpideringaWebsitewithWebScarab Recipe6.2.TurningSpiderResultsintoanInventory Recipe6.3.ReducingtheURLstoTest Recipe6.4.UsingaSpreadsheettoPareDowntheList Recipe6.5.MirroringaWebsitewithLWP Recipe6.6.MirroringaWebsitewithwget Recipe6.7.MirroringaSpecificInventorywithwget Recipe6.8.ScanningaWebsitewithNikto Recipe6.9.InterprettingNiktosResults Recipe6.10.ScananHTTPSSitewithNikto Recipe6.11.UsingNiktowithAuthentication Recipe6.12.StartNiktoataSpecificStartingPoint Recipe6.13.UsingaSpecificSessionCookiewithNikto Recipe6.14.TestingWebServiceswithWSFuzzer Recipe6.15.InterpretingWSFuzzersResults Chapter7.AutomatingSpecificTaskswithcURL Recipe7.1.FetchingaPagewithcURL Recipe7.2.FetchingManyVariationsonaURL Recipe7.3.FollowingRedirectsAutomatically Recipe7.4.CheckingforCrossSiteScriptingwithcURL Recipe7.5.CheckingforDirectoryTraversalwithcURL
Recipe7.6.ImpersonatingaSpecificKindofWebBrowserorDevice Recipe7.7.InteractivelyImpersonatingAnotherDevice Section7.8.ImitatingaSearchEnginewithcURL Recipe7.9.FakingWorkflowbyForgingRefererHeaders Recipe7.10.FetchingOnlytheHTTPHeaders Recipe7.11.POSTingwithcURL Recipe7.12.MaintainingSessionState Recipe7.13.ManipulatingCookies Recipe7.14.UploadingaFilewithcURL Recipe7.15.BuildingaMultistageTestCase Recipe7.16.Conclusion Chapter8.AutomatingwithLibWWWPerl Recipe8.1.WritingaBasicPerlScripttoFetchaPage Recipe8.2.ProgrammaticallyChangingParameters Recipe8.3.SimulatingFormInputwithPOST Recipe8.4.CapturingandStoringCookies Recipe8.5.CheckingSessionExpiration Recipe8.6.TestingSessionFixation Recipe8.7.SendingMaliciousCookieValues Recipe8.8.UploadingMaliciousFileContents Recipe8.9.UploadingFileswithMaliciousNames Recipe8.10.UploadingVirusestoApplications Recipe8.11.ParsingforaReceivedValuewithPerl Recipe8.12.EditingaPageProgrammatically recipe8.13.UsingThreadingforPerformance
Chapter9.SeekingDesignFlaws Recipe9.1.BypassingRequiredNavigation Recipe9.2.AttemptingPrivilegedOperations Recipe9.3.AbusingPasswordRecovery Recipe9.4.AbusingPredictableIdentifiers Recipe9.5.PredictingCredentials Recipe9.6.FindingRandomNumbersinYourApplication Section9.7.TestingRandomNumbers Recipe9.8.AbusingRepeatability Recipe9.9.AbusingHighLoadActions Recipe9.10.AbusingRestrictiveFunctionality Recipe9.11.AbusingRaceConditions Chapter10.AttackingAJAX Recipe10.1.ObservingLiveAJAXRequests Recipe10.2.IdentifyingJavaScriptinApplications Recipe10.3.TracingAJAXActivityBacktoItsSource Recipe10.4.InterceptingandModifyingAJAXRequests Recipe10.5.InterceptingandModifyingServerResponses Recipe10.6.SubvertingAJAXwithInjectedData Recipe10.7.SubvertingAJAXwithInjectedXML Recipe10.8.SubvertingAJAXwithInjectedJSON Recipe10.9.DisruptingClientState Recipe10.10.CheckingforCrossDomainAccess Recipe10.11.ReadingPrivateDataviaJSONHijacking Chapter11.ManipulatingSessions
Recipe11.1.FindingSessionIdentifiersinCookies Recipe11.2.FindingSessionIdentifiersinRequests Recipe11.3.FindingAuthorizationHeaders Recipe11.4.AnalyzingSessionIDExpiration Recipe11.5.AnalyzingSessionIdentifierswithBurp Recipe11.6.AnalyzingSessionRandomnesswithWebScarab Recipe11.7.ChangingSessionstoEvadeRestrictions Recipe11.8.ImpersonatingAnotherUser Recipe11.9.FixingSessions Recipe11.10.TestingforCrossSiteRequestForgery Chapter12.MultifacetedTests Recipe12.1.StealingCookiesUsingXSS Recipe12.2.CreatingOverlaysUsingXSS Recipe12.3.MakingHTTPRequestsUsingXSS Recipe12.4.AttemptingDOMBasedXSSInteractively Recipe12.5.BypassingFieldLengthRestrictions(XSS) Recipe12.6.AttemptingCrossSiteTracingInteractively Recipe12.7.ModifyingHostHeaders Recipe12.8.BruteForceGuessingUsernamesandPasswords Recipe12.9.AttemptingPHPIncludeFileInjectionInteractively Recipe12.10.CreatingDecompressionBombs Recipe12.11.AttemptingCommandInjectionInteractively Recipe12.12.AttemptingCommandInjectionSystematically Recipe12.13.AttemptingXPathInjectionInteractively Recipe12.14.AttemptingServerSideIncludes(SSI)InjectionInteractively
XML SOAP TheMessagingModel SecurityChallenges ThreatsandRisks Policy Internet Intranet Extranet Wireless Countermeasures WS*FamilyofStandards VirtualDomainModelforWebServicesSecurity SecurityDomains Enclaves TrustRelationships TheModel Summary References Chapter2.ThreatsandAttacks Threats,Vulnerabilities,andCountermeasures EnsuringReliability VandalismandSabotage DenialofService PrivacyandConfidentialityBreaches
DataIntegrityViolations ManintheMiddleAttacks SpoofingAttacks MobileCodeThreats Fraud SpecialConsiderationsforWebServicesEnvironments Summary References Chapter3.SecurityGoals ProtectingyourAssets CommonSecurityTerms ReducingVulnerabilities RealisticallyAssessingThreats ChoosingtheRightCountermeasures RecognizingandAcceptingResidualRisk ClassicSecurityGoals Confidentiality Integrity Availability TransactionSecurityGoals Authentication Scalability Nonrepudiation TheRoleofSecurityPolicyinWebServicesSecurityEnforcement Summary
References Chapter4.TheInternetandWorldWideWebInfrastructure Internet101 TCP/IP HTTP SecurityDomains ClientSystemVulnerabilities BrowserVulnerabilities JavaVirtualMachineVulnerabilities Networks TCP/IPVulnerabilities HTTPVulnerabilities SMTPVulnerabilities ServerVulnerabilities WebServerVulnerabilities OtherVulnerabilities Summary References Chapter5.WebServices WebServicesStandards XML ElementsandAttributes Namespaces Schemas Transformations
SOAP DocumentStyleMessages RPCStyleMessages Binding WSDL UDDI WebServicesToolkits Summary References Chapter6.SecurityPolicyBasics TheImportanceofSecurityPolicy StepsinDevelopingaSecurityPolicy IdentifytheAssetsYouAreTryingtoProtect ClassifiedInformation Privacy IdentifytheThreatsYouAreProtectingAgainst MapThreatstoProbabilityofLossandCost ImplementCostEffectiveMeasures ContinuouslyReviewandImproveSecurityPolicies TheSecurityPolicyDocument Summary References Chapter7.CommunicatingPolicy ExpressingSecurityPolicyinWebServices WSPolicy
NormalForm CompactForm MergingPoliciesandResolvingConflicts WSSecurityPolicy SecurityTokenAssertion X.509Claims KerberosClaims UsernameClaims ConfidentialityAssertion IntegrityAssertion VisibilityAssertion SecurityHeaderAssertions MessageAgeAssertions PuttingItTogether:AnExample WSPolicyAttachment TyingPoliciestoSubjects MakingPoliciesDiscoverable EffectivePolicy Summary References Chapter8.ProtectingtheSystemComponents SecurityControlsfortheSystemComponents TheClient WorkstationVulnerabilities OperatingSystemSecurity
BrowserSecurity DownloadingComponents ActivexSecurity Controls Authenticode JavaSecurity TheJavaVirtualMachine TheSandbox SigningCode Scripting PlugIns TheNetwork NetworkVulnerabilities WirelessCommunications Firewalls Gateways,Guards,andRouters VirtualPrivateNetworks Servers WebServerVulnerabilities CGIFlaws DenialofService WeakAuthentication OperatingSystemSecurity UserAccounts ServerHardening
FileAccess/Permissions FileContent Summary References Chapter9.ProtectingMessages,Transactions,andData ProtectingaWebServicesExchange SecuringtheCommunicationsChannel Link,Network,andApplicationsLayerEncryption PointtoPointEncryption EndtoEndEncryption UsingSSLtoEstablishSecureSessions IdentityManagementandTrust TrustRelationships IdentityManagement PasswordsandPassPhrases SmartCards ThirdPartyBrokers CertificateAuthorities KerberosAuthenticationServers PolicyDecisionPoints Microsoft.NETPassport LibertyAlliance Authentication UserIDsandPasswords X.509PublicKeyAuthentication
LDAP(TheRoleofDirectoryServices) Kerberos Authorization BasicWebServers J2EEApplicationsServers ASP.NETServers AccessControl ChoosingtheIdentityMappingScheme MandatoryAccessControls ChoosingtheAccessControlDecisionPoint ProtectingDataasClosetotheSourceasPossible Summary References Chapter10.ImplementingtheInformationSecurityTriad Confidentiality Encryption Steganography SSLandTLS Integrity DigitalSignatures Nonrepudiation Summary References Chapter11.CommunicatingSecurityCredentials ClientServerCredentialCommunication
WSSecurity MessageSecurityModel SecurityHeaderElement IncludingTokensbyValue IncludingTokensbyReference XMLEncryption XMLSignature MessageProtection PuttingitTogether:AnExample Summary References Chapter12.Audit GoalofAudit WhattoAudit AuditableEvents AuditInformation LevelsofAudit Network Server Components Application ActiveVersusPassiveAuditing AuditDataProcessing IntrusionDetectionandPreventionSystems IntrusionDetectionSystemBasics
IntrusionPreventionSystems Summary References Chapter13.VirtualDomainModelforWebServicesSecurity TrustRelationships GeneralSecurityContextModel TypesofTrustRelationships TrustRelationshipsBetweenPrincipals TrustDomains TrustRelationshipsBetweenDomains CreatingPhysicalandLogicalTrustDomains WhereShouldTrustRelationshipsBeCreated? WhatCredentialsWillBeUsed? WhatAretheIntegrityandConfidentialityConsiderations? HowWillCredentialsBeProvisioned? WhatPrincipalsWillaGivenPrincipalTrust? FixedTrustRoots TrustHierarchies AuthenticationService CreatingVirtualTrustDomains ExperienceBased ReferenceBased ReputationBased Summary References
Chapter14.EstablishingandCommunicatingTrust TypesofTrustRelationships WSTrust TheWebServicesTrustModel RequestingandReturningTokens:TheSTSFramework NegotiationandChallengeExtensions KeyandTokenExtensions WSFederation BasicConcepts FederationMetadata AttributeandPseudonymServices WSSecureConversation SecurityContext ContextBinding XKMS XMLKeyRegistrationService XMLKeyInformationService XMLKeyManagementServiceBulkOperations SAML XACML Summary References Chapter15.PullingItAllTogether:UsingVirtualTrustDomainstoSecureEnterpriseWebServices EnterpriseWebServices Step1:IdentifythePartiesInvolved
WhoAretheClients? HowWillClientsAccesstheService? HowWillClientsDiscovertheService? WhatIntermediariesAreInvolvedintheTransaction? DoestheWebServiceuseOtherServices? Step2:IdentifyRelevantDomainInfrastructureandCapabilities HowManySecurityDomainsareInvolvedinSupportingtheService? WhatSecurityServicesareProvidedintheDomainsInvolved? WhatTokenServicesareInvolvedinProvidingthoseServices? WhatSupportingServicesareProvidedintheDomainsInvolved? Step3:IdentifyNecessarySecurityServicesBasedonLocalPolicies AreAuthenticationServicesNeeded? WhatResourceorInformationNeedsToBeProtected? AreAuthorizationandAccessControlServicesNeeded? AreConfidentialityServicesNeeded? AreIntegrityServicesNeeded? Step4:IdentifyGapsandProjectaVirtualTrustDomain MissingServices DifferencesinServices SecurityRelevantDifferencesinLevels NewBoundariesandBoundaryServices Step5:AllocateNewInfrastructureServicesAcrossPhysicalandLogicalDomains SecurityServices SupportServices ServiceDistributionStrategy
Step6:AllocateSecurityServicesAcrossActors J2EEEnvironment .NetEnvironment CrossingaTechnologyBoundary Step7:CreateandDistributeDiscoveryandPolicyArtifacts Summary Chapter16.FutureScape GoingMobile WhatisSelfProtectingData? ProtectingDatainTransit ProtectingDataatRest ProtectingDatainUse DigitalRightsManagement RightsExpressionLanguages WebServicesRole Summary References AppendixA.TheSecurityPolicyDocument Introduction ResponsibleOrganizations PhysicalSecurity PersonnelSecurity SecurityStandards DefendingtheComputingEnvironment WorkstationSecurity
ServerSecurity HTTPServices DatabaseManagementSystem(DBMS)Services ApplicationsServices NetworkSecurity SecureMessaging MobileCode DefendingtheEnclaveBoundary Firewalls VirtualPrivateNetworks(VPNs) RemoteAccess Guards ContentFiltering VirusProtection GatewaySpamFilteringandVirusProtection DefendingtheNetworkandInfrastructure SupportingInfrastructure KeyManagement IntrusionProtection Audit BackupsandRetention DisasterRecovery WebServices SecurityIncidentHandlingandResponse Notification
Chapter13.WhyMostPeopleShouldn'tRunIntrusionPreventionSystems Chapter14.ProblemswithHostIntrusionPrevention Chapter15.PlentyofPhishintheSea Chapter16.TheCultofSchneier Chapter17.HelpingOthersStaySafeontheInternet Chapter18.SnakeOil:LegitimateVendorsSellIt,Too Chapter19.LivinginFear? Chapter20.IsAppleReallyMoreSecure? Chapter21.OK,YourMobilePhoneIsInsecure;ShouldYouCare? Chapter22.DoAVVendorsWriteTheirOwnViruses? Chapter23.OneSimpleFixfortheAVIndustry Chapter24.OpenSourceSecurity:ARedHerring Chapter25.WhySiteAdvisorWasSuchaGoodIdea Chapter26.IsThereAnythingWeCanDoAboutIdentityTheft? Chapter27.Virtualization:HostSecurity'sSilverBullet? Chapter28.WhenWillWeGetRidofAlltheSecurityVulnerabilities? Chapter29.ApplicationSecurityonaBudget Chapter30."ResponsibleDisclosure"Isn'tResponsible Chapter31.AreManintheMiddleAttacksaMyth? Chapter32.AnAttackonPKI Chapter33.HTTPSSucks;Let'sKillIt! Chapter34.CrAPTCHAandtheUsability/SecurityTradeoff Chapter35.NoDeathforthePassword Chapter36.SpamIsDead Chapter37.ImprovingAuthentication
Chapter38.CloudInsecurity? Chapter39.WhatAVCompaniesShouldBeDoing(AV2.0) Chapter40.VPNsUsuallyDecreaseSecurity Chapter41.UsabilityandSecurity Chapter42.Privacy Chapter43.Anonymity Chapter44.ImprovingPatchManagement Chapter45.AnOpenSecurityIndustry Chapter46.Academics Chapter47.Locksmithing Chapter48.CriticalInfrastructure AppendixA.Epilogue Colophon
1.2.9.SecureFTP 1.2.10.Intrusiondetection 1.2.11.Compliancetopolicy Chapter2.z/VSEBasicSecurityManager 2.1.BSMconcept 2.1.1.SystemAuthorizationFacility 2.1.2.Securityfiles 2.1.3.Securityserverpartition 2.1.4.BSMprocessing 2.1.5.CommonstartupforBSMandESM 2.2.InstallingandcustomizingBSM 2.3.BSMadministration 2.3.1.Securitysystemsettings 2.3.2.Userdefinition 2.3.3.Groupdefinition 2.3.4.Resourceprofiledefinition 2.4.BSMauditing 2.4.1.Enablingauditing 2.4.2.DMFsetup 2.4.3.BSMreportwriter(BSTRPWTR) 2.5.BSMbackups 2.5.1.VSAMbackups 2.5.2.BSMbackupandmigrationwithBSTSAVER Chapter3.LDAPsignonsupport 3.1.LDAPandz/VSE
3.2.Risksofthecurrentsituation 3.3.LDAPterminology 3.3.1.Overviewandterms 3.3.2.LDIFfiles 3.4.Thez/VMLDAPserver 3.5.LDAPsignonofz/VSE 3.5.1.LDAPusermappingfile 3.5.2.Strictmode 3.5.3.LDAPpasswordcache 3.6.ConfigureandactivateLDAPsignonsupport 3.6.1.LDAPconfigurationexampleskeleton 3.6.2.Signontoz/VSEwithactiveLDAPsignonsupport 3.7.AdministeringtheLDAPusermappingfile 3.8.LDAPsamplesetup 3.8.1.ModifyingtheLDAPconfigurationphase 3.8.2.MappinganintranetuserIDtoaz/VSEuserID 3.8.3.ModifyingtheTCP/IPsetup 3.8.4.SettingupforSSL 3.8.5.Observations Chapter4.Cryptographyonz/VSE 4.1.Cryptographyintroduction 4.1.1.Moderncryptography 4.1.2.Cipherblockchaining 4.1.3.Verifyingtheidentityofcommunicationpartners 4.1.4.Ensuringdataintegrity
4.1.5.Combiningtheadvantagesofthesealgorithms 4.1.6.Usingcertificates 4.1.7.Comparisonofkeysizes 4.1.8.Passwordbasedencryption 4.1.9.Publickeyencryption 4.2.Hardwarebasedencryptionwithz/VSE 4.2.1.Hardwareoverview 4.2.2.Planningyourcryptoconfiguration 4.2.3.LPARcryptographicconfiguration 4.2.4.Operatorcommands 4.2.5.Cryptographyforguestsonz/VM 4.2.6.Availablealgorithmsandkeylengths 4.2.7.Changingthestatusofhardwarebasedencryption 4.2.8.Updateswithz10BCandEC 4.2.9.Updateswithz/VSEV4R2 4.3.Hardwarebasedtapeencryptionwithz/VSE 4.3.1.Encryptingdata 4.3.2.Decryptingdata 4.3.3.z/VSEconsiderations 4.3.4.Hardwareandsoftwarerequirements 4.3.5.Writingandreadingencrypteddatainz/VSE 4.3.6.Recognizinganencryptedtape 4.3.7.Additionalhintstousehardwarebasedtapeencryption 4.4.ExampleofTS1120installation 4.4.1.Installingtheprerequisiteprograms
4.4.2.SettinguptheTS1120 4.4.3.SettinguptheEKM 4.4.4.z/VSEconsiderations 4.4.5.Observations 4.5.Softwarebasedencryptionwithz/VSE 4.5.1.EncryptionFacilityforz/VSE 4.5.2.Performanceconsiderations 4.5.3.Passwordbasedencryption 4.5.4.Publickeyencryption Chapter5.SecureSocketsLayerwithz/VSE 5.1.Generatingtheserverkeyandcertificates 5.1.1.Definingthepropertiesofthez/VSEsystem 5.1.2.Creatingthez/VSEkeyandcertificates 5.2.SSLsetupforJavabasedconnector 5.2.1.Settingupz/VSEConnectorServerforSSL 5.2.2.Settingupz/VSENavigatorforSSL 5.2.3.Connectingtoz/VSEusingSSLserverauthentication 5.2.4.Considerationswithclientauthentication 5.2.5.UsingencryptionwithAES256 5.3.SSLsetupforWebbrowsers 5.3.1.SettingupSSLnativemodewithHTTPD 5.3.2.Considerationson$WEBuser 5.3.3.ConnectingtoHTTPDusingaWebbrowser 5.3.4.ConfiguringciphersinInternetExplorer Chapter6.CICSWebSupportsecurity
6.1.Introduction 6.2.SettingupCWS 6.2.1.DefiningtheTCP/IPservice 6.2.2.ConnectingtoCWS 6.3.SettingupsecureCWS 6.3.1.ConfiguringtheTCP/IPserviceforSSL 6.3.2.ConfiguringtheCICSsysteminitializationparameters 6.4.ClientsetupwithMozillaFirefox 6.4.1.Importingthez/VSEcertificatesduringsessionestablishment 6.4.2.Manuallyimportingthez/VSEcertificatesintoFirefox 6.4.3.ConfiguringciphersuitesinFirefox 6.4.4.StartingasecuresessionwithFirefox 6.5.ClientsetupwithMicrosoftInternetExplorer 6.5.1.Importingthez/VSEcertificatesduringsessionestablishment 6.5.2.Manuallyimportingthez/VSEcertificatesintoInternetExplorer 6.5.3.ConfiguringciphersuitesinInternetExplorer 6.5.4.StartingasecuresessionwithInternetExplorer 6.6.Settingupforclientauthentication 6.6.1.UsingInternetExplorer 6.6.2.ClientauthenticationwithuserIDmapping 6.7.Observations 6.7.1.AbendAKEAinDFHSOSE 6.7.2.Abendcodex'080C'inmoduleDFHSOSE Chapter7.Connectorsecurity 7.1.Javabasedconnectorsecurity
7.1.1.SecurityfeaturesoftheJavabasedconnector 7.2.z/VSEscriptconnectorsecurity 7.2.1.Securityfeaturesofthez/VSEscriptconnector 7.3.WebservicesecuritywhenusingSOAP 7.3.1.TransportLayerSecurityandmessagelayersecurity 7.3.2.Webservicesecurityfeatureswithz/VSEastheSOAPserver 7.3.3.Webservicesecurityfeatureswithz/VSEastheSOAPclient Chapter8.TCP/IPsecurity 8.1.TCP/IPsecurityconcept 8.1.1.ControlthesecurityfunctionswiththeSECURITYcommand 8.2.DefininguserIDs 8.2.1.ExplicitlydefininguserIDs 8.3.Securityexitpointsandsecuritymanagers 8.3.1.Flowofasecurityrequest 8.3.2.UsingBasicSecurityManager(BSM)withTCP/IP Chapter9.SecureTelnet 9.1.Introduction 9.2.SettingupaTelnetdaemon,TELNETD 9.3.z/VSEhostsetupforsecureTelnet 9.3.1.SettinguppassthroughmodewithaTLSD 9.3.2.SettingupaTelnetlistenerdaemon 9.4.ClientsetupwithIBMPersonalCommunications 9.4.1.Importingthez/VSEcertificatesintoPCOMM 9.4.2.Startingasecuresession 9.4.3.Settingupforclientauthentication
9.4.4.TakingaPCOMMtrace 9.5.ClientsetupwithAttachmateEXTRA!Xtreme 9.5.1.ImportcertificatesintotheWindowscertificatestore 9.5.2.AttachmateEXTRA!sessionsetup 9.5.3.Viewingthelog 9.5.4.Settingupforclientauthentication Chapter10.SecureFTP 10.1.Introduction 10.2.z/VSEasFTPserver 10.2.1.Setupandstartthez/VSEFTPserver 10.2.2.z/VMconsiderations 10.2.3.Connecttoz/VSEusinganFTPclient 10.2.4.Transferthecertificatetotheclientside 10.3.z/VSEasFTPclient 10.3.1.SamplesetupwithFileZillaserver 10.3.2.Connecttotheserverusingthez/VSEFTPclient 10.4.Considerationsonfirewalls 10.4.1.PassiveversusactiveFTPmode 10.4.2.Restrictingtheportrangeontheserverside 10.4.3.Restrictingtheportrangeontheclientside 10.4.4.ConsiderationsontheDATAPORTparameter 10.4.5.Firewallconfiguration 10.5.Observations 10.5.1.CannotsubmitaVSE/POWERjobwithKeyman/VSE 10.5.2.SSLhandshakingfails
Chapter11.WebSphereMQwithSSL 11.1.Introduction 11.2.InstallingWebSphereMQ 11.2.1.MQinstallationonz/VSE 11.2.2.Maintainingsecurityprofiles 11.2.3.MQinstallationonWindows 11.3.ConfiguringWebSphereMQ 11.3.1.MQconfigurationonz/VSE 11.3.2.MQconfigurationonWindows 11.3.3.Testingthesetup 11.4.ConfiguringforSSL 11.4.1.Creatingthekeysandcertificates 11.4.2.SSLconfigurationonz/VSE 11.4.3.SSLconfigurationonWindows 11.5.ImplementingSSLclientauthentication 11.5.1.Configuringforclientauthenticationonz/VSE 11.5.2.ConfiguringforclientauthenticationonWindows 11.6.UsingSSLpeerattributes 11.6.1.Example1:Specifyingmatchingpeerattributes 11.6.2.Example2:Specifyingpeerattributeswhichdonotmatch 11.7.Configuringaz/VSEqueuemanagerremotely 11.7.1.Whatyoucandoremotely 11.7.2.Preparingthez/VSEsideforPCF 11.7.3.Definingadditionalqueues 11.7.4.DefiningtheMQExplorerreplymodelqueue
11.7.5.Definingaserverconnectionchannel 11.7.6.Definingaremotequeuemanager 11.7.7.Exchangingtestmessages 11.7.8.DefiningSSL 11.8.Observations 11.8.1.Messagesequencenumbererror 11.8.2.RC=2092whensendingatestmessagetoWindows 11.8.3.OpenoffileMQFADMNfailed 11.8.4.NospaceavailableforPUTrequest AppendixA.SecurityAPIs A.1.ClientsideJavaAPIs A.1.1.z/VSEConnectorClient A.1.2.Securityclasslibrary A.2.HostsideAPIs A.2.1.UsingAPIstowriteyourownSSL/TLSapplications A.2.2.CPUAssistFacility A.2.3.SummaryofavailableSSLfunctions Relatedpublications IBMRedbookspublications Otherpublications Onlineresources HowtogetIBMRedbookspublications HelpfromIBM
Section2.6.KeyDriverstoAdoptingtheCloud Section2.7.TheImpactofCloudComputingonUsers Section2.8.GovernanceintheCloud Section2.9.BarrierstoCloudComputingAdoptionintheEnterprise Section2.10.Summary Chapter3.InfrastructureSecurity Section3.1.InfrastructureSecurity:TheNetworkLevel Section3.2.InfrastructureSecurity:TheHostLevel Section3.3.InfrastructureSecurity:TheApplicationLevel Section3.4.Summary Chapter4.DataSecurityandStorage Section4.1.AspectsofDataSecurity Section4.2.DataSecurityMitigation Section4.3.ProviderDataandItsSecurity Section4.4.Summary Chapter5.IdentityandAccessManagement Section5.1.TrustBoundariesandIAM Section5.2.WhyIAM? Section5.3.IAMChallenges Section5.4.IAMDefinitions Section5.5.IAMArchitectureandPractice Section5.6.GettingReadyfortheCloud Section5.7.RelevantIAMStandardsandProtocolsforCloudServices Section5.8.IAMPracticesintheCloud Section5.9.CloudAuthorizationManagement
Section5.10.CloudServiceProviderIAMPractice Section5.11.Guidance Section5.12.Summary Chapter6.SecurityManagementintheCloud Section6.1.SecurityManagementStandards Section6.2.SecurityManagementintheCloud Section6.3.AvailabilityManagement Section6.4.SaaSAvailabilityManagement Section6.5.PaaSAvailabilityManagement Section6.6.IaaSAvailabilityManagement Section6.7.AccessControl Section6.8.SecurityVulnerability,Patch,andConfigurationManagement Section6.9.Summary Chapter7.Privacy Section7.1.WhatIsPrivacy? Section7.2.WhatIstheDataLifeCycle? Section7.3.WhatAretheKeyPrivacyConcernsintheCloud? Section7.4.WhoIsResponsibleforProtectingPrivacy? Section7.5.ChangestoPrivacyRiskManagementandComplianceinRelationtoCloudComputing Section7.6.LegalandRegulatoryImplications Section7.7.U.S.LawsandRegulations Section7.8.InternationalLawsandRegulations Section7.9.Summary Chapter8.AuditandCompliance Section8.1.InternalPolicyCompliance
Section8.2.Governance,Risk,andCompliance(GRC) Section8.3.IllustrativeControlObjectivesforCloudComputing Section8.4.IncrementalCSPSpecificControlObjectives Section8.5.AdditionalKeyManagementControlObjectives Section8.6.ControlConsiderationsforCSPUsers Section8.7.Regulatory/ExternalCompliance Section8.8.OtherRequirements Section8.9.CloudSecurityAlliance Section8.10.AuditingtheCloudforCompliance Section8.11.Summary Chapter9.ExamplesofCloudServiceProviders Section9.1.AmazonWebServices(IaaS) Section9.2.Google(SaaS,PaaS) Section9.3.MicrosoftAzureServicesPlatform(PaaS) Section9.4.Proofpoint(SaaS,IaaS) Section9.5.RightScale(IaaS) Section9.6.Salesforce.com(SaaS,PaaS) Section9.7.SunOpenCloudPlatform Section9.8.Workday(SaaS) Section9.9.Summary Chapter10.SecurityAsa[Cloud]Service Section10.1.Origins Section10.2.TodaysOfferings Section10.3.Summary Chapter11.TheImpactofCloudComputingontheRoleofCorporateIT
Section11.1.WhyCloudComputingWillBePopularwithBusinessUnits Section11.2.PotentialThreatsofUsingCSPs Section11.3.ACaseStudyIllustratingPotentialChangesintheITProfessionCausedbyCloudComputing Section11.4.GovernanceFactorstoConsiderWhenUsingCloudComputing Section11.5.Summary Chapter12.Conclusion,andtheFutureoftheCloud Section12.1.AnalystPredictions Section12.2.SurveySays? Section12.3.SecurityinCloudComputing Section12.4.ProgramGuidanceforCSPCustomers Section12.5.TheFutureofSecurityinCloudComputing Section12.6.Summary AppendixA.SAS70ReportContentExample SectionA.1.SectionI:ServiceAuditorsOpinion SectionA.2.SectionII:DescriptionofControls SectionA.3.SectionIII:ControlObjectives,RelatedControls,andTestsofOperatingEffectiveness SectionA.4.SectionIV:AdditionalInformationProvidedbytheServiceOrganization AppendixB.SysTrustReportContentExample SectionB.1.SysTrustAuditorsOpinion SectionB.2.SysTrustManagementAssertion SectionB.3.SysTrustSystemDescription SectionB.4.SysTrustScheduleofControls AppendixC.OpenSecurityArchitectureforCloudComputing SectionC.1.Legend SectionC.2.Description
SectionC.3.KeyControlAreas SectionC.4.Examples SectionC.5.Assumptions SectionC.6.TypicalChallenges SectionC.7.Indications SectionC.8.Contraindications SectionC.9.ResistanceAgainstThreats SectionC.10.References SectionC.11.ControlDetails Glossary
MicrosoftSecurityEssentials:AHistory GettingtoKnowMSE WhyMSE? HowMSEWorks WillMSEWorkonYourSystem? DownloadingandInstallingMSEforFree UsingMSE OpeningMSE UnderstandingtheStatusLevel NavigatingtheTabs ConfiguringMSEforYourSystem SettingUpAutomaticScanning DeterminingDefaultActions UsingRealTimeProtection ExcludingLocations,FileTypes,andProcesses ConfiguringAdvancedOptions ParticipatinginMicrosoftSpyNet UpdatingMSE UnderstandingAutomaticUpdates UpdatingDefinitionsManually UpdatingtheMSEProgram ScanningYourSystem UnderstandingQuickScans UnderstandingFullScans UnderstandingCustomScans
PerformingaManualScan PerformingAutomaticScans DealingwithPotentialProblems AlertingYoutotheThreat WorkingwithHistory,Quarantined,andAllowedItems ViewingYourScanningHistory RestoringandRemovingQuarantinedItems RemovingPreviouslyAllowedItems UsingMSEwithWindows7 WorkingtheWindows7ActionCenter ScanningfromWindowsExplorer RunningtheCommandLineUtility PerformingaScan UpdatingtheDefinitionsLibrary TracingMSEsActions ConsolidatingLogFiles FixingProblems DefendingAgainstMalwarebyPracticingSafeComputing DontOpenEmailAttachments DontOpenFilesSentviaInstantMessaging DontClickIMorChatLinks DontExecuteFilesFoundinBlogs,Newsgroups,orMessageBoards DontDownloadFilesfromSuspectWebsites LimitYourSharingofRemovableMedia DisplayandCheckFileExtensions
AvoidingMalwareInfestedWebsites
Section5.TheComputerAge Chapter3.PreventingSystemIntrusions Section1.So,WhatisanIntrusion? Section2.SoberingNumbers Section3.KnowYourEnemy:HackersVersusCrackers Section4.Motives Section5.ToolsoftheTrade Section6.Bots Section7.SymptomsofIntrusions Section8.WhatCanyouDo? Section9.SecurityPolicies Section10.RiskAnalysis Section11.ToolsofYourTrade Section12.ControllingUserAccess Section13.Conclusion Chapter4.GuardingAgainstNetworkIntrusions Section1.TraditionalReconnaissanceandAttacks Section2.MaliciousSoftware Section3.DefenseinDepth Section4.PreventiveMeasures Section5.IntrusionMonitoringandDetection Section6.ReactiveMeasures Section7.Conclusions Chapter5.UnixandLinuxSecurity Section1.UnixandSecurity
Section2.BasicUnixSecurity Section4.ProtectingUserAccountsandStrengtheningAuthentication Section5.ReducingExposuretoThreatsbyLimitingSuperuserPrivileges Section6.SafeguardingVitalDatabySecuringLocalandNetworkFileSystems Chapter6.EliminatingtheSecurityWeaknessofLinuxandUNIXOperatingSystems Section1.IntroductiontoLinuxandUnix Section2.HardeningLinuxandUnix Section3.ProactiveDefenseforLinuxandUnix Chapter7.InternetSecurity Section1.InternetProtocolArchitecture Section2.AnInternetThreatModel Section3.DefendingAgainstAttacksontheInternet Section4.Conclusion Chapter8.TheBotnetProblem Section1.Introduction Section2.BotnetOverview Section3.TypicalBotLifeCycle Section4.TheBotnetBusinessModel Section5.BotnetDefense Section6.BotmasterTraceback Section7.Summary Chapter9.IntranetSecurity Section1.PluggingtheGaps:NACandAccessControl Section2.MeasuringRisk:Audits Section3.GuardianattheGate:AuthenticationandEncryption
Section4.WirelessNetworkSecurity Section5.ShieldingtheWire:NetworkProtection Section6.WeakestLinkinSecurity:UserTraining Section7.DocumentingtheNetwork:ChangeManagement Section8.RehearsetheInevitable:DisasterRecovery Section9.ControllingHazards:PhysicalandEnvironmentalProtection Section10.KnowYourUsers:PersonnelSecurity Section11.ProtectingDataFlow:InformationandSystemIntegrity Section12.SecurityAssessments Section13.RiskAssessments Section14.Conclusion Chapter10.LocalAreaNetworkSecurity Section1.IdentifyNetworkThreats Section2.EstablishNetworkAccessControls Section3.RiskAssessment Section4.ListingNetworkResources Section5.Threats Section6.SecurityPolicies Section7.TheIncidentHandlingProcess Section8.SecureDesignThroughNetworkAccessControls Section9.IDSDefined Section10.NIDS:ScopeandLimitations Section11.APracticalIllustrationofNIDS Section12.Firewalls Section13.DynamicNATConfiguration
Section14.ThePerimeter Section15.AccessListDetails Section16.TypesofFirewalls Section17.PacketFiltering:IPFilteringRouters Section18.ApplicationlayerFirewalls:ProxyServers Section19.StatefulInspectionFirewalls Section20.NIDSComplementsFirewalls Section21.MonitorandAnalyzeSystemActivities Section22.SignatureAnalysis Section23.StatisticalAnalysis Section24.SignatureAlgorithms Chapter11.WirelessNetworkSecurity Section1.CellularNetworks Section2.WirelessAdHocNetworks Section3.SecurityProtocols Section4.SecureRouting Section5.KeyEstablishment References Chapter12.CellularNetworkSecurity Section1.Introduction Section2.OverviewofCellularNetworks Section3.TheStateoftheArtofCellularNetworkSecurity Section4.CellularNetworkAttackTaxonomy Section5.CellularNetworkVulnerabilityAnalysis Section6.Discussion
References Chapter13.RFIDSecurity Section1.RFIDIntroduction Section2.RFIDChallenges Section3.RFIDProtections References PartII:ManagingInformationSecurity Chapter14.InformationSecurityEssentialsforITManagers:ProtectingMissionCriticalSystems Section1.InformationSecurityEssentialsforITManagers,Overview Section2.ProtectingMissionCriticalSystems Section3.InformationSecurityfromtheGroundUp Section4.SecurityMonitoringandEffectiveness References Chapter15.SecurityManagementSystems Section1.SecurityManagementSystemStandards Section2.TrainingRequirements Section3.PrinciplesofInformationSecurity Section4.RolesandResponsibilitiesofPersonnel Section5.SecurityPolicies Section6.SecurityControls Section7.NetworkAccess Section8.RiskAssessment Section9.IncidentResponse Section10.Summary Chapter16.InformationTechnologySecurityManagement
Section1.InformationSecurityManagementStandards Section2.InformationTechnologySecurityAspects Section3.Conclusion Chapter17.IdentityManagement Section1.Introduction Section2.EvolutionofIdentityManagementRequirements Section3.TheRequirementsFulfilledbyCurrentIdentityManagementTechnologies Section4.Identity2.0forMobileUsers Section5.Conclusion Chapter18.IntrusionPreventionandDetectionSystems Section1.WhatisanIntrusion,Anyway? Section2.UnauthorizedAccessbyanOutsider Section3.MalwareInfection Section4.TheRoleofthe0Day Section5.TheRoguesGallery:AttackersandMotives Section6.ABriefIntroductiontoTCP/IP Section7.TheTCP/IPDataArchitectureandDataEncapsulation Section8.SurveyofIntrusionDetectionandPreventionTechnologies Section9.AntiMalwareSoftware Section10.NetworkBasedIntrusionDetectionSystems Section11.NetworkBasedIntrusionPreventionSystems Section12.HostBasedIntrusionPreventionSystems Section13.SecurityInformationManagementSystems Section14.NetworkSessionAnalysis Section15.DigitalForensics
Section16.SystemIntegrityValidation Section17.PuttingitallTogether Chapter19.ComputerForensics Section1.WhatisComputerForensics? Section2.AnalysisofData Section3.ComputerForensicsintheCourtSystem Section4.UnderstandingInternetHistory Section5.TemporaryRestrainingOrdersandLaborDisputes Section5.FirstPrinciples Section6.HackingaWindowsXPPassword Section7.NetworkAnalysis Section8.ComputerForensicsApplied Section9.TestifyingasanExpert Section10.BeginningtoEndinCourt Chapter20.NetworkForensics Section1.ScientificOverview Section2.ThePrinciplesofNetworkForensics Section3.AttackTracebackandAttribution Section4.CriticalNeedsAnalysis Section5.ResearchDirections Chapter21.Firewalls Section1.NetworkFirewalls Section2.FirewallSecurityPolicies Section3.ASimpleMathematicalModelforPolicies,Rules,andPackets Section4.FirstmatchFirewallPolicyAnomalies
Section5.PolicyOptimization Section6.FirewallTypes Section7.HostandNetworkFirewalls Section8.SoftwareandHardwareFirewallImplementations Section9.ChoosingtheCorrectFirewall Section10.FirewallPlacementandNetworkTopology Section11.FirewallInstallationandConfiguration Section12.SupportingOutgoingServicesThroughFirewallConfiguration Section13.SecureExternalServicesProvisioning Section14.NetworkFirewallsforVoiceandVideoApplications Section15.FirewallsandImportantAdministrativeServiceProtocols Section16.InternalIPServicesProtection Section17.FirewallRemoteAccessConfiguration Section18.LoadBalancingandFirewallArrays Section19.HighlyAvailableFirewalls Section20.FirewallManagement Section21.Conclusion Chapter22.PenetrationTesting Section1.WhatisPenetrationTesting? Section2.HowdoesPenetrationTestingDifferfromanActualHack? Section3.TypesofPenetrationTesting Section4.PhasesofPenetrationTesting Section5.DefiningWhatsExpected Section6.TheNeedforaMethodology Section7.PenetrationTestingMethodologies
Section8.MethodologyinAction Section9.PenetrationTestingRisks Section10.LiabilityIssues Section11.LegalConsequences Section12.GetOutofJailFreeCard Section13.PenetrationTestingConsultants Section14.RequiredSkillSets Section15.Accomplishments Section16.HiringaPenetrationTester Section17.WhyShouldaCompanyHireYou? Section18.AllsWellthatEndsWell Chapter23.WhatIsVulnerabilityAssessment? Section1.Reporting Section2.TheItWontHappentoUsFactor Section3.WhyVulnerabilityAssessment? Section4.PenetrationTestingVersusVulnerabilityAssessment Section5.VulnerabilityAssessmentGoal Section6.MappingtheNetwork Section7.SelectingtheRightScanners Section8.CentralScansVersusLocalScans Section9.DefenseinDepthStrategy Section10.VulnerabilityAssessmentTools Section11.ScannerPerformance Section12.ScanVerification Section13.ScanningCornerstones
Section14.NetworkScanningCountermeasures Section15.VulnerabilityDisclosureDate Section16.ProactiveSecurityVersusReactiveSecurity Section17.VulnerabilityCauses Section18.DIYVulnerabilityAssessment Section19.Conclusion PartIII:EncryptionTechnology Chapter24.DataEncryption Section1.NeedforCryptography Section2.MathematicalPreludetoCryptography Section3.ClassicalCryptography Section4.ModernSymmetricCiphers Section5.AlgebraicStructure Section6.TheInternalFunctionsofRijndaelinAESImplementation Section7.UseofModernBlockCiphers Section8.PublickeyCryptography Section9.CryptanalysisofRSA Section10.DiffieHellmanAlgorithm Section11.EllipticCurveCryptosystems Section12.MessageIntegrityandAuthentication Section13.Summary References Chapter25.SatelliteEncryption Section1.TheNeedforSatelliteEncryption Section2.SatelliteEncryptionPolicy
Section3.ImplementingSatelliteEncryption Section4.TheFutureofSatelliteEncryption Chapter26.PublicKeyInfrastructure Section1.CryptographicBackground Section2.OverviewofPKI Section3.TheX.509Model Section4.X.509ImplementationArchitectures Section5.X.509CertificateValidation Section6.X.509CertificateRevocation Section7.ServerBasedCertificateValidityProtocol Section8.X.509BridgeCertificationSystems Section9.X.509CertificateFormat Section10.PKIPolicyDescription Section11.PKIStandardsOrganizations Section12.PGPCertificateFormats Section13.PGPPKIImplementations Section14.W3C Section15.AlternativePKIArchitectures Section16.ModifiedX.509Architectures Section17.AlternativeKeyManagementModels Chapter27.InstantMessagingSecurity Section1.WhyShouldICareAboutInstantMessaging? Section2.WhatisInstantMessaging? Section3.TheEvolutionofNetworkingTechnologies Section4.GameTheoryandInstantMessaging
Section5.TheNatureoftheThreat Section6.CommonIMApplications Section7.DefensiveStrategies Section8.InstantMessagingSecurityMaturityandSolutions Section9.Processes Section10.Conclusion PartIV:PrivacyandAccessManagement Chapter28.NETPrivacy Section1.PrivacyintheDigitalSociety Section2.TheEconomicsofPrivacy Section3.PrivacyEnhancingTechnologies Section4.NetworkAnonymity Section5.Conclusion Chapter29.PersonalPrivacyPolicies Section1.Introduction Section2.ContentofPersonalPrivacyPolicies Section3.SemiautomatedDerivationofPersonalPrivacyPolicies Section4.SpecifyingWellFormedPersonalPrivacyPolicies Section5.PreventingUnexpectedNegativeOutcomes Section6.ThePrivacyManagementModel Section7.DiscussionandRelatedWork Section8.ConclusionsandFutureWork Chapter30.VirtualPrivateNetworks Section1.History Section2.WhoisinCharge?
Section3.VPNTypes Section4.AuthenticationMethods Section5.SymmetricEncryption Section6.AsymmetricCryptography Section7.EdgeDevices Section8.Passwords Section9.HackersandCrackers Chapter31.IdentityTheft Section1.ExperimentalDesign Section2.ResultsandAnalysis Section3.ImplicationsforCrimeware Section4.Conclusion Chapter32.VoIPSecurity Section1.Introduction Section2.OverviewofThreats Section3.SecurityinVoIP Section4.FutureTrends Section5.Conclusion PartV:StorageSecurity Chapter33.SANSecurity Section1.OrganizationalStructure Section2.AccessControlLists(ACL)andPolicies Section3.PhysicalAccess Section4.ChangeManagement Section5.PasswordPolicies
Section6.DefenseinDepth Section7.VendorSecurityReview Section8.DataClassification Section9.SecurityManagement Section10.Auditing Section11.ManagementAccess:SeparationofFunctions Section12.HostAccess:Partitioning Section13.DataProtection:Replicas Section15.EncryptioninStorage Section16.ApplicationofEncryption Section17.Conclusion References Chapter34.StorageAreaNetworkingSecurityDevices Section1.WhatisaSAN? Section2.SANDeploymentJustifications Section3.TheCriticalReasonsforSANSecurity Section4.SANArchitectureandComponents Section5.SANGeneralThreatsandIssues Section6.Conclusion Chapter35.RiskManagement Section1.TheConceptofRisk Section2.ExpressingandMeasuringRisk Section3.TheRiskManagementMethodology Section4.RiskManagementLawsandRegulations Section5.RiskManagementStandards
Section6.Summary PartVI:PhysicalSecurity Chapter36.PhysicalSecurityEssentials Section1.Overview Section2.PhysicalSecurityThreats Section3.PhysicalSecurityPreventionandMitigationMeasures Section4.RecoveryfromPhysicalSecurityBreaches Section5.ThreatAssessment,Planning,andPlanImplementation Section6.Example:ACorporatePhysicalSecurityPolicy Section7.IntegrationofPhysicalandLogicalSecurity References Chapter37.Biometrics Section1.RelevantStandards Section2.BiometricSystemArchitecture Section3.UsingBiometricSystems Section4.SecurityConsiderations Section5.Conclusion Chapter38.HomelandSecurity Section1.StatutoryAuthorities Section2.HomelandSecurityPresidentialDirectives Section3.OrganizationalActions Section4.Conclusion Chapter39.InformationWarfare Section1.InformationWarfareModel Section2.InformationWarfareDefined
Section3.IW:MythorReality? Section4.InformationWarfare:MakingIWPossible Section5.PreventativeStrategies Section6.LegalAspectsofIW Section7.HolisticViewofInformationWarfare Section8.Conclusion PartVII:AdvancedSecurity Chapter40.SecurityThroughDiversity Section1.Ubiquity Section2.ExampleAttacksAgainstUniformity Section3.AttackingUbiquitywithAntivirusTools Section4.TheThreatofWorms Section5.AutomatedNetworkDefense Section6.DiversityandtheBrowser Section7.SandboxingandVirtualization Section8.DNSExampleofDiversitythroughSecurity Section9.RecoveryfromDisasterisSurvival Section10.Conclusion Chapter41.ReputationManagement Section1.TheHumanNotionofReputation Section2.ReputationAppliedtotheComputingWorld Section3.StateoftheArtofAttackResistantReputationComputation Section4.OverviewofCurrentOnlineReputationService Section5.Conclusion Chapter42.ContentFiltering
Section1.TheProblemwithContentFiltering Section2.UserCategories,Motivations,andJustifications Section3.ContentBlockingMethods Section4.TechnologyandTechniquesforContentFilteringControl Section5.Categories Section6.LegalIssues Section7.IssuesandProblemswithContentFiltering Section9.RelatedProducts Section10.Conclusion Chapter43.DataLossProtection Section1.PrecursorsofDLP Section2.WhatisDLP? Section3.WheretoBegin? Section4.DataisLikeWater Section5.YouDontKnowWhatYouDontKnow Section6.HowDoDLPApplicationsWork? Section7.EatYourVegetables Section8.ItsaFamilyAffair,NotJustitSecuritysProblem Section9.Vendors,VendorsEverywhere!WhoDoYouBelieve? Section10.Conclusion PartVIII:Appendices AppendixA.ConfiguringAuthenticationServiceonMicrosoftWindowsVista Section1.BackupandRestoreofStoredUsernamesandPasswords Section2.CredentialSecurityServiceProviderandSSOforTerminalServicesLogon Section3.TLS/SSLCryptographicEnhancements
Section4.KerberosEnhancements Section5.SmartCardAuthenticationChanges Section6.PreviousLogonInformation AppendixB.SecurityManagementandResiliency AppendixC.ListofTopSecurityImplementationandDeploymentCompanies ListofSANImplementationandDeploymentCompanies SANSecurityImplementationandDeploymentCompanies: AppendixD.ListofSecurityProducts SecuritySoftware AppendixE.ListofSecurityStandards AppendixF.ListofMiscellaneousSecurityResources Conferences ConsumerInformation Directories HelpandTutorials MailingLists NewsandMedia Organizations ProductsandTools Research ContentFilteringLinks OtherLoggingResources AppendixG.EnsuringBuiltinFrequencyHoppingSpreadSpectrumWirelessNetworkSecurity Accomplishment Background
AdditionalInformation AppendixH.ConfiguringWirelessInternetSecurityRemoteAccess AddingtheAccessPointsasRADIUSClientstoIAS AddingAccessPointstotheFirstIASServer ScriptingtheAdditionofAccessPointstoIASServer(AlternativeProcedure) ConfiguringtheWirelessAccessPoints EnablingSecureWLANAuthenticationonAccessPoints AdditionalSettingstoSecureWirelessAccessPoints ReplicatingRADIUSClientConfigurationtoOtherIASServers AppendixI.FrequentlyAskedQuestions
Section3.2.KeyQuestionstoManageRisk Section3.3.Summary PartII:SecurityPrinciplesandPractices Chapter4.InformationSystemSecurityPrinciples Section4.1.KeyPrinciplesofNetworkSecurity Section4.2.FormalProcesses Section4.3.RiskManagement Section4.4.CalculatingandManagingRisk Section4.5.Summary Chapter5.InformationSystemSecurityManagement Section5.1.SecurityPolicies Section5.2.SecurityAwareness Section5.3.ManagingtheTechnicalEffort Section5.4.ConfigurationManagement Section5.5.BusinessContinuityandDisasterRecoveryPlanning Section5.6.PhysicalSecurity Section5.7.LegalandLiabilityIssues Section5.8.Summary Chapter6.AccessControl Section6.1.ControlModels Section6.2.TypesofAccessControlImplementations Section6.3.IdentificationandAuthentication Section6.4.Databases Section6.5.RemoteAccess Section6.6.Summary
Chapter7.AttacksandThreats Section7.1.MaliciousCode Section7.2.ReviewofCommonAttacks Section7.3.ExternalAttackMethodologiesOverview Section7.4.InternalThreatOverview Section7.5.Summary PartIII:OperatingSystemsandApplications Chapter8.WindowsSecurity Section8.1.WindowsSecurityattheHeartoftheDefense Section8.2.OutoftheBoxOperatingSystemHardening Section8.3.InstallingApplications Section8.4.PuttingtheWorkstationontheNetwork Section8.5.OperatingWindowsSafely Section8.6.UpgradesandPatches Section8.7.MaintainandTesttheSecurity Section8.8.AttacksAgainsttheWindowsWorkstation Section8.9.Summary Chapter9.UNIXandLinuxSecurity Section9.1.TheFocusofUNIX/LinuxSecurity Section9.2.PhysicalSecurity Section9.3.ControllingtheConfiguration Section9.4.OperatingUNIXSafely Section9.5.HardeningUNIX Section9.6.Summary Chapter10.WebBrowserandClientSecurity
Section10.1.WebBrowserandClientRisk Section10.2.HowaWebBrowserWorks Section10.3.WebBrowserAttacks Section10.4.OperatingSafely Section10.5.WebBrowserConfigurations Section10.6.Summary Chapter11.WebSecurity Section11.1.WhatIsHTTP? Section11.2.HowDoesHTTPWork? Section11.3.ServerContent Section11.4.ClientContent Section11.5.State Section11.6.AttackingWebServers Section11.7.WebServices Section11.8.Summary Chapter12.Electronicmail(Email)Security Section12.1.TheEmailRisk Section12.2.TheEmailProtocols Section12.3.EmailAuthentication Section12.4.OperatingSafelyWhenUsingEmail Section12.5.Summary Chapter13.DomainNameSystem Section13.1.DNSBasics Section13.2.PurposeofDNS Section13.3.SettingUpDNS
Section13.4.SecurityIssueswithDNS Section13.5.DNSAttacks Section13.6.DesigningDNS Section13.7.MasterSlaveDNS Section13.8.DetailedDNSArchitecture Section13.9.DNSSEC Section13.10.Summary Chapter14.ServerSecurity Section14.1.GeneralServerRisks Section14.2.SecuritybyDesign Section14.3.OperatingServersSafely Section14.4.ServerApplications Section14.5.MultiLevelSecurityandDigitalRightsManagement Section14.6.Summary PartIV:NetworkSecurityFundamentals Chapter15.NetworkProtocols Section15.1.Protocols Section15.2.TheOpenSystemsInterconnectModel Section15.3.TheOSILayers Section15.4.TheTCP/IPModel Section15.5.TCP/IPModelLayers Section15.6.InternetProtocol Section15.7.VoIP Section15.8.Summary Chapter16.WirelessSecurity
Section16.1.ElectromagneticSpectrum Section16.2.TheCellularPhoneNetwork Section16.3.PlacingaCellularTelephoneCall Section16.4.WirelessTransmissionSystems Section16.5.PervasiveWirelessDataNetworkTechnologies Section16.6.IEEEWirelessLANSpecifications Section16.7.IEEE802.11 Section16.8.IEEE802.11WirelessSecurity Section16.9.Bluetooth Section16.10.WirelessApplicationProtocol Section16.11.FutureofWireless Section16.12.Summary Chapter17.NetworkArchitectureFundamentals Section17.1.NetworkSegments Section17.2.PerimeterDefense Section17.3.NetworkAddressTranslation Section17.4.BasicArchitectureIssues Section17.5.Subnetting,Switching,andVLANs Section17.6.AddressResolutionProtocolandMediaAccessControl Section17.7.DynamicHostConfigurationProtocolandAddressingControl Section17.8.ZeroConfigurationNetworks Section17.9.SystemDesignandArchitectureAgainstInsiderThreats Section17.10.CommonAttacks Section17.11.Summary Chapter18.Firewalls
Section18.1.Firewalls Section18.2.Firewallrules Section18.3.TheUseofPersonalFirewalls Section18.4.Summary Chapter19.IntrusionDetection/Prevention Section19.1.IntrusionDetectionSystems Section19.2.ResponsestoIntrusionDetection Section19.3.EmergingTechnologiesinIntrusionDetectionSystems Section19.4.Summary PartV:Communication Chapter20.SecretCommunication Section20.1.WhatisCryptography? Section20.2.GeneralTerms Section20.3.PrinciplesofCryptography Section20.4.HistoricCryptography Section20.5.TheFourCryptographicPrimitives Section20.6.PuttingThesePrimitivesTogethertoAchieveCIA Section20.7.TheDifferenceBetweenAlgorithmandImplementation Section20.8.ProprietaryVersusOpenSourceAlgorithms Section20.9.AttacksonHashFunctions Section20.10.QuantumCryptography Section20.11.Summary Chapter21.CovertCommunication Section21.1.WhereHiddenDataHides Section21.2.WhereDidItComeFrom?
Section21.3.WhereIsItGoing? Section21.4.OverviewofSteganography Section21.5.HistoryofSteganography Section21.6.CoreAreasofNetworkSecurityandTheirRelationtoSteganography Section21.7.PrinciplesofSteganography Section21.8.SteganographyComparedtoCryptography Section21.9.TypesofSteganography Section21.10.ProductsThatImplementSteganography Section21.11.SteganographyVersusDigitalWatermarking Section21.12.TypesofDigitalWatermarking Section21.13.GoalsofDigitalWatermarking Section21.14.DigitalWatermarkingandStego Section21.15.Summary Chapter22.ApplicationsofSecure/CovertCommunication Section22.1.Email Section22.2.AuthenticationServers Section22.3.WorkingModel Section22.4.PublicKeyInfrastructure Section22.5.VirtualPrivateNetworks Section22.6.SecureSocketsLayer/TransportLayerSecurity Section22.7.SSLHandshake Section22.8.Summary PartVI:TheSecurityThreatandResponse Chapter23.IntrusionDetectionandResponse Section23.1.IntrusionDetectionMechanisms
Section23.2.Honeypots Section23.3.IncidentHandling Section23.4.Summary Chapter24.DigitalForensics Section24.1.ComputerForensicsDefined Section24.2.TraditionalComputerForensics Section24.3.ProactiveForensics Section24.4.FutureResearchAreas Section24.5.TheForensicLifeCycle Section24.6.Summary Chapter25.SecurityAssessments,Testing,andEvaluation Section25.1.InformationAssuranceApproachesandMethodologies Section25.2.CertificationandAccreditation Section25.3.DIACAP Section25.4.FederalInformationProcessingStandard102 Section25.5.OMBCircularA130 Section25.6.TheNationalInstituteofStandardsandTechnologyAssessmentGuidelines Section25.7.PenetrationTesting Section25.8.AuditingandMonitoring Section25.9.Summary PartVII:IntegratedCyberSecurity Chapter26.ValidatingYourSecurity Section26.1.Overview Section26.2.CurrentStateofPenetrationTesting Section26.3.FormalPenetrationTestingMethodology
Section26.4.StepstoExploitingaSystem Section26.5.Summary Chapter27.DataProtection Section27.1. Section27.2.EndpointSecurity Section27.3.InsiderThreatsandDataProtection Section27.4.Summary Chapter28.PuttingEverythingTogether Section28.1.CriticalProblemsFacingOrganizations Section28.2.GeneralTipsforProtectingaSite Section28.3.SecurityBestPractices Section28.4.Summary Chapter29.TheFuture Section29.1.ApproachingtheProblem Section29.2.MissionResilience Section29.3.LimitingFailurePoints Section29.4.Summary
1.3:IBMSecurityBlueprint 1.4:Securitychallenge 1.5:IBMReferenceArchitectureforSAPsolutions 1.6:IBMimplementationapproachforSAPauthorization 1.7:Conclusion Chapter2:IntroductiontoSAPsolutionsandsecuritytechnology 2.1:SAPsystemsandapplications SAPBusinessSuite SAPNetWeaver 2.2:SAPsecurityandSAPuserandrolemanagementconcept SAPNetWeaverASABAPUserRepository SAPNetWeaverASJavaUserRepository:UME SAPCentralUserAdministration SAPNetWeaverIdentityManagement SAPBusinessObjectsgovernance,risk,andcompliance 2.3:SAPusermanagementintegrationoptionsandinterfaces BusinessApplicationProgrammingInterfaces(BAPI) RemoteFunctionCalls(RFC) Synchronousversusasynchronousintegration 2.4:SAPaccessmanagementintegrationoptions SAPlogonticket SecureNetworkCommunication Digitalcertificates SecurityAssertionMarkupLanguage Kerberos
Singlesignontechnologies 2.5:Conclusion Part2:Identitymanagementintegration Chapter3:IBMSecurityidentitymanagementofferings 3.1:IBMTivoliIdentityManager IBMTivoliIdentityManagerconcept TivoliIdentityManageradapterconcept Adapteroperations TivoliIdentityManagerintegrationwithSAPsolutions SAPuserprovisioningwithIBMTivoliIdentityManager 3.2:IBMTivoliDirectoryIntegrator TivoliDirectoryIntegratoradapterframework TivoliDirectoryIntegratorintegrationswithSAPsolutions 3.3:IBMTivoliDirectoryServer Identitydatafoundationforsecuritymanagementapplications TivoliDirectoryServerintegrationwithSAPsolutions 3.4:Conclusion Chapter4:IBMTivoliIdentityManager 4.1:TivoliIdentityManagerAdapterforSAPNetWeaver Architectureoverview Adapterimplementation,customization,andextension 4.2:TivoliIdentityManagerAdapterforSAPABAP 4.3:TivoliIdentityManagerAdapterforSAPNetWeaverASJava 4.4:TivoliIdentityManagerAdapterforSAPGovernance,Risk,andComplianceAccessControl 4.5:Conclusion
Chapter5:IBMTivoliDirectoryIntegrator 5.1:FunctioncomponentforSAPNetWeaverASABAP 5.2:UserRegistryConnectorforSAPNetWeaverASABAP 5.3:HR/BusinessObjectRepositoryConnectorforSAPNetWeaverASABAP 5.4:IDOCConnectorforSAPERPandSAPNetWeaverASABAP 5.5:Conclusion Chapter6:IBMTivoliDirectoryServer 6.1:IntegrationwithSAPNetWeaverASABAP Definitionofattributemappings Definitionofrequiredschemaextension SAPNetWeaverASABAPLDAPconfiguration Directorysynchronization 6.2:IntegrationwithSAPNetWeaverASJava GeneraloverviewofthebasiccomponentLDAPinterface TivoliDirectoryServerdatasourceconfigurationforUME 6.3:Conclusion Chapter7:Identitymanagementusecases 7.1:SAPHRdrivenidentityfeed SAPIDOCconfiguration ConfiguringtheTivoliDirectoryIntegratorAssemblyLine Positionbaseduserprovisioning 7.2:TivoliDirectoryServeronz/OSandSAPsolutions WhychooseTivoliDirectoryServerforz/OSoveradistributedplatform TivoliDirectoryServerforz/OSconfiguration 7.3:TivoliDirectoryServerasshareduserrepository
ConfiguringSAPNetWeaverASJavaUMEforIBMTivoliDirectoryServer ConfiguringTivoliDirectoryServerwriteauthority 7.4:TivoliIdentityManagersamplescenariosandusecases StandaloneSAPABAPtargetserver CUAtargetserver MultipleSAPABAPstandalonetargetservers StandaloneABAPtargetwithHRmodules CUAtargetenvironmentwithHRmodules Singlesignonpasswordmanagementinastandalonesetup SinglesignonpasswordmanagementwithaCUAtarget AccountlockingextensionforCUAandnonCUAsetup 7.5:TivoliIdentityManagerbestpractices DeploymentofTivoliDirectoryIntegrator Performanceissues Highavailability AglobalSAPinfrastructure SAPSecureNetworkCommunications(SNC) SAPversionmixture UnicodeandnonUnicodesupport SAPmessageserver 7.6:Conclusion Part3:Accessmanagementintegration Chapter8:IBMSecurityaccessmanagementofferings 8.1:TivoliAccessManagerforEnterpriseSingleSignOn AccessProfiles
IntegrationwithSAPsolutions 8.2:TivoliAccessManagerforebusiness Components IntegrationwithSAPsolutions 8.3:TivoliFederatedIdentityManager FederatedIdentityManagementfunctionality IntegrationwithSAPsolutions 8.4:Conclusion Chapter9:IBMTivoliAccessManagerforEnterpriseSingleSignon 9.1:Singlesignonconsiderations 9.2:Systemnamedisplayrequirements 9.3:Usereducation 9.4:Implementationprocessoverview 9.5:ImplementingTivoliAccessManagerforEnterpriseSingleSignOn 9.6:HowtheAccessProfileworks Applicationprocesscontrol Numberofcaptureorinjectionfields SinglesignontoSAPapplicationsusingSAPLogon SingleSignOntoSAPapplicationsusingSAPShortcut AccessProfilelanguagesupport AccessProfileenvironmentanddefaultsettings SettinguptheregistryforSAPLogon CapturingcredentialswhensigningintoSAPapplications Generatingrandompasswordduringpasswordchange Authenticationservicenames
9.7:WebsinglesignontoSAPGUIforHTML SAPGUIforHTML WebSingleSignOnusingInternetExplorerbrowser AuthenticationservicenameforInternetExplorerprofile WebSingleSignOnusingFirefoxbrowser 9.8:Conclusion Chapter10:IBMTivoliAccessManagerforebusiness 10.1:IntegrationwithSAPNetWeaverASABAP WebSEALjunctionstoSAPNetWeaverASABAP ConfiguringTivoliAccessManagerWebSEALoptions ConfiguringSAPNetWeaverASABAP Testingtheintegration 10.2:IntegrationwithSAPNetWeaverASJava WebSEALjunctionstoSAPNetWeaverASJava JunctionMappingTable(JMT) ConfiguringTivoliAccessManagerWebSEALoptions ConfiguringtheTivoliAccessManagerWebSEALlogoutpage SAPNetWeaverASJavaconfiguration RestartingtheSAPNetWeaverASJavacluster Testingtheintegration 10.3:IBMTivoliAccessManagerforebusinessintegrationwithSAPNetWeaverASJavaEnterprise PortalCore CreatingaTivoliAccessMangerWebSEALJunction TivoliAccessManagerWebSEALJMTsetup TivoliAccessManagerWebSEALconfigurationoptions ConfiguringSAPNetWeaverASJavaEnterprisePortalCore
10.4:TivoliAccessManagerforebusinessIntegrationwithSAPInternetTransactionServer 10.5:SinglesignonforSAPNetWeaverASABAPwithWebSEALinconjunctionwithSAPNetWeaverAS Java Introduction Scenario Solution ConfiguringTivoliAccessManagerWebSEAL ConfiguringSAPNetWeaverASJava ConfiguringSAPNetWeaverASABAP Testingtheconfiguration 10.6:Conclusion Chapter11:IBMTivoliFederatedIdentityManager 11.1:IntegrationwithSAPNetWeaverASJava Introduction Integrationprocess Testingtheintegration Removingtheintegration Troubleshooting 11.2:SecurityTokenServicetrustmoduleforSAPloginticket TivoliFederatedIdentityManagerSTSmodules SAPmodule Integrationprocess Testing Troubleshooting 11.3:Conclusion Chapter12:Accessmanagementusecases
12.1:AuthenticatinganSAPloginticketinAccessManagerforebusinessWebSEALusingtheexternal authenticationCAPI Introduction Scenario Solution ImplementationoftheauthenticationserviceusingtheExternalAuthenticationCAPI Configuringtheenvironment Testingtheconfiguration Troubleshooting 12.2:SinglesignonfromWebSpherePortaltoSAPNetWeaverASABAP(SAPERP)usingtheAccess ManagerforebusinessWebServerPlugin Deploymentconsiderations PrincipleofusingtheSAPlogonticketforsinglesignon OperationalmodelforSAPlogonticketbasedsinglesignon SolutionstepsforSAPlogonticketbasedsinglesignon 12.3:SinglesignonforSAPwithAccessManagerandMicrosoftWindowsusingKerberosandAccess ManagerforebusinessWebSEAL Introduction Scenario Solution 12.4:SSOtoSAPNetWeaverASABAPwithFederatedIdentityManagerusingSAML2.0 SAMLprotocolspecifics Processflow Deploymentconsiderations SAML2.0processflowforbackchannelSSO Configuration 12.5:ServicebasedsinglesignontoSAPbackendsystemsusingFederatedIdentityManagerandSAML
Theroleofsecuritymetadatainthesinglesignonscenario SAPWebServiceconfigurationforsinglesignon 12.6:IntegrateSAPintoSOAbyfederatingtheSAPloginticket Introduction SAPidentityrepresentation SOAidentitysolution Solutionarchitecture Configuration Summary 12.7:TivoliAccessManagerforebusinesssampleusecasescenariosandbestpractices Usecases Bestpractices 12.8:TivoliAccessManagerforEnterpriseSingleSignonSAPusecases Installation Installationcheck Deploymentscenarios 12.9:Conclusion AppendixA:IBMSecuritysystemsintegrations:Beyondidentityandaccessmanagement IBMRationalAppScan IBMInfoSphereGuardium IBMInfoSphereGuardiumEncryptionExpert IBMInfoSphereOptim IBMWebSphereDataPower IBMSystemzandmainframesecurity IBMPowerSystemsandAIXSecurity
TheIdsFramework ExperimentalResults Conclusion Chapter3:AKeystrokeBiometricSystemForLongTextInput Abstract Introduction KeystrokeBiometricSystem ReceiverOperatingCharacteristic(Roc)CurveDerivation ExperimentalDesignAndDataCollection ExperimentalResults ConclusionAndFutureWork Appendix:SummaryOfThe239Features Chapter4:ASixViewPerspectiveFrameworkForSystemSecurity Abstract I.Introduction Ii.CurrentLiteratureOnSystemSecurity Iii.SixViewPerspectiveOfSystemSecurityAUnifiedFramework V.ContributionsOfTheSvpssFrameworkToTheIsLiterature Vi.LimitationsOfSvpssFramework Vii.ConclusionAndFutureResearch AppendixA Chapter5:AreOnlinePrivacyPoliciesReadable? Abstract 1.Introduction 2.PrivacyPolicies:TheirRequirementsAndRestrictions
3.RequirementsOfHumanReadablePolicies 4.ReadabilityEvaluationMethods 5.PreviousInvestigations Conclusion 6.ReadabilityEvaluationMethodologyForThisStudy 8.DiscussionAndConclusion Chapter6:ProtectingUserPrivacyBetterWithQueryLDiversity Abstract 1Introduction 2.RelatedWork 3.Preliminaries 4.CloakingAlgorithms 5.PerformanceStudy 6.Conclusion Chapter7:GlobalizationAndDataPrivacy Abstract Introduction LiteratureReviewAndCompanyBackground Methodology Results Conclusion Chapter8:SecurityIssuesForCloudComputing Abstract Introduction SecurityIssuesForClouds
ThirdPartySecureDataPublicationAppliedToCloud EncryptedDataStorageForCloud SecureQueryProcessingWithHadoop SummaryAndConclusion Chapter9:GlobalInformationSecurityFactors Abstract Introduction LiteratureReview Method Results Conclusion Chapter10:TheIntegratedPrivacyModel Abstract Introduction AnalysisOfTheCurrentStatusOfPrivacy DataProtectionSolutionsInTheEnterprise AdvancedBusinessCentricPersonalDataManagementSystems IntegratingTheAbcPdmsInTheEnterprise ImplicationsForPracticeAndFutureResearch Conclusion Chapter11:PolicyEnforcementSystemForInterOrganizationalDataSharing Abstract 1.Introduction 2.DataPartitioning 3.PolicyRepresentationAndEnforcement
4.DataSharing 5.SummaryAndFutureConsiderations Appendix Chapter12:GoalsAndPracticesInMaintainingInformationSystemsSecurity Abstract Introduction MainGoalsOfInformationSystemsSecurity UserAuthenticationAndAccessControl IntrusionDetectionAndPreventionSystems SummaryAndConclusion Chapter13:FactorsInfluencingCollegeStudents'UseOfComputerSecurity Abstract Introduction TheTheoreticalModel TheEmpiricalStudy DiscussionAndPolicyImplications Conclusion Chapter14:AGameTheoreticApproachToOptimizeIdentityExposureInPervasiveComputing Environments Abstract Introduction RelatedWork TheHierarchicalIdentityModel FindingTheProperIdentityToExpose UsingTheHierarchicalIdentityModelToBuildAnExposureGame PrototypeDesignAndImplementation
EvaluationAndExperiments ConclusionAndFutureWork Chapter15:HidingMessageInMapAlongPreHamiltonianPath Abstract 1.Introduction 2.DataStructureForVectorMap 3.EmbeddingAlgorithm 4.ExtractionAlgorithm 5.Implementation 6.Steganalysis 7.Conclusion Chapter16:ProbabilisticInferenceChannelDetectionAndRestrictionAppliedToPatients'Privacy Assurance Abstract Introduction Background RelatedWork MedicalDataResources MedicalDataRelations ProbabilisticInferenceChannelDetectionAndRestriction PrivacyPreservingDataDisclosure Algorithm Implementation CaseScenario ConclusionAndFutureWork CompilationOfReferences
AboutTheContributors
CONCLUSION Chapter3:IdentityAssuranceinOpenNetworks Abstract INTRODUCTION BACKGROUND IDENTITYASSURANCEFRAMEWORKS FACTORSOFIDENTITYASSURANCE CASESTUDY:TRUSTLEVELSFORATTRIBUTES CONCLUSIONANDFUTURERESEARCH Chapter4:InformationSecurityGovernance ABSTRACT INTRODUCTION BACKGROUND CHANGINGLANDSCAPEOFINFORMATIONSECURITY REFERENCEMODELFORINFORMATIONSECURITYGOVERNANCE FUTURERESEARCHDIRECTIONS CONCLUSION Chapter5:EnterpriseInformationSecurityPolicies,Standards,andProcedures ABSTRACT INTRODUCTION SECURITYDOCUMENTS DIFFERENTIATINGBETWEENPOLICIES,STANDARDS,ANDGUIDELINES ENTERPRISEINFORMATIONSECURITYPOLICIES DISCUSSIONANDANALYSIS CONCLUSION
FUTURERESEARCHDIRECTIONS APPENDIX Chapter6:ISMSBuildingforSMEsthroughtheReuseofKnowledge ABSTRACT INTRODUCTION RELATEDWORK MSM2SMEOVERVIEW GENERATIONOFPATTERNSANDROOTPATTERN APPLICABILITYOFMSM2SME CONCLUSION Chapter7:InformationSecurityandManagementinSocialNetwork ABSTRACT INTRODUCTION BACKGROUND PRIVACYCONTROL SOCIALSPAMMING USERREPUTATIONSYSTEM FUTURERESEARCHDIRECTIONS CONCLUSION Chapter8:MusicistheKey ABSTRACT INTRODUCTION BACKGROUND EXISTINGALTERNATIVES MUSICALPASSWORDS
RESULTS CONCLUSION FUTUREWORK Chapter9:InformationSystemIntegratedSecurity ABSTRACT INTRODUCTION CURRENTTHREATSTOINFORMATIONSECURITY SECURITYOFINDIVIDUALINFORMATIONSYSTEMCOMPONENTS RECOMMENDEDAPPROACHTOINFORMATIONSYSTEMSECURITYMANAGEMENT CONCLUSION Chapter10:SurveillanceCommunitiesofPractice ABSTRACT INTRODUCTION BACKGROUND PROBLEMSTRUCTURE Chapter11:NotEveryCloudBringsRain ABSTRACT INTRODUCTION CLOUDCOMPUTING:ONCEUPONATIME CONCLUSION Chapter12:SecuringtheExtendedEnterprise ABSTRACT 1INTRODUCTION 2BACKGROUND 3ANOVERVIEWOFTHEEXTENDEDENTERPRISE
4CHALLENGESOFEXTERNALINSIDERTHREAT 5SOLUTIONSTOCOUNTERTHEEXTERNALINSIDERTHREAT 6PROPOSEDSOLUTIONTOWARDSEXTERNALINSIDERTHREATANALYSIS 7METHODAPPLIEDTOARETAILERMANUFACTUREREXAMPLE 8RELATEDWORK 9FUTURERESEARCHDIRECTIONS 10CONCLUSION APPENDIXA Chapter13:InformationSecurityManagementSystemsCybernetics ABSTRACT INTRODUCTION OVERVIEWOFMANAGEMENTSYSTEMSANDPOLICIES MANAGEMENTSYSTEMSANDTHEDEMINGCYCLE MODELINGOFTHEPLANT PREVENTIVEADJUSTMENTOFRISKSWITHMANAGEMENTSYSTEMS TARGETFUNCTIONSANDMANAGEMENTSYSTEMS SOLUTIONSANDRECOMMENDATIONS FUTURERESEARCHDIRECTIONS CONCLUSION Chapter14:FraudandIdentityTheftIssues ABSTRACT 1.INTRODUCTION 2.METHODSOFIDENTITYTHEFT 5.INTERNETANDONLINERELATEDIDENTITYTHEFT:PHISHING 6.ANATOMYOFAPHISHINGEMAIL
7.DEFENSEMECHANISMS:COUNTERMEASURESAGAINSTPHISHING 9.CONCLUSION 10.FUTURERESEARCHDIRECTIONS Chapter15:InformationSecurityGovernanceandStandardBasedManagementSystems ABSTRACT INTRODUCTION ResearchFramework HOLISTICINFORMATIONSECURITYGOVERNANCEMODEL IMPLEMENTATION CASESTUDIESRESULTSANDEXPERIENCES OUTLOOK CONCLUSION Chapter16:AConstructGridApproachtoSecurityClassificationandAnalysis ABSTRACT INTRODUCTION CONSTRUCTGRID COMMONAXESFORSECURITY FACETS DISPLAY OTHERTYPESOFAXES USAGE RELATEDWORK CONCLUSION Chapter17:TowardsanOrganizationalCultureFrameworkforInformationSecurityPractices ABSTRACT
INTRODUCTION BACKGROUND THEISSUESOFINFORMATIONSECURITYCULTURE CASEDESCRIPTION DISCUSSION CONCLUSION Chapter18:EstablishmentofEnterpriseSecuredInformationArchitecture ABSTRACT INTRODUCTION Chapter19:InformationSecurityManagementBasedonAdaptiveSecurityPolicyUsingUserBehavior Analysis ABSTRACT INTRODUCTION BACKGROUND INFORMATIONSECURITYMANAGEMENT SECURITYENVIRONMENT ADAPTATIVESECURITYPOLICY USERBEHAVIORANALYSIS USERBEHAVIORANALYSISWITHADAPTATIVESECURITYPOLICY FUTURERESEARCHDIRECTIONS CONCLUSION Chapter20:DetectingCreditFraudinEBusinessSystem ABSTRACT INTRODUCTION LITERATUREREVIEW METHODOLOGY
RESEARCHFINDINGS DATAANALYSISANDDISCUSSION Chapter21:SafeguardingAustraliafromCyberTerrorism ABSTRACT INTRODUCTION CYBERTERRORISMSCADARISKASSESSMENT CONCLUSION Chapter22:DetectingComplianceFailuresinUnmanagedProcesses ABSTRACT INTRODUCTION BACKGROUND INTERNALCONTROLS AUTOMATEDAUDITTOOLS MEASURINGEFFECTIVENESSOFAUDITINGTOOLS PRACTICALCONSIDERATIONS FUTURERESEARCHDIRECTIONS CONCLUSION Chapter23:LossofData ABSTRACT INTRODUCTION BACKGROUND ISSUES FUTURERESEARCH CONCLUSION CompilationofReferences
AbouttheContributors Index
ExitingProtectedView OtherTriggersforProtectedView UnderstandingTrust TrustedDocuments TrustedLocations Summary 3.BobPreparesaPolicy UnderstandingDocumentProperties WorkingwithDocumentInspector WorkingwithDigitalSignatures WhatAboutOffice365? Summary 4.CarolCollaboratesonSomeContent EncryptingaDocument RestrictingEditing Summary A.LearnMore GeneralResourcesonOffice2010SecurityandPrivacy ProtectedView TrustedDocuments TrustedLocations DocumentProperties DocumentInspector DigitalSignatures EncryptwithPassword
CONCLUSION Chapter3:ADistributedandSecureArchitectureforSignatureandDecryptionDelegationthrough RemoteSmartCards ABSTRACT INTRODUCTION PROXYSIGNATURESANDDECRYPTIONS SECURITYREQUIREMENTS DESIGNOFAPROXYSMARTCARDSYSTEM ANALYSISOFPSCS CONCLUSION Chapter4:InformationSecurityManagement ABSTRACT INTRODUCTION METHODOLOGY CONCLUSIONANDRECOMMENDATIONS Chapter5:AnalyzingInformationSecurityGoals ABSTRACT INTRODUCTION BACKGROUND INFORMATIONSECURITYGOALSATASWEDISHHOSPITAL SOLUTIONSANDRECOMMENDATIONS FUTURERESEARCHDIRECTIONS CONCLUSION Chapter6:GraphicalPasswords ABSTRACT INTRODUCTION
BACKGROUND GRAPHICALPASSWORD:AREVIEW SECURITYCONCERNS USABILITYCONCERNS CONCLUSION Chapter7:AssessingtheSecurityofSoftwareConfigurations ABSTRACT INTRODUCTION BACKGROUNDANDRELATEDWORK GENERICAPPROACHFORDEFININGAPPRAISALSBASEDONSECURITYBESTPRACTICES SECURITYBESTPRACTICESFORDATABASEADMINISTRATION ANAPPRAISALTOASSESSTHESECURITYOFDATABASECONFIGURATIONS SELECTINGSOFTWAREPACKAGESFORDATABASEINSTALLATIONS CONCLUSION APPENDIX Chapter8:ADecisionSupportSystemforPrivacyCompliance ABSTRACT INTRODUCTION BACKGROUND HPPRIVACYADVISOR KNOWLEDGEREPRESENTATIONANDINFERENCE FUTURERESEARCHDIRECTIONS CONCLUSION Chapter9:InformationSecurityManagementBasedonLinguisticSharingTechniques ABSTRACT
INTRODUCTION INFORMATIONMANAGEMENTMETHODS TYPESOFINFORMATIONSPLITTINGANDSHARINGTECHNIQUES HIERARCHICALINFORMATIONDIVISIONANDMANAGEMENT THEIDEABEHINDLINGUISTICTHRESHOLDSCHEMES USINGTHRESHOLDSCHEMESINHIERARCHICALSTRUCTURES PROPERTIESOFLINGUISTICTHRESHOLDSCHEMES CONCLUSION Chapter10:SQLInjectionAttacksCountermeasures ABSTRACT INTRODUCTION BACKGROUND ALEARNINGBASEDAPPROACHTODETECTINJECTIONATTACKS CONTEXTSENSITIVESTRINGEVALUATION(CSSE) CSSEIMPLEMENTATION VARIABLENORMALIZATION AMNESIA STOREDPROCEDURES DISCUSSION CONCLUSION Chapter11:SecurityandAuthenticationIssuesofanEmbeddedSystemDesignedandImplementedfor InteractiveInternetUsers ABSTRACT 1.INTRODUCTION 2.SCHEMATICDESCRIPTIONOFTHEFUNCTIONINGCOMPONENTS 3.OVERALLHARDWARESETUPWITHINTERNETIMPLEMENTATION
4.SOFTWAREDEVELOPEDFORTHEPROPOSEDSYSTEM 5.MONITORINGANDCONTROLLINGFROMINTRANETANDINTERNET 6.IMPLEMENTATIONOFAUTHENTICATIONISSUESANDLOGINPAGE 7.CONCLUSIONANDLINESFORFUTUREWORK Chapter12:DistributedKeyManagementSchemeBasedonCLPKCinP2PNetworks ABSTRACT BACKGROUND THEKEYDISTRIBUTIONSCHEMEWITHMULTIPLETRUSTEDCENTERS KEYAGREEMENTPROTOCOL IMPLEMENTATIONOFKEYMANAGEMENTINP2PNETWORKS CONCLUSION Chapter13:APrivacyServiceforComparisonofPrivacyandTrustPolicieswithinSOA ABSTRACT INTRODUCTION BACKGROUND PRIVACYMETAMODELSTRUCTURE TRUSTANDTHEPRIVACYMETAMODEL PRIVACYSERVICESTRUCTURE PROOFOFCONCEPT FUTURERESEARCHDIRECTIONS CONCLUSION Chapter14:CreatingandApplyingSecurityGoalIndicatorTreesinanIndustrialEnvironment ABSTRACT INTRODUCTION BACKGROUND
APPLYINGSGITSINPRACTICE RESULTSANDFUTURERESEARCHDIRECTIONS CONCLUSION NOTE Chapter15:SecurityEnhancementofPeertoPeerSessionInitiation ABSTRACT 1.INTRODUCTION 2.SECURITYCHALLENGES 3.SOLUTIONS 4.CONCLUSION Chapter16:TowardsaFrameworkforCollaborativeEnterpriseSecurity ABSTRACT INTRODUCTION THEREINFORCEMENTMODEL THEPAYOFFMECHANISM CORRECTNESSPROPERTIES IMPLEMENTATIONISSUES EXPERIMENTALANALYSIS CHALLENGESFORCOLLABORATIVESECURITY DIRECTIONSFORFUTUREWORK CONCLUSION Chapter17:PrivacyAwareOrganisationBasedAccessControlModel(PrivOrBAC) ABSTRACT 1.INTRODUCTION 2.MODELLINGMOTIVATION
3.OrBAC 4.THEPRIVACYAWAREORBACMODEL(PRIVORBAC) 5.USECASE 7.CONCLUSION Chapter18:CanFormalMethodsReallyHelp ABSTRACT INTRODUCTION THEROLEOFFORMALMETHODSINTHEDEVELOPMENTOFEVOTINGSYSTEMS THEUSAGEOFFORMALMETHODS LESSONLEARNEDANDFUTURERESEARCHDIRECTIONS CONCLUSION Chapter19:CounteringSpamRobots ABSTRACT INTRODUCTION BACKGROUND FUTURERESEARCHDIRECTIONS CONCLUSION Chapter20:EmbeddedSystemSecurityRiskinaGreenHouseEnvironment ABSTRACT 1.INTRODUCTION 2.LIFECYCLEOFEMBEDDEDSYSTEMFORGREENHOUSEENVIRONMENT 3.SOURCESOFVULNERABILITIESINLIFECYCLE 4.SECURITYINPRODUCTDESIGNMETHODOLOGY 5.REQUIREMENTSFORASECUREPRODUCTDESIGN 6.SECURITYPHILOSOPHYOFEMBEDDEDSYSTEMDEVELOPMENT
7.SECURITYATSYSTEMINTERFACELEVEL 8.SECURITYATUSERINTERFACELEVEL 9.PREVENTION:ASAFESTRATEGY 10.TOLERANCE 11.REMOVALOFVULNERABILITY 12.VULNERABILITYFORECASTING 13.CONCLUSION Chapter21:SecurityinWirelessSensorNetworkswithMobileCodes ABSTRACT 1INTRODUCTION 2ARCHITECTURESOFWIRELESSSENSORNETWORKS 3SECURITYTHREATSINSENSORSYSTEMSWITHMOBILECODES 4REALIZATIONOFCRYPTOGRAPHYALGORITHMSFORWSNNODES 5CONCLUSION Chapter22:GridofSecurity ABSTRACT INTRODUCTION THESECURITYPROBLEM THEGRIDS:GENERALPRESENTATION FROMGRIDTONETWORKSECURITYARCHITECTURE IMPLEMENTATIONISSUES FUTURERESEARCHDIRECTIONS CONCLUSION Chapter23:EffectiveMalwareAnalysisUsingStealthBreakpoints ABSTRACT
INTRODUCTION BACKGROUNDANDRELATEDWORK DESIGNANDIMPLEMENTATION EXPERIENCES PERFORMANCEEVALUATION CONCLUSIONS,LIMITATIONS,ANDFUTURERESEARCH Chapter24:ADynamicCyberSecurityEconomicModel ABSTRACT INTRODUCTION INVOLVEDPARTIES MOTIVATIONSOFVARIOUSPARTIES DISINCENTIVES(DETERRENTS) ACTIVEANDPASSIVEATTACKSANDDEFENSES PROPOSEDECONOMICMODEL FUTURERESEARCHDIRECTIONS CONCLUSION CompilationofReferences AbouttheContributors Index
Summary DiscussionQuestions 3.TheLawofArrest,Search,andSeizure Introduction ConstitutionalFrameworkofAmericanCriminalJustice ArrestandPrivateSectorJustice TheLawofSearchandSeizure:PublicPolice TheLawofSearchandSeizure:PrivatePolice ChallengestotheSafeHarborofPrivateSecurity ConstitutionalPrognosisforPrivateSecurity Summary DiscussionQuestions 4.CivilLiabilityofSecurityPersonnel Introduction TheNatureofCivilLiability ClassificationofCivilWrongs/Torts RemediesundertheCivilRightsAct:42U.S.C.1983 Summary DiscussionQuestions 5.CriminalLiabilityofSecurityPersonnel Introduction:TheProblemofCriminalLiability DefensestoCriminalActs:SelfHelp Summary DiscussionQuestions 6.TheEnforcementofLawsandtheCollection,Preservation,andInterpretationofEvidence
Introduction:PrivateSecuritysRoleinEnforcingtheLaw DefiningCriminalLiability ClassificationofCriminalOffensesandRelatedPenalties SpecificTypesofCrimesandOffenses Summary DiscussionQuestions 7.PublicandPrivateLawEnforcement Introduction:TheRelationshipbetweenthePublicandPrivateSectors PositiveProgramsonInteractionandCooperation Recommendations Summary DiscussionQuestions 8.SelectedCaseReadings Introduction Appendix1 Appendix2 Appendix3 Appendix4
Advanced Penetration Testing for Highly-Secured Environments: The Ultimate Security Guide
By: Lee Allen; Publisher: Packt Publishing Pub. Date: May 16,2012 Print ISBN-13: 978-1-84951-774-4 Pages in Print Edition: 414
AdvancedPenetrationTestingforHighlySecuredEnvironments:TheUltimateSecurityGuide AdvancedPenetrationTestingforHighlySecuredEnvironments:TheUltimateSecurityGuide Credits AbouttheAuthor AbouttheReviewers www.PacktPub.com Supportfiles,eBooks,discountoffersandmore WhySubscribe? FreeAccessforPacktaccountholders Preface Whatthisbookcovers Whatyouneedforthisbook Whothisbookisfor Conventions Readerfeedback Customersupport Errata Piracy
Questions 1.PlanningandScopingforaSuccessfulPenetrationTest Introductiontoadvancedpenetrationtesting Vulnerabilityassessments Penetrationtesting Advancedpenetrationtesting Beforetestingbegins Determiningscope Settinglimitsnothinglastsforever Planningforaction InstallingVirtualBox InstallingyourBackTrackvirtualmachine ExploringBackTrack InstallingOpenOffice Effectivelymanageyourtestresults IntroductiontoMagicTree IntroductiontotheDradisFramework Exportingaprojecttemplate Importingaprojecttemplate Preparingsampledataforimport ExportingdataintoHTML DradisCategoryfield Summary 2.AdvancedReconnaissanceTechniques Introductiontoreconnaissance
Reconnaissanceworkflow DNSrecon Nslookupit'stherewhenyouneedit Whatdidwelearn? DomainInformationGroper(Dig) DNSbruteforcingwithfierce GatheringandvalidatingdomainandIPinformation Gatheringinformationwithwhois Usingsearchenginestodoyourjobforyou SHODAN Findingpeople(andtheirdocuments)ontheweb SearchingtheInternetforclues Metadatacollection Summary 3.Enumeration:ChoosingYourTargetsWisely Addinganothervirtualmachinetoourlab ConfiguringandtestingourVlab_1clients Nmapgettingtoknowyou CommonlyseenNmapscantypesandoptions Basicscanswarmingup OtherNmaptechniques AddingcustomNmapscriptstoyourarsenal SNMP:Agoldmineofinformationjustwaitingtobediscovered SNMPEnum SNMPCheck
WhentheSNMPcommunitystringisNOT"public" CreatingnetworkbaselineswithscanPBNJ SettingupMySQLforPBNJ Firstscan Reviewingthedata Enumerationavoidancetechniques Namingconventions Portknocking Intrusiondetectionandavoidancesystems Triggerpoints SNMPlockdown Summary 4.RemoteExploitation ExploitationWhybother? TargetpracticeAddingaKioptrixvirtualmachine Manualexploitation Enumeratingservices FullscanwithNmap BannergrabbingwithNetcatandNcat SearchingExploitDB ExploitDBathand Runningtheexploit Gettingfilestoandfromvictimmachines InstallingandstartingaTFTPserveronBackTrack5 Installingandconfiguringpureftpd
Startingpureftpd Passwords:Somethingyouknow Crackingthehash Bruteforcingpasswords THCHydra Metasploitlearnitandloveit UpdatingtheMetasploitframework DatabasesandMetasploit UsingMetasploittoexploitKioptrix Summary 5.WebApplicationExploitation Practicemakesperfect InstallingKioptrixLevel3 CreatingaKioptrixVMLevel3clone InstallingandconfiguringMutillidae2.1.7ontheUbuntuvirtualmachine InstallingandconfiguringpfSense PreparingthevirtualmachineforpfSense pfSensevirtualmachinepersistence ConfiguringthepfSenseDHCPserver Startingthevirtuallab pfSenseDHCPPermanentreservations InstallingHAProxyforloadbalancing AddingKioptrix3.comtothehostfile Detectingloadbalancers QuickrealitycheckLoadBalanceDetector
DetectingWebApplicationFirewalls(WAF) TakingonLevel3Kioptrix WebApplicationAttackandAuditFramework(w3af) Usingw3afGUItosavetime Scanningbyusingthew3afconsole IntroductiontoMantra Summary 6.ExploitsandClientSideAttacks BufferoverflowsArefresher "C"ingisbelievingCreateavulnerableprogram TurningASLRonandoffinBackTrack Understandingthebasicsofbufferoverflows Introductiontofuzzing Introducingvulnserver FuzzingtoolsincludedinBackTrack BruteforceExploitDetector(BED) SFUZZ:Simplefuzzer FastTrack UpdatingFastTrack ClientsideattackswithFastTrack SocialEngineeringToolkit Summary 7.PostExploitation Rulesofengagement Whatispermitted?
Canyoumodifyanythingandeverything? Areyouallowedtoaddpersistence? Howisthedatathatiscollectedandstoredhandledbyyouandyourteam? Employeedataandpersonalinformation Datagathering,networkanalysis,andpillaging Linux Puttingthisinformationtouse MicrosoftWindowspostexploitation Pivoting Summary 8.BypassingFirewallsandAvoidingDetection Labpreparation BackTrackguestmachine Ubuntuguestmachine pfSenseguestmachineconfiguration Firewallconfiguration Stealthscanningthroughthefirewall Findingtheports Nowyouseeme,nowyoudon'tAvoidingIDS Canonicalization Timingiseverything Blendingin Lookingattrafficpatterns Cleaningupcompromisedhosts Usingachecklist
Whentocleanup Locallogfiles Miscellaneousevasiontechniques Divideandconquer Hidingout(oncontrolledunits) Fileintegritymonitoring Usingcommonnetworkmanagementtoolstodothedeed Summary 9.DataCollectionToolsandReporting RecordnowSortlater OldschoolThetexteditormethod Nano VIMThepoweruser'stexteditorofchoice NoteCase Dradisframeworkforcollaboration Bindingtoanavailableinterfaceotherthan127.0.0.1 Thereport Challengetothereader Summary 10.SettingUpVirtualTestLabEnvironments Whybotherwithsettinguplabs? Keepingitsimple Nononsensetestexample Networksegmentationandfirewalls Addingcomplexityoremulatingtargetenvironments
Configuringfirewall1 Firewall2setupandconfiguration Web1 DB1 App1 Admin1 Summary 11.TaketheChallengePuttingItAllTogether Thescenario Thesetup NewAltsResearchLabs'virtualnetwork Additionalsystemmodifications Thechallenge Thewalkthrough Definingthescope Determiningthe"why" DevelopingtheRulesofEngagementdocument Initialplanofattack Enumerationandexploitation Reporting Summary
Implementing Cisco IOS Network Security (IINS 640-554) Foundation Learning Guide, Second Edition
By: Catherine Paquet Publisher: Cisco Press Last Updated: 05-JUN-2012 Pub. Date: October 26, 2012 (Estimated) Print ISBN-10: 1-58714-272-4 Print ISBN-13: 978-1-58714-272-7 Pages in Print Edition: 700
Chapter1.NetworkSecurityConceptsandPolicies BuildingBlocksofInformationSecurity SecurityPoliciesusingaLifecycleApproach Summary References ReviewQuestions Chapter2.SecurityStrategyforBorderlessNetwork BorderlessNetworks CiscoBorderlessNetworkSecurityArchitecture BorderlessSecurityProducts Summary References ReviewQuestions Chapter3.NetworkFoundationProtectionandCiscoConfigurationProfessional ThreatsagainsttheNetworkInfrastructure CiscoNFPFramework
CiscoConfigurationProfessional CiscoConfigurationProfessionalBuildingBlocks Summary References Chapter4.SecuritytheManagementPlaneonCiscoIOSdevicesandAAA ConfiguringSecureAdministrationAccess ImplementingSecureManagementandReporting AAAonaCiscoRouter DeployingandConfiguringCiscoSecureACS ChapterSummary References ReviewQuestions Chapter5.SecuringtheDataPlaneonCiscoCatalystSwitches OverviewofVLANsandTrunking SpanningTreeOverview MitigatingLayer2Attacks Summary References ReviewQuestions Chapter6.SecuringtheDataPlaneinIPv6environments[Thiscontentiscurrentlyindevelopment.] Chapter7.ThreatControlstrategy[Thiscontentiscurrentlyindevelopment.] Chapter8.AccessControlLists[Thiscontentiscurrentlyindevelopment.] Chapter9.Firewalls[Thiscontentiscurrentlyindevelopment.] Chapter10.IntrusionPreventionSystems[Thiscontentiscurrentlyindevelopment.] Chapter11.FundamentalsofCryptographyandVPN[Thiscontentiscurrentlyindevelopment.]
IBM z/OS V1R13 Communications Server TCP/IP Implementation: Volume 4 Security and Policy-Based Networking
By: Mike Ebbers; Rama Ayyar; Octavio L. Ferreira; Yohko Ojima; Gilson Cesar de Oliveira; Mike Riches; Maulide Xavier Publisher: IBM Redbooks Pub. Date: March 29, 2012 Part Number: SG24-7999-00 Print ISBN-10: 0-7384-3658-5 Print ISBN-13: 978-0-7384-3658-6 Pages in Print Edition: 960
Notices Trademarks Preface Theteamwhowrotethisbook Nowyoucanbecomeapublishedauthor,too! Commentswelcome StayconnectedtoIBMRedbooks Part1:SAFbasedsecurity Chapter1:RACFdemystified 1.1:RACFbasicconcepts 1.2:Protectingyournetworkresources 1.3:Protectingyourprograms AuthorizedProgramFacility ProgramprotectionbyRACFresourceclassPROGRAM ProgramAccessControl
ControllingprogramaccessbySYSID Thestickybitinthez/OSUNIXenvironment 1.4:AssociatingauserIDwithastartedtask 1.5:Settingupsecurityfordaemonsinz/OSUNIX 1.6:RACFmultilevelsecurityfornetworkresources BasicMLSconcepts Securitylevels 1.7:DigitalcertificatesinRACF 1.8:Additionalinformation Chapter2:Protectingnetworkresources 2.1:TheSERVAUTHresourceclass 2.2:ProtectingyourTCP/IPstack Stackaccessoverview Examplesetup 2.3:Protectingyournetworkaccess Networkaccesscontroloverview Serverconsiderations UsingNETSTATfornetworkaccesscontrol Workingexampleofnetworkaccesscontrol 2.4:Protectingyournetworkports ThePORT/PORTRANGESAFkeyword UsingNETSTATtodisplayPortAccesscontrol 2.5:Protectingtheuseofsocketoptions SO_BROADCASTsocketoptionaccesscontrol IPv6advancedsocketAPIoptions
2.6:Protectingsensitivenetworkcommands z/OSVARYTCPIPcommandsecurity TSONETSTATandUNIXonetstatcommandsecurity Policyagentcommandsecurity IPSeccommandaccesscontrol EZACMDconsolecommandsecurity Additionalinformation 2.7:ProtectingFTP RestrictcertainusersfromloggingintoFTPserver ProtectotherFTPrelatedresources 2.8:Protectingnetworkmanagementresources SNMPagentcontrol TCPconnectioninformationserviceaccesscontrol CIMprovideraccesscontrol 2.9:Protectingmiscellaneousresources DigitalCertificateAccessServeraccesscontrol MODDVIPAutilityprogramcontrol DVIPAactivationandmovementControl FastResponseCacheAcceleratoraccesscontrol RealtimeSMFinformationserviceaccesscontrol TCP/IPpackettraceserviceaccesscontrol TCP/IPstackinitializationaccesscontrol RPCBINDapplicationregistrationcontrol Part2:Managingsecurity Chapter3:Certificatemanagementinz/OS
3.1:Digitalcertificatesoverview Whatisadigitalcertificate Howdigitalcertificateswork 3.2:Digitalcertificatetypes Certificateauthoritycertificates User(personal)certificates Sitecertificates Howadigitalcertificatecanbeobtained 3.3:Configuringtheutilitiestogeneratecertificatesinz/OS Utilitiesinz/OSformanagingcertificates Digitalcertificatefieldformats UsingtheRACFRACDCERTcommand Usingthegskkymancommand 3.4:UsingcertificatesinsampleIBMenvironments HostOnDemandandcertificates Sharedsitecertificateandsharedkeyring Selfsignedcertificates Internal(local)certificateauthority External(wellknown)certificateauthority Part3:Policybasednetworking Chapter4:Policyagent 4.1:Policyagentdescription Basicconcepts Whereandhowtodefinepolicies 4.2:ImplementingPAGENTonz/OS
StartingPAGENTasstartedtask StartingPAGENTfromUNIX StoppingPAGENT DisablingPAGENTpoliciesforIPSec Basicconfiguration Codingpolicydefinitionsinaconfigurationfile Refreshingpolicies Policyinfrastructuremanagement Verification CentralizedPolicyServer Foradditionalinformation 4.3:SettinguptheTrafficRegulationManagementdaemon StartingTRMDusingPAGENT Settingupthestartedtaskprocedure StartingTRMDfromz/OSUNIX DefiningthesecurityproductauthorizationforTRMD TRMDSTAT 4.4:ConfigurationAssistantforz/OSCommunicationsServer Usingz/OSMFConfigurationAssistant GeneralconfigurationstepsusingtheConfigurationAssistant DiscoveryofTCP/IPprofilefunction Commonconfigurationofmultiplestacks 4.5:Connectionflooding 4.6:Backupandmigrationconsiderations Thebackingstorefile
Migratingbackingstorefilestoz/OSMFConfigurationAssistant Importing(merging)backingstorefiles ImportingthepolicyfiletoConfigurationAssistant 4.7:Additionalinformation Chapter5:CentralPolicyServer 5.1:Background 5.2:Basicconcepts 5.3:Configuringdistributed(centralized)policyservices ConfiguringthebaseenvironmentwithSSL Configuringthepolicyserver Configuringthepolicyclient Correlatingthedefinitionsatthepolicyserverandpolicyclient 5.4:Activatingandverifyingthepolicyservicesenvironment 5.5:Diagnosingthecentralizedpolicyservicesenvironment 5.6:ConfiguringtheCentralPolicyServerwithoutSSLSecurity 5.7:Additionalinformation Chapter6:Qualityofservice 6.1:Qualityofservice(QoS)definition DifferentiatedServices QoSwithz/OSCommunicationsServer PAGENTQoSpolicies MigratingTRQoSpoliciestointrusiondetectionservicespolicyfunction 6.2:ConfiguringQoSinthez/OSCommunicationsServer Policies DifferentiatedServicesrule
Foradditionalinformation 6.3:QoSimplementation UsingtheConfigurationAssistanttoconfigureQoS IncludingQoSinthepolicyagentconfiguration 6.4:VerifyinganddiagnosingtheQoSimplementation Availablemanagementtools z/OSCommunicationsServerSNMPSLASubagent Chapter7:IPfiltering 7.1:DefineIPfiltering Basicconcepts IPfilterpolicytypes 7.2:z/OSIPfilteringimplementation EnablingIPFiltering ConfiguringdefaultIPfilterpolicy ConfiguringIPsecurityfilterpolicyusingPAGENT Problemdetermination Foradditionalinformation Chapter8:IPSecurity 8.1:IPSecdescription 8.2:Basicconcepts Keycomponents IPAuthenticationHeaderprotocol IPEncapsulatingSecurityPayloadprotocol InternetKeyExchangeprotocol:PresharedkeyandRSAsignaturemode 8.3:CurrentIPsecsupport
IKEversion2(IKEv2)support IPSecsupportforcertificatetrustchains IPSecsupportforcertificaterevocationlists IPSecsupportforcryptographiccurrency IPSecsupportforFIPS140cryptographicmode AEScryptographicsupportforintegratedIPSecinaVPN TrustedTCPconnections zIIPAssistedIPSecfunction 8.4:Workingwiththez/OSCommunicationsServerNetworkManagementInterface 8.5:HowIPSecisimplemented InstallingthePAGENT SettinguptheTrafficRegulationManagementdaemon UpdatingtheTCP/IPstacktoactivateIPSec Restrictingtheuseoftheipseccommand InstallingtheIBMConfigurationAssistantforz/OSCommunicationsServer DescriptionoftheIPSecscenarios DefiningtheIPSecpoliciestoPAGENT SettinguptheIKEdaemon RACFcertificatedefinitionsforIKED Settingupthesystemloggingdaemon(SYSLOGD)tologIKEDmessages StartingtheIKEdaemonandverifyinginitialization CommandsusedtoadministerIPsecurity 8.6:ConfiguringIPSecbetweentwoz/OSsystems:PresharedKeyModeusingIKEv2 Usingz/OSMFConfigurationAssistanttosetuptheIPSecpolicies Installingtheconfigurationfiles
VerifyingIPSecbetweentwoz/OSimages 8.7:ConfiguringIPSecbetweentwoz/OSsystems:RSAsignaturemodeusingIKEv1 GeneratingcertificatesforIKEv1RSAsignaturemode CreatingtheIPSecfiltersandpoliciesfortheIPSectunnel ModifyingexistingpoliciestouseRSAsignaturemode VerifyingIKEwithRSAsignaturemode DiagnosingIKEwithRSAsignaturemode 8.8:Additionalinformation Chapter9:NetworkSecurityServicesforIPSecclients 9.1:Basicconcepts ReviewofIKED TheNSSsolutionforIKEDClients:IPSecdiscipline 9.2:ConfiguringNSSfortheIPSecdiscipline Overviewofpreliminarytasks NSSclientandNSSserver Preparingforconfiguration ConfiguringtheNSSenvironment ConfiguringprerequisitesforNSSforanIKEDClient ConfiguringauthorizationsforNSS ConfiguringtheNSSserverforanIKEDClient EnablinganIKEDNSSclienttouseNSS CreatingNSSfilesforanIKEDClientwithz/OSMFConfigurationAssistant 9.3:VerifyingtheNSSenvironmentfortheIKEDClient MakeavailableNSSconfigurationandpolicyfiles InitializeNSSDandtheNSSclient
NSSandIKEdisplaysonSC33andSC32 9.4:DiagnosingtheNSSDenvironment Resourcesandguidance Examplesoflogginginformationfordiagnosis 9.5:WorksheetquestionsforNSSDimplementation(IKEDClient) 9.6:Additionalinformation Chapter10:NetworkSecurityServicesforWebSphereDataPowerappliances 10.1:Basicconcepts NSSbenefits ReviewofDataPower TheNSSsolutionforXMLApplianceClients:SAFservice NSSsolutionforXMLApplianceclients:Privatekeyandcertificateservices 10.2:ConfiguringNSS OverviewofNSSconfigurationforanNSSXMLApplianceClient Preparingforconfiguration ConfiguringtheNSSenvironmentatz/OS CreatingNSSServerfilesforanNSSXMLApplianceClientwithIBMConfigurationAssistant ConfiguringtheNSSenvironmentattheWebSphereDataPowerSOAAppliancetosupporttheSAF accessservice ConfiguringtheNSSenvironmentattheWebServicesRequester 10.3:VerifyingtheNSSconfigurationwiththeNSSClient(XMLApplianceDiscipline) Operationswithz/OSNSSServer OperationswiththeDataPowerapplianceandClient OperationswiththeWebServicesRequesterplatform 10.4:Additionalinformation 10.5:NSSconfigurationworksheetforanNSSXMLApplianceclient
Chapter11:NetworkAddressTranslationtraversalsupport 11.1:NetworkAddressTranslation(NAT) OnetooneNAT NetworkAddressPortTranslation 11.2:IPSecandNATincompatibilities 11.3:NAPTtraversalsupportforintegratedIPSec/VPN EnablingNAPTtraversalsupportforIPSec Testingandverification Chapter12:ApplicationTransparentTransportLayerSecurity 12.1:ConceptualoverviewofATTLS WhatisATTLS HowATTLSworks HowATTLScanbeapplied 12.2:ATTLSImplementationExample:REXXsocketAPI DescriptionofREXXATTLSsupport ConfigurationofREXXATTLSsupport ActivationandverificationofREXXATTLSsupport 12.3:ProblemdeterminationforATTLS 12.4:AdditionalinformationsourcesforATTLS Chapter13:Intrusiondetectionservices 13.1:Whatisintrusiondetectionservices 13.2:Basicconcepts Scanpolicies Attackpolicies IPv6Support
IDSReporting Trafficregulationpolicies 13.3:HowIDSisimplemented Installingthepolicyagent Thez/OSMFConfigurationAssistant ConfiguringIDSpolicyusingthez/OSMFConfigurationAssistant InstallingtheIDSpolicy 13.4:Sampledisplays IDSSupporttodetectIPv6attacks Portscan AdditionalinformationaboutNetViewandz/OSIDS Chapter14:IPdefensivefiltering 14.1:Overviewofdefensivefiltering 14.2:Basicconcepts Filtertypes Formatoftheipseccommand 14.3:Implementingdefensivefiltering EnablingIPSecfilteringintheTCP/IPstack DefiningSAF(RACF)authorizationsfordefensivefiltering ImplementingtheDMDprocedure Operationsandverificationwithdefensivefiltering Conclusions 14.4:Additionalinformation Chapter15:Policybasedrouting 15.1:Policybasedroutingconcept
15.2:Routingpolicy 15.3:Implementingpolicybasedrouting Policybasedroutingusingjobname,protocol,anddestinationIPaddress Policybasedroutingusingprotocolandportnumbers Part4:Applicationbasedsecurity Chapter16:Telnetsecurity 16.1:ConceptualoverviewofTN3270security WhatisTN3270security HowTN3270securityworks HowTN3270securitycanbeapplied 16.2:TN3270nativeTLSconnectionsecurity DescriptionofTN3270nativeconnectionsecurity ConfiguringTN3270nativeconnectionsecurity 16.3:BasicnativeTLSconfigurationexample EnablingnativeTSL/SLLsupportforTN3270 Activatingandverifyingtheconfiguration 16.4:TN3270withATTLSsecuritysupport DescriptionofTN3270ATTLSsupport ConfigurationofTN3270ATTLSsupport 16.5:BasicATTLSconfigurationexample ImplementingTN3270ATTLSsupport ActivatingandverifyingTN3270ATTLSsupport 16.6:ProblemdeterminationforTelnetserversecurity 16.7:AdditionalinformationsourcesforTN3270ATTLSsupport Chapter17:SecureFileTransferProtocol
17.1:ConceptualoverviewofFTPsecurity WhatisFTPsecurity HowFTPsecurityworks HowFTPsecuritycanbeapplied 17.2:FTPclientwithSOCKSproxyprotocol DescriptionoftheSOCKSproxyprotocol ConfigurationofSOCKSproxyprotocol ActivationandverificationoftheSOCKSproxyFTP 17.3:FTPwithnativeTLSsecuritysupport DescriptionofFTPnativeTLSsecurity ConfigurationofFTPnativeTLSsecurity ActivationandverificationofFTPserverwithoutsecurity ActivationandverificationoftheFTPserverwithTLSsecurity:Internetdraftprotocols Activation,verificationofFTPserverwithTLSsecurity:RFC4217protocols ImplicitsecureTLSlogin 17.4:FTPwithATTLSsecuritysupport DescriptionofFTPATTLSsupport ConfigurationofFTPATTLSsupport ActivationandverificationofFTPATTLSsupport 17.5:MigratingfromnativeFTPTLStoFTPATTLS Migratingpoliciestoanewreleaseofz/OSCommunicationsServer DetailsonmigratingfromTLStoATTLS 17.6:FTPTLSandATTLSproblemdetermination 17.7:Additionalinformation Part5:Appendixes
AppendixA:Basiccryptography Cryptographybackground Potentialproblemswithelectronicmessageexchange Therequestisnotreallyfromyourclient Theordercouldhavebeeninterceptedandread Theordercouldhavebeeninterceptedandaltered Anorderisreceivedfromyourclient,buthedeniessendingit Secretkeycryptography Publickeycryptography Encryption Authentication Publickeyalgorithms Digitalcertificates Performanceissuesofcryptosystems Messageintegrity Messagedigest(orhash) Messageauthenticationcodes Digitalsignatures AppendixB:Telnetsecurityadvancedsettings AdvancednativeTLSconfiguration Implementationtasks Activationandverification AdvancedATTLSconfigurationusingclientIDgroups Implementationtasks Activationandverification
AppendixC:ConfiguringIPSecbetweenz/OSandWindows IPSecbetweenz/OSandWindows:PresharedKeyMode SetuptheIKEdaemon Setupthez/OSIPSecpolicy SetupaWindowsIPSecpolicyforpresharedkeymode Verifythatthingsareworking IPSecbetweenz/OSandWindows:RSAmode SetuptheIKEdaemon Setupthex.509certificatesforRSAmode ExporttheCertificatesfromRACFDatabase Setupthez/OSIPSecpolicyforRSA SetupaWindowsIPSecpolicyforRSAmode Importthez/OScertificatesintoWindowsXP CreatetheIPsecuritypolicy Verifythatthingsareworking AppendixD:zIIPAssistedIPSec Background ConfiguringzIIPAssistedIPSEC ExampleofzIIPAssistedIPSecimplementation zIIPperformanceprojection AppendixE:z/OSCommunicationsServerIPSecRFCcurrency AppendixF:Ourimplementationenvironment Theenvironmentusedforallfourbooks Ourfocusforthisbook Relatedpublications
Section4:ProtectionMechanisms Chapter10:RetrofittingExistingWebApplicationswithEffectiveDynamicProtectionAgainstSQL InjectionAttacks Chapter11:ImprovingMemoryManagementSecurityforCandC++ Chapter12:Katana Chapter13:AFormalApproachforSecuringXMLDocument Section5:ToolsforSecurityAwareDevelopment Chapter14:AToolSupportforSecureSoftwareIntegration Chapter15:TowardsToolSupportforUsableSecureRequirementsEngineeringwithCAIRIS Section6:SecuresoftwareEducationandTraining Chapter16:SecureSoftwareEducation Chapter17:DevelopmentofaMasterofSoftwareAssuranceReferenceCurriculum Chapter18:ARigorousApproachtotheDefinitionofanInternationalVocationalMastersDegreein InformationSecurityManagement CompilationofReferences AbouttheContributors Index
Section2.4.CompromisingDevicesandInjectingCode Section2.5.Exercises Section2.6.Summary Chapter3.StealingtheFilesystem Section3.1.FullDiskEncryption Section3.2.CopyingtheLiveFilesystem Section3.3.CopyingtheRawFilesystem Section3.4.Exercises Section3.5.TheRoleofSocialEngineering Section3.6.Summary Chapter4.ForensicTraceandDataLeakage Section4.1.ExtractingImageGeotags Section4.2.SQLiteDatabases Section4.3.ReverseEngineeringRemnantDatabaseFields Section4.4.SMSDrafts Section4.5.PropertyLists Section4.6.OtherImportantFiles Section4.7.Summary Chapter5.DefeatingEncryption Section5.1.SogetisDataProtectionTools Section5.2.ExtractingEncryptionKeys Section5.3.DecryptingtheKeychain Section5.4.DecryptingRawDisk Section5.5.DecryptingiTunesBackups Section5.6.DefeatingEncryptionThroughSpyware
Section5.7.Exercises Section5.8.Summary Chapter6.UnobliteratingFiles Section6.1.ScrapingtheHFSJournal Section6.2.CarvingEmptySpace Section6.3.CommonlyRecoveredData Section6.4.Summary Chapter7.ManipulatingtheRuntime Section7.1.AnalyzingBinaries Section7.2.EncryptedBinaries Section7.3.AbusingtheRuntimewithCycript Section7.4.Exercises Section7.5.Summary Chapter8.AbusingtheRuntimeLibrary Section8.1.BreakingObjectiveCDown Section8.2.DisassemblingandDebugging Section8.3.MaliciousCodeInjection Section8.4.InjectionUsingDynamicLinkerAttack Section8.5.Summary Chapter9.HijackingTraffic Section9.1.APNHijacking Section9.2.SimpleProxySetup Section9.3.AttackingSSL Section9.4.AttackingApplicationLevelSSLValidation Section9.5.HijackingFoundationHTTPClasses
Section9.6.AnalyzingData Section9.7.Driftnet Section9.8.Exercises Section9.9.Summary Part2:Securing Chapter10.ImplementingEncryption Section10.1.PasswordStrength Section10.2.IntroductiontoCommonCrypto Section10.3.MasterKeyEncryption Section10.4.GeoEncryption Section10.5.SplitServerSideKeys Section10.6.SecuringMemory Section10.7.PublicKeyCryptography Section10.8.Exercises Chapter11.CounterForensics Section11.1.SecureFileWiping Section11.2.WipingSQLiteRecords Section11.3.KeyboardCache Section11.4.RandomizingPINDigits Section11.5.ApplicationScreenshots Chapter12.SecuringtheRuntime Section12.1.TamperResponse Section12.2.ProcessTraceChecking Section12.3.BlockingDebuggers Section12.4.RuntimeClassIntegrityChecks
Section12.5.InlineFunctions Section12.6.ComplicatingDisassembly Section12.7.Exercises Chapter13.JailbreakDetection Section13.1.SandboxIntegrityCheck Section13.2.FilesystemTests Section13.3.PageExecutionCheck Chapter14.NextSteps Section14.1.ThinkingLikeanAttacker Section14.2.OtherReverseEngineeringTools Section14.3.SecurityVersusCodeManagement Section14.4.AFlexibleApproachtoSecurity Section14.5.OtherGreatBooks
I3.6PartVI:EventMonitoringandSituationAwareness I3.7PartVII:PolicyIssuesinSecurityManagement I3.8PartVIII:SecurityIssuesinRealWorldSystems I4HowtoUseTheHandbook I4.1AdvancedUndergraduateorGraduateCourse I4.2ATrainingCourse Acknowledgements ITheoreticalFoundations References 1SecurityandVulnerabilityofCyberPhysicalInfrastructureNetworks:AControlTheoreticApproach 1.1Introduction 1.2DefinitionsforSecurityandVulnerabilityofNetworkDynamics 1.2.1Review:DifferentialEquationModelsforInfrastructureNetworks 1.2.2DefiningSecurityMeasuresfortheDynamicalNetworkExample 1.2.3DefinitionsofVulnerabilityforInfrastructureNetworkDynamics AModelforAttacks MeasuringtheImpactofAttacks DefiningVulnerability 1.2.4IntegratedAnalysis:Prevention,Attack,andMitigationTogether Scenario1:AttackDesignbyAdversaries Scenario2:PreventionofLargeImpactAttacks Scenario3:AttackDetection/MitigationandStealth 1.2.5AnIllustrativeExample 1.3NetworkControlToolsforCharacterizingandDesigningSecurityandVulnerability 1.3.1ToolsforNetworkInference
InitialConditionEstimationonaLaplacianNetworkSystem SteadyStateProbabilityEstimationforanErgodicMarkovChain SpectrumEstimationinaLaplacianNetwork 1.3.2ToolsforModelingEnvironmentalUncertainties 1.3.3GraphTheoreticToolsforNetworkControlandDesign 1.3.4ToolsforControlTheoreticFeatureBasedPartitioning 1.4ConclusionsandFutureWork Exercises References 2GameTheoryforInfrastructureSecurity:ThePowerofIntentBasedAdversaryModels 2.1Introduction 2.1.1MotivationinAnomalyDetection 2.1.2MotivationinAnonymousCommunicationSystems 2.1.3TechnicalResults AnomalyDetection AnonymousCommunicationSystems 2.2Preliminaries 2.2.1GameTheoryBasics Overview ModelofIntent:UtilityFunction(Payoff) NashEquilibrium TaxonomyofGames StrategicGame ExtensiveGame 2.2.2AnomalyDetectionBasics
2.2.3AnonymousCommunicationBasics 2.3IntentbasedAdversaryModelforAnomalyDetection 2.3.1AnIntentBasedViewofParticipatingParties:SmartInsiders,NaveAttackers,andtheDefender SmartInsiders NaveAttackers Defender 2.3.2FormalGameTheoreticFormulation Defender'sReputation 2.3.3PowerofIntentBasedAdversaryModel:MaintainingDefender'sReputationinAnomalyDetection SystemswithonlySmartInsiders BasicIdea ReputationEstablishmentAlgorithm TheoreticalAnalysis SystemswithSmartInsidersandNaveAttackers BasicIdea ReputationEstablishmentAlgorithm 2.4IntentbasedAdversaryModelforAnonymousCommunicationSystems 2.4.1AnIntentBasedViewofParticipatingParties:TorandEntryexitLinkingAttackers ModelofTor ModelofEntryExitLinkingAttackers 2.4.2PerformanceofPathSelection 2.4.3FormalGameTheoreticFormulation AdversaryandDefender'sStrategies Adversary'sStrategy Defender'sStrategy
AdversaryandDefender'sUtilityFunctions Adversary'sObjective Defender'sObjective ObjectiveofGameTheoreticAnalysis 2.4.4PowerofIntentBasedModel:AnalysisofStartingRoundofInteractions Round1:BasicDesign Defender(Tor)'sCurrentStrategy Adversary'sStrategy Round2:StratifiedPathSelection Defender'sStrategy Adversary'sStrategy ObservationfromRound2 Round3:BandwidthOrderSelection Defender'sStrategy. Adversary'sStrategy ObservationfromRound3 Round4:AdaptiveExitSelection Defender'sStrategy Adversary'sStrategy ObservationfromRound4 2.5Conclusion Exercises References 3AnAnalyticalFrameworkforCyberPhysicalNetworks 3.1Introduction
3.2SpatialDispersionModels 3.2.1ABriefReview 3.2.2AHierarchyofDispersionModels 3.3CPNDesignandAnalysis 3.3.1AnAnalyticalCPNModel SensorNodes ComputationNodes NodePlacementandCoverage 3.3.2PlacementandCoverageProblems 3.3.3ProjectiveSpaceandFusers 3.3.4BayesianandEmpiricalEstimationMethods 3.4CPNInfrastructureRobustness 3.4.1RobustnessBasedonExpectations 3.4.2IntentionalCompromises 3.5Conclusions Exercises Acknowledgments References 4EvolutionofWidelySpreadingWormsandCountermeasures:EpidemicTheoryandApplication 4.1Introduction 4.2ObjectivesandstrategiesofWormpropagatoranddefender 4.2.1WormPropagator 4.2.2Defender 4.3WormInitialAttacks 4.3.1IdentificationStrategies
PureRandomScanStrategy HitListScanStrategy SocialNetworkScanStrategy 4.3.2EpidemicModelingandAnalysis 4.4DefenseAgainstInitialAttacks 4.4.1DetectionStrategy TrafficPayloadSignatureBasedStrategy TargetIPAddressOccupancyBasedStrategy TrafficPatternBasedStrategy 4.4.2ReactionStrategy 4.5WormEvolution 4.5.1PayloadSignatureReattack 4.5.2IPOccupancyReattack 4.5.3TrafficPatternReattack BasicIdeas EpidemicModelingandAnalysis 4.6DefenseEvolutionversusWormEvolution 4.6.1Methodology 4.6.2PayloadSignatureBasedDetection:Reload 4.6.3IPAddressOccupancyBasedDetection:Reload 4.6.4TrafficPatternBasedDetection:Reload 4.7FinalRemarks Questions References IISecurityforWirelessMobileNetworks
References 5MobileWirelessNetworkSecurity 5.1Introduction 5.2WirelessCommunicationsSecurity 5.2.1WirelessCommunicationsSpecificThreats 5.2.2SecurityinWirelessCommunications 5.2.3StreamCipher 5.2.4BlockCipher 5.2.5Authentication 5.3MobilitySupportSecurity 5.3.1MobilitySupportinIPV4andIPv6 5.3.2MobileCommunicationsSpecificThreats 5.3.3BasicSecurityinMobilitySupportinIPv4andIPv6 BasicSecurityinMobilitySupportforIPv4 MessageOriginAuthentication MessageReplayProtection BasicSecurityinMobilitySupportforIPv6 ReturnRoutabilityProcedure 5.3.4ExtensiontoBasicSecurity MutualAuthenticationUsingPublicKeyInfrastructure SecureSmoothHandoff CryptographicallyGeneratedAddresses DenialofServiceAttackMitigation FirewallTraversal 5.4ConclusionandFutureResearch
Exercises References 6RobustWirelessInfrastructureagainstJammingAttacks 6.1Introduction 6.2DesignVulnerabilitiesofWirelessInfrastructure 6.2.1DesignPrinciplesofWirelessInfrastructure RadioResourcesEfficiency EnergyConservation ControlMechanisms 6.2.2VulnerabilitytoCrossLayerAttacks 6.2.3AttackModels 6.2.4CaseStudies CellularNetworks WirelessLocalAreaNetworks 6.3ResiliencytoOutsiderCrossLayerAttacks 6.3.1PhysicalLayerResiliency SpreadSpectrum SmartAntennas MobilityBasedResiliency 6.3.2LinkLayerResiliency CryptographicInterleaversandCoding RateAdaptation 6.4ResiliencytoInsiderCrossLayerAttacks 6.4.1PolynomialKeyAssignmentforRobustBroadcastandInsiderAttackersIdentification PolynomialBasedKeyAssignmentAgainstTTraitors(PBKT)
PerformanceAnalysis AnExample TraitorsIdentification RandomKeyAssignment 6.4.2ZeroPreSharedSecretsSpreadSpectrumCommunications ZeroPreSharedKeyDSSS KeyScheduledReverseTimeDecoding 6.5GameTheoreticModelsandMechanisms 6.5.1GameFormulations 6.5.2BestResponseOptimization 6.5.3EquilibriaCharacterization 6.5.4BasicGame 6.5.5OptimizationProblems 6.5.6NashEquilibria 6.5.7Generalizations 6.6Conclusions Exercises References 7SecurityforMobileAdHocNetworks 7.1Introduction 7.2BasicFeaturesofManet 7.3SecurityChallenges 7.4SecurityAttacks 7.4.1PassiveAttacks 7.4.2ActiveAttacks
Attacksbydroppingpackets Attacksusingmodificationofprotocolmessages Attacksusingimpersonation Attacksusingfabrication Wormholeattacks 7.5ProvidingBasicSecurityInfrastructure 7.5.1CentralizedCA 7.5.2PartiallyDistributedThresholdCA 7.5.3FullyDistributedThresholdCA 7.5.4HierarchicalCA 7.5.5SelfOrganizedKeyManagement 7.5.6CompositeKeyManagement 7.5.7AutonomousKeyManagement 7.5.8CertificatelessPublicKeyManagement 7.5.9SymmetricKeyDistribution 7.5.10SymmetricGroupKeyDistribution 7.5.11LogicalKeyHierarchy(LKH) 7.6SecuritySolutions 7.7SecureADHOCRouting 7.7.1AuthenticatedRoutingforAdHocNetworks(ARAN) Preliminarycertification Authenticatedroutediscoveryandsetup Routemaintenance 7.7.2SecureRoutingProtocol(SRP) Routerequest
Queryhandling Routereply Routereplyvalidation 7.7.3SecureEfficientDistanceVectorRouting(SEAD) DestinationSequencedDistanceVector(DSDV) 7.7.4ASecureOnDemandRoutingProtocolforAdHocNetworks(ARIADNE) TESLA Ariadneroutediscovery Ariadneroutemaintenance 7.7.5OnDemandSecureRoutingProtocolResilienttoByzantineFailures(SRPRBF) Routediscoverywithfaultavoidance Byzantinefaultdetection Linkweightmanagement 7.7.6SecureAdhocOndemandDistanceVectorRouting(SAODV) SAODVhashchains SAODVdigitalsignatures SAODVerrormessages 7.7.7SecurityAwareAdHocRoutingProtocol(SAR) 7.7.8SecureLinkStateRoutingforMobileAdHocNetworks(SLSP) 7.7.9AnonymousOnDemandRouting(ANODR) 7.8IntrusionDetectionandResponse 7.8.1WatchdogandPathrater Watchdog Pathrater 7.8.2NeighborhoodWatch
Intrusiondetection Intrusionresponse 7.8.3CONFIDANT 7.8.4Core Protocolexecutionwhennomisbehaviorisdetected Protocolexecutionwhenmisbehaviorisdetected Requestmadebyamisbehavingentity 7.8.5ObservationBasedCooperationEnforcementinAdHocNetworks 7.8.6RealTimeIntrusionDetectionforAdHocNetworks(RIDAN) 7.8.7CooperativeIntrusionDetectionSystem Anomalydetectionmodel Identifyingattacktypes UnconditionalPacketDropping RandomPacketDropping Selective(Random)PacketDropping Blackhole Clusterbasedintrusiondetection 7.8.8EffectiveIntrusionDetectionUsingMultipleSensors 7.8.9DynamicHierarchicalIDS 7.8.10AcknowledgmentBasedIDS 7.8.11CollaborativeIDS TheADCLIalgorithm TheADCLUalgorithm 7.9ConclusionsandFutureWork Exercises
References 8DefendingAgainstIdentityBasedAttacksinWirelessNetworks 8.1Introduction 8.2FeasibilityofLaunchingIdentityBasedAttacks 8.2.1SpoofingAttacks 8.2.2SybilAttacks 8.3PreventingIdentityBasedAttacksviaAuthentication 8.3.1PreventingSpoofingAttacks 8.3.2PreventingSybilAttacks 8.4DefendingAgainstSpoofingAttacks 8.4.1ChannelBasedSpoofingDetection 8.4.2RelationshipBasedDetectionofSpoofingAttacks 8.4.3DetectingSpoofingAttacksUsingReceivedSignalStrength 8.5DefendingAgainstSybilAttacks 8.5.1ChannelBasedSybilAttackDetection 8.5.2AnRSSIBasedSchemeforSybilAttackDetection 8.5.3RadioResourceTestingforSybilDetection 8.6AGeneralizedIdentityBasedAttackDetectionModel 8.6.1FormulationofAttackDetection 8.6.2TheoreticalAnalysisoftheSpatialCorrelationofRSS 8.6.3TestStatisticsforDetectionofIdentityBasedAttacks 8.6.4DetectionPhilosophy DetectingSpoofingAttacks DetectingSybilAttacks 8.6.5ExperimentalEvaluation
ExperimentalMethodology ExperimentalEvaluationofDetectingSpoofingAttacks ExperimentalEvaluationofDetectingSybilAttacks 8.6.6LocalizingAdversaries LocalizationSystem AttackLocalizer ExperimentalEvaluation 8.7ChallengesandResearchDirections 8.8Conclusion Exercises References IIISecurityforSensorNetworks References 9EfficientandDistributedAccessControlforSensorNetworks 9.1Introduction 9.2ExistingSchemes 9.2.1TheWangLiScheme 9.2.2TheLeastPrivilegeScheme 9.3SystemModelsandAssumptions 9.3.1DatasetTableandAccessModel 9.3.2DesignGoalsandAttackModels 9.4SchemeI:UniAccessQuery 9.4.1Component1:AccessEnforcement 9.4.2Component2:EnablingPrivilegeDelegation 9.4.3Component3:SupportingPrivilegeDeprivation
9.5SchemeII:MultiAccessQuery 9.6Evaluation 9.6.1EvaluationoftheUniAccessQueryScheme 9.6.2EvaluationoftheMultiAccessQueryScheme 9.7ConclusionandFutureWork Exercises References 10DefendingAgainstPhysicalAttacksinWirelessSensorNetworks 10.1Introduction 10.2RelatedWork 10.2.1SecurityinSensorNetworks EavesdroppingAttacks TrafficAnalysisAttacks Spoof,Replay,andMessageAlteringAttacks DenialofService(DoS)Attacks ImpersonationAttacks SensorNodeCompromiseAttacks 10.2.2FaultToleranceinSensorNetworks NodeLevel TopologyLevel DataDelivery EventDetection 10.3PhysicalAttacksinSensorNetworks 10.4ChallengesinDefendingAgainstPhysicalAttacks 10.5CaseStudy
10.5.1ModelingSearchBasedPhysicalAttacks 10.5.2SacrificialNodeBasedDefenseAgainstPhysicalAttacks DesignRationale DefenseProtocol ProtocolDescription Example SacrificialNodesSelection DerivationofUtilityFunctionu(i) SacrificialNodesSelectionScheme StatesSwitchingTimers Discussions 10.5.3PerformanceEvaluation PerformanceComparisons SensitivityofPerformanceImprovementUnderNetworkParameters SensitivityofPerformanceImprovementUnderAttackParameters SensitivityofPerformanceImprovementUnderDefenseParameters Discussion 10.6OpenIssues 10.6.1SystematicallyUnderstandingPhysicalAttacks UnderstandingAttackerBasics UnderstandingVariationsofPhysicalAttacks AnalyzingtheImpactsofPhysicalAttacks 10.6.2DesignofDefenseStrategiesAgainstPhysicalAttacks DeterringthePhysicalAttacker ResilientNetworkConfiguration
SystemRepair DesignofGameTheoreticDefenseApproaches 10.7ConclusionsandFutureWork Exercises References 11NodeCompromiseDetectioninWirelessSensorNetworks 11.1Introduction 11.2RelatedWork 11.2.1LimitedNodeCompromiseDetection 11.2.2WideSpreadNodeCompromiseDetection 11.3Preliminaries 11.3.1GroupDeploymentStrategy 11.3.2SequentialProbabilityRatioTest(SPRT) 11.3.3RandomMobilityModel 11.4LimitedNodeCompromiseDetection 11.4.1StaticNodeCompromiseDetection 11.4.2MobileNodeCompromiseDetection 11.5WidespreadNodeCompromiseDetection 11.5.1StaticReplicaDetection 11.5.2MobileReplicaDetection 11.6ConclusionandFutureWork Exercises References IVPlatformSecurity References
12HardwareandSecurity:VulnerabilitiesandSolutions 12.1Introduction 12.2HardwareSupplyChainSecurity 12.2.1TestingforTrojanCircuits 12.2.2DesignforHardwareTrust Watermarking Fingerprints,PUFs,andMetering VerifyingDesignandFabrication 12.2.3ArchitecturalTechniques 12.2.4CanSoftwareCheckHardware? 12.3HardwareSupportforSoftwareSecurity 12.3.1MemoryProtection MemoryProtectioninCommoditySystems ResearchDirectionsinMemoryProtection 12.3.2ArchitecturalSupportforControlFlowSecurity ArchitecturalSupportforBufferOverflowDefense InformationFlowTracking 12.3.3CryptographicAccelerators 12.3.4SecureCoprocessing 12.3.5EncryptedExecutionandData(EED)Platforms 12.4ConclusionsandFutureWork Exercises References 13LanguagesandSecurity:SaferSoftwareThroughLanguageandCompilerTechniques 13.1Introduction
13.2CompilerTechniquesforCopyrightsandWatermarking 13.2.1WatermarkBasics 13.2.2AttacksonWatermarks 13.2.3CurrentResearch 13.3CompilerTechniquesforCodeObfuscation 13.3.1WhatIsObfuscation 13.3.2ApplicationsofObfuscation 13.3.3Transforms AbstractionTransformations DataTransformations ControlTransformations DynamicTransforms 13.3.4CurrentResearch 13.4CompilerTechniquesforCodeIntegrity 13.4.1CurrentResearch 13.5ProofCarryingCodeandAuthentication 13.5.1CurrentResearch 13.6StaticAnalysisTechniquesandTools 13.6.1StaticTypeChecking 13.6.2ExtendedStaticChecking 13.6.3CurrentResearch 13.7InformationFlowTechniques 13.7.1IntroductiontoInformationFlow 13.7.2StaticversusDynamicInformationFlowTechniques 13.7.3CurrentResearch
13.8Rulechecking,Verification,andRuntimeSupport 13.8.1CurrentResearch 13.9LanguageModificationsforIncreasedSafetyandSecurity 13.9.1CurrentResearch 13.10ConclusionsandFutureWork Exercises References VCloudComputingandDataSecurity References 14ProtectingDatainOutsourcingScenarios 14.1Introduction 14.2DataEncryption 14.2.1DataOrganization 14.2.2QueryExecution 14.2.3AccessControlEnforcement 14.3FragmentationforProtectingDataConfidentiality 14.3.1ModelingConfidentialityRequirements 14.3.2NonCommunicatingServers DataOrganization QueryExecution 14.3.3MultipleFragments DataOrganization QueryExecution 14.3.4DepartingfromEncryption DataOrganization
QueryExecution 14.4ProtectingDataIntegrity 14.4.1IntegrityinStorage 14.4.2IntegrityinQueryComputation 14.5OpenIssues 14.6Conclusions Acknowledgments Exercises References 15DataSecurityinCloudComputing 15.1Overview 15.1.1WhatIsCloudComputing? 15.1.2KeyEnablingTechniquesofCloudComputing 15.1.3SecurityinCloudComputing 15.2DataSecurityinCloudComputing 15.2.1SecurityServices 15.2.2AdversaryModel 15.2.3SystemModel 15.2.4DataConfidentiality 15.2.5DataIntegrityProtection 15.2.6DataAvailability 15.2.7SecureDataAccess 15.2.8CompliancesandRegulations 15.2.9Audition 15.3CommercialandOrganizationalPractices
15.3.1AmazonWebServices(AWS) 15.3.2MicrosoftWindowsAzure Confidentiality Integrity 15.3.3GoogleAppEngine 15.4Summary Exercises References 16SecureMobileCloudComputing 16.1Introduction 16.2CloudComputing 16.2.1SecureCloudComputing 16.3MobileCloudComputingSecurity 16.3.1InfrastructureCentricMobileCloudComputing 16.3.2MobileDeviceCentricCloudComputing 16.4VirtualNodeSecurity 16.4.1TrustEstablishment 16.4.2VirtualMachineManagement,ControlandIsolation 16.5VirtualNetworkSecurity 16.5.1VirtualNetworkIsolation 16.5.2LiveVirtualMachineMigration 16.6MobileApplicationSecurity 16.6.1TheSecurityasaServiceDeliveryModel 16.6.2CaseStudy:SecuringMobileApplications 16.7ResearchChallengesandOpenIssues
16.8SummaryandConclusion Exercises References 17RelationPrivacyPreservationinPublishingOnlineSocialNetworks 17.1Introduction 17.2CompleteIdentityAnonymization 17.2.1TopologyPreservingBasedTechniques KAnonymityBasedTechniques ClusterGeneralizationBasedTechniques 17.2.2VertexClassifyingandRelabelingBasedTechniques 17.3PartiallyExposingUserIdentity 17.4CompletelyDisclosingUserIdentity 17.5UtilityLossandPrivacyPreservationMeasures 17.5.1UtilityLoss TopologyBasedMetrics WorkloadBasedMetrics 17.5.2PrivacyPreservationMeasures 17.6Conclusion Exercises References VIEventMonitoringandSituationAwareness References 18DistributedNetworkandSystemMonitoringforSecuringCyberPhysicalInfrastructure 18.1Overview 18.2SystemModelandDesignPrinciples
18.3RecentProgressandMajorMilestoneResults 18.3.1InformationAggregation VarianceEstimation QuantileEstimation FrequencyEstimation 18.3.2DistributedAggregation OnlinePCA nGramAnalysis TimeDecayingAggregatesinOutoforderStreams 18.4OpenProblems EntropyandDistribution GraphStreams LinearAlgebraandLowrankMatrixApproximation 18.5SummaryandFutureDirections Exercises References 19DiscoveringandTrackingPatternsofInterestinSecuritySensorStreams 19.1Introduction 19.2SensorEventAnalysisforHealthMonitoring 19.3RelatedWork 19.3.1SensorData 19.3.2ActivityModels 19.3.3AnnotationMethods 19.4DiscoveringActivities 19.4.1DiscoveringFrequentDiscontinuousSequences
19.4.2ClusteringSequencesintoGroupsofActivities 19.5RecognizingActivities 19.6ValidationofActivityDiscoveryandTrackingAlgorithms 19.6.1NormalADLActivityDiscovery 19.6.2InterwovenADLActivityDiscovery 19.6.3LongTermActivityDiscovery 19.7AnomalyDetection 19.8Conclusions References 20PervasiveSensingandMonitoringforSituationalAwareness 20.1Introduction 20.1.1StreamProcessingEnginesandSensorNetworks 20.1.2LimitationsofExistingResearch SemanticFoundationsandFlexibleProgrammingEnvironments 20.2HierarchicalModelingandReasoninginCyberPhysicalSystems 20.2.1AnEventOrientedModelforCPS 20.2.2ReasoningaboutCyberPhysicalSpaces ADistributedLogicalFrameworkforCyberPhysicalSystems TowardsaRobustLogicofDegreeandUncertainty ControlandOptimizationasLogicalStrategies RobustnessandComposability 20.3AdaptiveMiddlewareforCyberPhysicalSpaces 20.3.1SATWAREAMiddlewarePlatformforCyberPhysicalSpaces 20.4EnablingScalabilityinCyberPhysicalSpaces 20.4.1AScalable,QualityAwareStateManagementService
20.4.2EnablingScalabilityviaSemanticSensorScheduling 20.5DependabilityinSentientSpaces 20.5.1InfrastructureDependabilityTechniques 20.5.2SupportingInformationDependability SensorFusiontoRealizeDependabilityRequirements SensingRecalibrationtoDealwithSmallPerturbations 20.6PrivacyinPervasiveSpaces 20.6.1PrivacyProtectioninUntrustedPervasiveEnvironments 20.6.2PrivacyPreservingDataSharinginPervasiveSpaces 20.6.3PrivacyPolicyEnforcementthrough"PrivacyasaConstraint" 20.6.4PrivacyPolicyEnforcementthrough"MinimalDisclosure" 20.7Conclusions Exercises References 21SenseandResponseSystemsforCrisisManagement 21.1Introduction 21.2DecentralizedEventDetection 21.2.1ClassicalDecentralizedEventDetection ChallengesfortheClassicalApproach 21.2.2OnlineDecentralizedEventDetection OnlineDensityEstimation 21.2.3ManagingFalsePositives OnlineThresholdEstimation HypothesisTestingforSensorFusion 21.2.4MaximizingEventDetectionRates
21.2.5GeospatialTemporalCorrelationofSensorEvents SpatialAssociation TemporalandSpatialAssociation 21.3AgencyBasedandCommunityBasedSystems 21.3.1Strengths 21.3.2Weaknesses Privacy Security Installation,Calibration,andMaintenance Communications Summary Exercises References VIIPolicyIssuesinSecurityManagement References 22ManagingandSecuringCriticalInfrastructureASemanticPolicyandTrustDrivenApproach 22.1Introduction 22.1.1SecurityforSmartGrid 22.1.2PolicyBasedFrameworkforBGPRouting 22.1.3IntelligentTransportationSystem 22.1.4AssuredInformationSharing 22.1.5SituationAwareness 22.2RelatedWork 22.2.1SecurityandTrustManagementforaCyberPhysicalSystem 22.2.2PoliciesforSecurityinDistributedSystems
22.3APolicyandTrustFrameworktoSecureCPS 22.3.1SchemeOverview 22.3.2PolicyManagement 22.3.3TrustManagement 22.4PrototypeImplementations 22.4.1SecurityandTrustManagementforWirelessNetworks SimulationResultsandAnalysis ExperimentalResultsonAndroidPhones 22.4.2UsingSemanticPoliciesforManagingBGPRouteDissemination IntroductionandMotivation BGPRoutingandConfigurationManagement SemanticsDrivenPolicyBasedNetworks SecuringBGPThroughRouteFilteringAUseCase 22.5ConclusionandFutureWork Exercises References 23Policies,AccessControl,andFormalMethods 23.1Introduction 23.2AccessControlConceptsandModels 23.2.1AccessControlMatrix 23.2.2MandatoryAccessControlModel 23.2.3DiscretionaryAccessControlModel TheSystemRAccessControlModel ExtensionstotheSystemRAccessControlModel 23.2.4TheRoleBasedAccessControl(RBAC)Model
TheBasicRBACModel RBACExtensions TRBAC GEORBAC PRBAC 23.2.5AttributeBasedAccessControl(ABAC)Model XACML RiskBasedAccessControl 23.3ToolsandMethodsforManagingAccessControl 23.3.1TheSPARCLESystem 23.3.2TheEXAMSystem 23.3.3RoleMiningTools 23.4FormalMethods 23.4.1LogicalModelsforAccessControl 23.4.2ModelChecking 23.4.3BinaryDecisionDiagrams 23.5AccessControlforCriticalInfrastructuresOpenProblemsandPossibleApproaches 23.6ConcludingRemarks Exercises References 24FormalAnalysisofPolicyBasedSecurityConfigurationsinEnterpriseNetworks 24.1Introduction 24.1.1OverviewofEnterpriseNetworksandPolicyBasedSecurityManagement 24.1.2MotivatingExample 24.2StateoftheArt
24.2.1NetworkFirewalls,PolicyBasedSecurityAnalysisTools 24.2.2SecurityPolicySpecificationLanguages 24.2.3NetworkSecurityAnalysisUsingFormalMethods 24.3FormalVerificationofSecurityPolicyImplementations 24.3.1PolicySpecificationModule NetworkSecurityPolicySpecificationLanguage(NSPSL) NetworkTopologyConstructs NetworkServiceandPolicyRule PolicyInterruleConflictRemoval 24.3.2SecurityImplementationModule ModelingRouters ModelingFirewalls ModelingIndividualACL ModelingDistributedACL ResolvingACLRuleConflicts IntraACLConflicts InterACLConflicts FormalizationandDetectionofACLConflicts HiddenAccessPathAnalysis BooleanReductionofHiddenAccessRules 24.3.3SATBasedVerificationModule 24.3.4VerificationResultsandDiscussion 24.4VerificationofIPSecPolicies 24.4.1ModelingIPSecSecurityPolicies IPSecPolicyComponents
CryptoAccessList CryptoMapList FilteringPolicyRepresentation AnAccessPolicy ASingleTriggerAccessPolicy FormalizationofSingleTriggerPolicies. FormalizationofMultiTriggerPolicies PolicyRepresentationUsingOBDDs 24.4.2IPSecIntrapolicyAnalysis ClassificationandDiscoveryofAccessListConflicts IntrapolicyShadowing IntrapolicyRedundancy IntrapolicyCorrelation IntrapolicyException ClassificationandDiscoveryofMapListConflicts IntrapolicyOverlappingSessionConflicts 24.4.3IPSecInterpolicyAnalysis ClassificationandDiscoveryofAccessListConflicts InterpolicyShadowing InterpolicySpuriousness ProofSketch InterpolicyOverlappingSessionConflicts ProofSketch InterpolicyMultitransformConflicts ProofSketch
24.4.4UsabilityandPerformanceEvaluation 24.5Conclusion 24.6OpenResearchProblems Exercises References VIIISecurityinRealWorldSystems References 25SecurityandPrivacyintheSmartGrid 25.1Introduction 25.2TheSmartGrid 25.2.1RationaleforModernizingthePowerGrid 25.2.2SmartGridModelandEnablingTechnologies 25.3SecurityandPrivacyChallenges 25.3.1SecurityConcerns AttacksonthePowerGridandControlSystems OrganizationalConcerns 25.3.2PrivacyConcerns 25.4TowardaSecureandPrivacyPreservingSmartGrid 25.4.1GovernmentandIndustryLedEfforts NorthAmericanElectricReliabilityCorporationCriticalInfrastructureProtection(NERCCIP) NISTandSGIP DepartmentofEnergy(DoE)Efforts DepartmentofHomelandSecurity(DHS) OpenSG 25.4.2ResearchChallenges
ScalingIssues AnomalyDetectionSchemes SecureCyberPhysicalSystems AnticipatingNewVulnerabilities Privacy 25.5ConcludingRemarks 25.6Exercises References 26CyberPhysicalSecurityofAutomotiveInformationTechnology 26.1Introduction 26.2AutomotiveSecurityAnalysis 26.2.1StakeholdersandAssets 26.2.2AutomobileCommunicationModes 26.2.3AttackTaxonomy 26.2.4AntiTheftSystem 26.2.5VehicularAdHocNetwork 26.2.6IntegrationofBusinessServices 26.2.7AttackTaxonomyforAutomotiveSystem 26.3ECUReprogrammingSecurityIssues 26.3.1AutomotiveECUReprogrammingBackground 26.3.2DiagnosticCommunication OnBoardDiagnosticsII 26.3.3HardwareSecurity MicrocontrollerModels MemoryModels
26.3.4ConventionalMethodstoProtectECUSoftware Authentication CryptographicCommunication HardwareHardening AbnormalTemperatureReset LockBits AddressBusShuffling SoftwareEncryption 26.3.5PossibleAttacks OBDIIAttacks MemoryBusAttacks 26.3.6VulnerabilityAnalysis MCUConfigurationVulnerability MemoryConfigurationVulnerability PossibleAttackers 26.3.7NewSecurityProposalforECUReprogramming ProtectionfromCodeSniffingviaOBDII ProtectionfromCodeTamperingviaOBDII OntheFlyDecryption 26.4Conclusion Acknowledgments Exercises References 27SecurityandPrivacyforMobileHealthCare(mHealth)Systems 27.1Introduction
27.2ElectronicHealthRecord(EHR) 27.3PrivacyandSecurityinEHealthCare 27.3.1Privacy 27.3.2AccessControl 27.3.3Authentication 27.3.4ConfidentialityandIntegrity 27.3.5Others 27.4StateoftheArtDesignforHealthInformationPrivacyandSharing(HIPS) 27.4.1EntitiesandDefinitions 27.4.2SecurityRequirements 27.4.3SystemArchitecture 27.4.4EstablishingTrust:AuthenticationandKeyManagement 27.4.5ProtectingPatientPrivacy 27.4.6ControllingAccesstoPatients'HealthRecords ControllingtheAccesstoPersonalHealthInformation ControllingAccesstoSharedHealthInformation 27.4.7EmergencyHealthInformationRetrieval FamilyBasedApproach PDeviceBasedApproach 27.4.8SharingInformationforHealthCareandResearch Delegation FineGrainedAccessControl 27.4.9RevokingAccessRights ConstructionofWarrant OnDemandRevocation
Discussion 27.5SecurityAnalysis 27.6ConclusionandFutureWork Acknowledgments ExerciseProblems References 28SecurityandRobustnessintheInternetInfrastructure 28.1Introduction 28.2VulnerabilitiesinDomainNameResolution 28.2.1DomainNameSystem 28.2.2DependenciesintheDNS Parentzones NStargets Aliases 28.2.3DNSMisconfigurationandAttackScenarios 28.3SecuritySolutionsfortheDomainNameSystem 28.3.1ApproachesforSecuringDNS 28.3.2TheDNSSECProtocol 28.3.3DNSSECChallengesandSolutions 28.4SecureEndtoEndCommunicationProtocols 28.4.1NetworkLayerSecurity 28.4.2SessionLevelSecurity 28.5IntegrityofInternetRouting 28.5.1SecurityandRobustnessofBGP 28.5.2BehaviorofBGPunderLargeScaleFailures
28.5.3RoutingMisconfiguration 28.6IntegrityBelowtheIPLayer 28.6.1IntegrityofVirtualLANs 28.6.2IntegrityofSpecialPurposeProtocols 28.7ConfigurationManagementSecurity 28.7.1StorageofConfigurationData 28.7.2CharacteristicsofConfigurationDataCorruption 28.7.3WebServicesBasedAttacks 28.7.4ProtectingDataCenterNetworkConfiguration 28.8ConclusionsandFutureChallenges Exercises Acknowledgments References 29EmergencyVehicularNetworks 29.1Introduction 29.2EmergencyVehicleSupport 29.3The"Emergency"VehicleGrid 29.4BasicUrbanGridRouting 29.4.1GreedyPerimeterCoordinatorGPCR 29.4.2GpsrJ+ 29.4.3GeographicSourceRouting 29.4.4AnchorBasedStreetandTrafficAwareRouting 29.4.5GreedyTrafficAwareRoutingProtocol 29.4.6LandmarkOverlaysforUrbanVehicularRoutingEnvironments 29.4.7ContentionBasedForwarding
29.4.8TOpologyAssistGeoOpportunisticRouting 29.5DelayTolerantVehicularRouting 29.5.1GeographicalOpportunisticRouting 29.5.2GeoDTN+Nav 29.6MobimeshandGeoLocationServer:FindingtheDestinationCoordinatesDuringtheEmergency 29.7ContentRoutingAcrosstheVanet 29.8EmergencyVideoDissemination 29.9VehicularGridSurveillance 29.9.1MobEyesOverview 29.9.2MobEyesArchitecture 29.9.3MobEyesApplicationVehicleTracking 29.10MapUpdatesUsingCrowdsourcing 29.11SecurityintheEmergencyVehicularNetwork 29.12Conclusions Exercises References 30SecurityIssuesinVoIPTelecommunicationNetworks 30.1Introduction 30.2ConnectionEstablishmentandCallRouting 30.2.1SIPNetworkingComponents ConnectionBetweenTwoClientsWithintheSameSIPDomain ConnectionEstablishmentBetweenUserAgentsofDifferentDomains 30.3ManintheMiddleAttacks 30.3.1DNSSpoofingonVonage 30.3.2ExploitingVulnerabilities
30.3.3WiretappingIncomingCalls 30.3.4WiretappingOutgoingCalls 30.3.5Recommendations 30.4VoicePharming 30.4.1VoIPCallDetour 30.4.2RedirectionofVoIPcalls 30.4.3HijackingaCallForwardingSetup 30.4.4VoicePharmingAttacks 30.4.5StrategiestoAvoidVoicePharmingAttacks 30.5BillingAttacks 30.5.1BillingAttacksonSIP 30.5.2InviteReplayBillingAttack 30.5.3FakeBusyBillingAttack 30.5.4ByeDelayBillingAttack 30.5.5ByeDropBillingAttack 30.6SecurityRequirementsofaP2PTelecommunicationNetwork 30.6.1Security 30.6.2VulnerabilitiesinApplicationServices 30.6.3MitigateVulnerabilities EdgeResidentSolutions LimitedCoreBasedSolutions IPLayerBasedSolutions Recommendations 30.7SmallWorldVoIPP2PSIPBasedonTrust 30.7.1SmallWorldVoIPConstruction
Introducingthehacker'smethodology Ethicalhackingvs.doingtime Thereconnaissancephase DemystifyingDNS Domainnamesecurity Thescanningphase Summary Chapter3.SecuringtheLocalBox BreakingWindows:consideringalternatives Windowssecurityservices Proactiveaboutantimalware Thealmostperfectantimalwaresolution Windowsuseraccounts Managingpasswordsandsensitivedata Securingdataandbackupsolutions Programmingasafersystem Summary Chapter4.SurfSafe Look(out),nowires Networksecurityrerouted Usingpubliccomputersitcanbedone HotspottingWiFi Emailingclientsandwebmail Browsers,don'tloseyourtrousers Anonymousbrowsing
Networking,friending,andinfoleak Summary Chapter5.LoginLockDown Sizingupconnectionoptions WordPressadministrationwithSSL SSLandloginplugins Lockingdownindirectaccess Apachemodules Summary Chapter6.10MustDoWordPressTasks Lockingitdown Backingupthelot Updatingshrewdly Neuteringtheadminaccount Correctingpermissionscreep HidingtheWordPressversion Nukingthewp_tablesprefix Settingupsecretkeys Denyingaccesstowpconfig.php Hardeningwpcontentandwpincludes Summary Chapter7.GalvanizingWordPress FastinstallswithFantastico...butisit? Consideringalocaldevelopmentserver Addedprotectionforwpconfig.php
WordPresssecuritybyultimateobscurity Revisitingthehtaccessfile Goodbot,badbot Settingupanantimalwaresuite Moreloginsafeguards Concerningcode Hidingyourfiles Summary Chapter8.ContainingContent Abused,fairuseanduserfriendly Sharingandcollaboration Protectingcontent Preemptivedefense Reactiveresponse Tacklingoffenders Summary Chapter9.ServingUpSecurity .comblogsvs.orgsites Hosttypeanalysis Controlpanelsandterminals ManagingunmanagedwithWebmin Users,permissions,anddangers Sniffingoutdangerouspermissions Systemusers Repositories,packages,andintegrity
Trackingsuspectactivitywithlogs Summary Chapter10.SolidifyingUnmanaged HardeningtheSecureShell chrootedSFTPaccesswithOpenSSH PHP's.iniminiguide PatchingPHPwithSuhosin IsolatingriskwithSuPHP ContainingMySQLdatabases phpMyAdmin:friendorfoe? Brickingupthedoors Fireduponfirewalls EnhancingusabilitywithCSF Serviceordisservice? GatekeepingwithTCPwrappers Stockiernetworkstack Summary Chapter11.DefenseinDepth Hardeningthekernelwithgrsecurity Integrity,logs,andalertswithOSSEC Slammingbackdoorsandrootkits (D)DoSprotectionwithmod_evasive SniffingoutmalformedpacketswithSnort FirewallingthewebwithModSecurity Summary
AppendixA.PluginsforParanoia Antimalware Backup Content Login Spam SSL Users AppendixB.Don'tPanic!DisasterRecovery Diagnosisvs.downtime Securingyourusers Localproblems Serverandfileproblems WordPressproblems ReinstallingWordPress AppendixC.SecurityPolicy Securitypolicyforsomesite.com AppendixD.EssentialReference WordPress3UltimateSecurity Bloggersandzines Forums Hackingeducation Linux MacsandWindows Organizations
Administrativesecuritydomain Userregistryconcepts Supporteduserregistrytypes Protectingapplicationservers Summary Chapter4.FrontEndCommunicationSecurity Frontendenterpriseapplicationinfrastructurearchitectures SSLconfigurationandmanagement Securingfrontendcomponentscommunication Summary Chapter5.SecuringWebApplications Securingwebapplicationsconcepts Securingawebapplication Summary Chapter6.SecuringEnterpriseJavaBeansApplications EJBapplicationsecurityconcepts EJBprojectdesign EJBprojectprerequisitesandassumptions CreatinganEnterpriseApplicationProject CreatingtheportalDynamicWebProject CreatingcontentfortheportalDWP CreatinganEJBproject Thegrandfinale Summary Chapter7.SecuringBackendCommunication
LDAP:Usesofencryption JDBC:WebSpheremanagedauthentication Summary Chapter8.SecureEnterpriseInfrastructureArchitectures Theenterpriseinfrastructure SecuringtheenterpriseinfrastructureusingLTPA SecurelyenhancingtheuserexperiencewithSSO FinetuningauthorizationattheHTTPserverlevel FinetuningauthorizationattheWASlevel Summary Chapter9.WebSphereDefaultInstallationHardening Engineeringthehowandwhereofaninstallation Ensuringgoodhousekeepingofaninstallation Summary Chapter10.PlatformHardening Identifyingwheretofocus Exploringtheoperatingsystem Creatingthefilesystem Safeguardingthenetworksystem Summary Chapter11.SecurityTuningandTroubleshooting TuningWebSpheresecurity TroubleshootingWebSpheresecurityrelatedissues ConcludingWebSpheresecurityrelatedtips Summary
Chapter2.Knock,Knock.WhosThere? Attack:Impersonation AttackDetails:FailedAuthentication Vulnerability:FaultyorIncompleteAuthentication Countermeasure:StrongAuthentication Conclusion RecurringThread:Privacy RecurringThread:Usability Exercises Chapter3.2+2=5 Attack:ProgramFlawinSpacecraftSoftware Threat:ProgramFlawLeadstoSecurityFailing Vulnerability:IncompleteMediation Vulnerability:RaceCondition Vulnerability:TimeofChecktoTimeofUse Vulnerability:UndocumentedAccessPoint IneffectiveCountermeasure:PenetrateandPatch Countermeasure:IdentifyingandClassifyingFaults Countermeasure:SecureSoftwareDesignElements Countermeasure:SecureSoftwareDevelopmentProcess GoodDesign Countermeasure:Testing Countermeasure:DefensiveProgramming Conclusion RecurringThread:LegalRedressforSoftwareFailures
Exercises Chapter4.AHorseofaDifferentColor Attack:MaliciousCode Threat:MalwareVirus,TrojanHorse,andWorm TechnicalDetails:MaliciousCode Vulnerability:VoluntaryIntroduction Vulnerability:UnlimitedPrivilege Vulnerability:StealthyBehaviorHardtoDetectandCharacterize Countermeasure:Hygiene Countermeasure:DetectionTools Countermeasure:ErrorDetectingandErrorCorrectingCodes Countermeasure:MemorySeparation Countermeasure:BasicSecurityPrinciples RecurringThread:LegalComputerCrime Conclusion Exercises Chapter5.TheKeystotheKingdom Attack:Keylogging Threat:IllicitDataAccess AttackDetails Harm:DataandReputation Vulnerability:PhysicalAccess Vulnerability:MisplacedTrust Vulnerability:Insiders Vulnerability:SystemSubversion
RecurringThread:ForensicsTracingDataFlow Vulnerability:WeakAuthentication FailedCountermeasure:SecuritythroughObscurity Countermeasure:PhysicalAccessControl Countermeasure:StrongAuthentication Countermeasure:Trust/LeastPrivilege Conclusion RecurringThread:ForensicsPlugandPlayDevices Exercises InterludeA:CloudComputing WhatIsCloudComputing? WhatAretheRisksintheCloud? Chapter6.MyCupRunnethOver Attack:WhatDidYouSayThatNumberWas? Harm:DestructionofCodeandData Vulnerability:OffbyOneError Vulnerability:IntegerOverflow Vulnerability:UnterminatedNullTerminatedString Vulnerability:ParameterLengthandNumber Vulnerability:UnsafeUtilityPrograms Attack:ImportantOverflowExploitationExamples Countermeasure:ProgrammerBoundsChecking Countermeasure:ProgrammingLanguageSupport Countermeasure:StackProtection/TamperDetection Countermeasure:HardwareProtectionofExecutableSpace
Countermeasure:GeneralAccessControl Conclusion Exercises Chapter7.HeWhoStealsMyPurse... Attack:VeteransAdministrationLaptopStolen Threat:LossofData ExtendedThreat:Disaster Vulnerability:PhysicalAccess Vulnerability:UnprotectedAvailabilityofData Vulnerability:UnprotectedConfidentialityofData Countermeasure:Policy Countermeasure:PhysicalSecurity Countermeasure:DataRedundancy(Backup) Countermeasure:Encryption Countermeasure:DiskEncryption Conclusion Exercises Chapter8.TheRootofAllEvil Background:OperatingSystemStructure Attack:PhoneRootkit AttackDetails:WhatIsaRootkit? Vulnerability:SoftwareComplexity Vulnerability:DifficultyofDetectionandEradication Countermeasure:SimplicityofDesign Countermeasure:TrustedSystems
Conclusion Exercises Chapter9.ScanningtheHorizon Attack:Investigation,Intrusion,andCompromise Threat:PortScan AttackDetails Harm:KnowledgeandExposure RecurringThread:LegalArePortScansLegal? Vulnerability:RevealingTooMuch Vulnerability:AllowingInternalAccess Countermeasure:SystemArchitecture Countermeasure:Firewall Countermeasure:NetworkAddressTranslation(NAT) Countermeasure:SecurityPerimeter Conclusion Exercises Chapter10.DoYouHearWhatIHear? Attack:Wireless(WiFi)NetworkAccess Harm:ConfidentialityIntegrityAvailability Attack:UnauthorizedAccess Vulnerability:ProtocolWeaknesses FailedCountermeasure:WEP StrongerbutNotPerfectCountermeasure:WPAandWPA2 Conclusion RecurringThread:PrivacyPrivacyPreservingDesign
Exercises Chapter11.IHearYouLoudandClear Attack:EnemiesWatchPredatorVideo AttackDetails Threat:Interception Vulnerability:Wiretapping Countermeasure:Encryption Countermeasure:VirtualPrivateNetworks Countermeasure:CryptographicKeyManagementRegime Countermeasure:AsymmetricCryptography Countermeasure:Kerberos Conclusion RecurringThread:EthicsMonitoringUsers Exercises InterludeB:ElectronicVoting WhatIsElectronicVoting? WhatIsaFairElection? WhatAretheCriticalIssues? Chapter12.DisregardThatManbehindtheCurtain Attack:RadarSeesOnlyBlueSkies Threat:ManintheMiddle Threat:IntheMiddleActivity Vulnerability:UnwarrantedTrust Vulnerability:FailedIdentificationandAuthentication Vulnerability:UnauthorizedAccess
Vulnerability:InadequateAttentiontoProgramDetails Vulnerability:ProtocolWeakness Countermeasure:Trust Countermeasure:IdentificationandAuthentication Countermeasure:Cryptography RelatedAttack:CovertChannel RelatedAttack:Steganography Conclusion Exercises Chapter13.NotAllIsasItSeems Attacks:Forgeries Threat:IntegrityFailure AttackDetails Vulnerability:ProtocolWeaknesses Vulnerability:CodeFlaws Vulnerability:Humans Countermeasure:DigitalSignature Countermeasure:SecureProtocols Countermeasure:AccessControl Countermeasure:UserEducation PossibleCountermeasure:Analysis NonCountermeasure:SoftwareGoodnessChecker Conclusion Exercises Chapter14.PlayIt[Again]Sam,or,LetsLookattheInstantReplay
Attack:ClonedRFIDs Threat:ReplayAttacks Vulnerability:ReuseofSessionData Countermeasure:UnrepeatableProtocol Countermeasure:Cryptography Conclusion:ReplayAttacks SimilarAttack:SessionHijack Vulnerability:ElectronicImpersonation Vulnerability:NonsecretToken Countermeasure:Encryption Countermeasure:IPsec Countermeasure:Design Conclusion Exercises Chapter15.ICantGetNoSatisfaction Attack:MassiveEstonianWebFailure Threat:DenialofService Threat:Flooding Threat:BlockedAccess Threat:AccessFailure Case:BethIsraelDeaconessHospitalSystemsDown Vulnerability:InsufficientResources Vulnerability:AddresseeCannotBeFound Vulnerability:ExploitationofKnownVulnerability Vulnerability:PhysicalDisconnection
Countermeasure:NetworkMonitoringandAdministration Countermeasure:IntrusionDetectionandPreventionSystems Countermeasure:Management Conclusion:DenialofService ExtendedAttack:EPluribusContraUnum TechnicalDetails RecurringThread:LegalDDoSCrimeDoesNotPay Vulnerability:PreviouslyDescribedAttacks Countermeasures:PreventingBotConscription Countermeasures:HandlinganAttackUnderWay Conclusion:DistributedDenialofService Exercises InterludeC:CyberWarfare WhatIsCyberWarfare? ExamplesofCyberWarfare CriticalIssues Chapter16.TwasBrillig,andtheSlithyToves... Attack:GradeInflation Threat:DataCorruption Countermeasure:Codes Countermeasure:Protocols Countermeasure:Procedures Countermeasure:Cryptography Conclusion Exercises
Chapter17.PeeringthroughtheWindow Attack:SharingTooMuch AttackDetails:CharacteristicsofPeertoPeerNetworks Threat:InappropriateDataDisclosure Threat:IntroductionofMaliciousSoftware Threat:ExposuretoUnauthorizedAccess Vulnerability:UserFailuretoEmployAccessControls Vulnerability:UnsafeUserInterface Vulnerability:MaliciousDownloadedSoftware Countermeasure:UserEducation Countermeasure:SecurebyDefaultSoftware Countermeasure:LegalAction Countermeasure:OutboundFirewallorGuard Conclusion RecurringThread:LegalProtectingComputerObjects Exercises Chapter18.My100,000NearestandDearestFriends Attack:ISeeU Threat:LossofConfidentiality Threat:DataLeakage Threat:IntroductionofMaliciousCode AttackDetails:UnintendedDisclosure Vulnerability:ExploitingTrustRelationships Vulnerability:AnalysisonData Vulnerability:HiddenDataAttributes
Countermeasure:DataSuppressionandModification Countermeasure:UserAwarenessandEducation Countermeasure:Policy Conclusion Exercises Afterword ChallengesFacingUs CriticalIssues MovingForward:SuggestedNextStepsforImprovingComputerSecurity AndNowforSomethingaLittleDifferent
EvolutionofCommerce Payment DistributedComputing:AddingEtoCommerce Summary Notes CHAPTER2:MobileCommerce ConsumerElectronicsDevices MobilePhoneandMCommerce MobileTechnologies:MosquitoonSteroids Summary Notes CHAPTER3:ImportantIlitiesinWebCommerceSecurity Confidentiality,Integrity,andAvailability Extensibility FaultTolerability Interoperability Maintainability Manageability Modularity Monitorability Operability Portability Predictability Reliability Ubiquity
Usability Scalability Accountability AuditAbility Traceability Summary Notes PartII:ECommerceSecurity CHAPTER4:ECommerceBasics WhyECommerceSecurityMatters WhatMakesaSystemSecure RiskDrivenSecurity SecurityandUsability ScalableSecurity SecuringYourTransactions Summary Notes CHAPTER5:BuildingBlocks:YourTools Cryptography AccessControl SystemHardening Summary Notes CHAPTER6:SystemComponents:WhatYouShouldImplement Authentication
Authorization NonRepudiation Privacy InformationSecurity DataandInformationClassification SystemandDataAudit DefenseinDepth PrincipleofLeastPrivilege Trust Isolation SecurityPolicy CommunicationsSecurity Summary Notes CHAPTER7:TrustbutVerify:CheckingSecurity ToolstoVerifySecurity Summary Notes CHAPTER8:ThreatsandAttacks:WhatYourAdversariesDo BasicDefinitions CommonWebCommerceAttacks Summary Notes CHAPTER9:Certification:YourAssurance CertificationandAccreditation
StandardsandRelatedGuidance RelatedStandardsBodiesandOrganizations CertificationLaboratories TheSystemsSecurityEngineeringCapabilityMaturityModel ValueofCertification CertificationTypes Summary Notes APPENDIXA:ComputingFundamentals Introduction Hardware Software Summary APPENDIXB:StandardizationandRegulatoryBodies ANSI COBIT COSO CSA Ecma ETSI FIPS GlobalPlatform IANA IEC IETF
ISO Kantara NIST OASIS OAuth OpenID OpenSAF PCI SAF SOX TheOpenGroup W3C WASC Notes APPENDIXC:GlossaryofTerms
TheLinuxSecurityModel TheResultingAndroidSecurityModel ApplicationSigning,Attribution,andAttestation ProcessDesign AndroidFilesystemIsolation AndroidPreferencesandDatabaseIsolation MovinguptheLayerstoSystemAPIandComponentPermissions 3.ApplicationPermissions AndroidPermissionBasics UsingRestrictedSystemAPIsandtheUserExperience CustomPermissions 4.ComponentSecurityandPermissions TheTypesofAndroidComponents IntercomponentSignalingUsingIntents PublicandPrivateComponents ImposingRestrictionsonAccesstoComponents PuttingItAllTogether:SecuringCommunicationsinaMultiTierApp 5.ProtectingStoredData TheThreatsandVulnerabilitiesAgainstStoredData ProtectionPrinciples CryptographyPrimer:Encryption CryptographyPrimer:Hashing CryptographicPracticalities KeyDerivationandManagement PracticalCryptography:ApplyingaTechniqueAgainstaThreat
6.SecuringServerInteractions ConfidentialityandAuthentication SSL/TLS:TheIndustryStandard ProtectingDataEnRoutetoPublicServices ProtectingDataEnRoutetoPrivateServices ThreatsAgainstDevicesUsingDatainTransit InputValidation:TheCentralTenantofApplicationSecurity PreventingCommandInjection 7.Summary KeyThemes WrappingItUp
Trustexercise Degreeofchange Agileceremony Summary Chapter4.AgilePrinciples Needtoevolve Riskdrivensecurity Hiringanagileprofessional Pairwise Refractoring Smalldeliverables Decomposition Collectiveownership AgileSpike Simpledesign Minimizingwaste Donemeansdone Projectdivergencerate ProjectVelocityrate Yesterday'sweather Collaboration Summary Chapter5.AgileRiskDrivenSecurity Datavalue Riskdrivensecurity
Thebullpen DREADmodeling Bullpensolutions Summary Chapter6.AgileBlueprint Agileblueprinting Summary Chapter7.LeanImplementationPrinciples Eliminatingwaste Amplifylearning Decideaslateaspossible Deliverasfastaspossible Empoweringtheteam SeetheWhole Summary Chapter8.AgileITSecurityGovernanceandPolicy Developingsecuritypolicy Governancebasics Articulatesecurityvalue Agilesecondpolicy Summary Chapter9.SecurityPolicyandAgileAwarenessPrograms Securityawareness Ebbinghauseffect Policyawareness
Attackrecognitionawareness Awarenesscertification Memoryretention Summary Chapter10.ImpactonITSecurity Agilestructure Spreadingrisk Complianceandprivacy Supplychain Summary Chapter11.BarrierstoAgile Agileculture Agiletraining Agilefears Summary Chapter12.AgilePlanningTechniques Mindmapexample Mindmaptools Summary Chapter13.ComplianceandAgile Agilecompliance Summary Chapter14.EffectiveAgileITSecurity Agileteamsuccessfactors Agilerisksuccessfactors
FactorsinthesuccessofAgilecountermeasures Summary
Chapter3.Security'sRoleintheOrganization TheProtectiveServiceRole SpecialServices EducationalServices ManagementServices Summary ReviewQuestions Chapter4.TheSecurityDirector'sRole TheSecurityDirectorasaLeader AsaCompanyExecutive AsanExecutivewithHighVisibility AsanExecutivewithaBroadProfile AsanInnovator AsaCounselorandAdvisor(InHouseSecurityConsultant) AsaTrainer AsaContemporaryProfessional AsaGoalSetterandStrategicPlanner TheNewSecurityDirector Summary ReviewQuestions Chapter5.TheSecuritySupervisor'sRole TheSupervisorasanInspector TheSupervisorandtheIndividualEmployee SupervisoryAuthority TheSupervisorasthe"InBetween"Person
TheSupervisor'sSpanofControl OneBoss AutomaticShiftingintheLineofCommand FunctionalorStaffSupervision SupervisoryTraining Summary ReviewQuestions Chapter6.TheIndividualSecurityEmployee StandardsofConduct Summary ReviewQuestions PARTII.SecurityPersonnelManagement Chapter7.HiringSecurityPersonnel Hiring Summary ReviewQuestions Chapter8.JobDescriptions AccuracyandCompletenessinDescribingtheJob MatchingApplicanttotheJob Employee'sUnderstandingoftheJob MatchingTrainingtoJobDescription PerformanceEvaluationsBasedonJobDescriptions JobDescriptionsAreCurrent CompositionoftheJobDescription SampleJobDescription
Summary ReviewQuestions Chapter9.Training ShortcomingsofTypical"Training" TrainingDefined OntheJobTraining FormalorStructuredTraining POPFormula:Policy,Objective,Procedure TrainingasOngoingResponsibility TypesofSecurityTrainingPrograms MeetingOrganizationalNeeds SecurityManual Summary ReviewQuestions Chapter10.Discipline TheSupervisor'sRoleinDiscipline DisciplinaryProblemsArisingfromMisunderstoodAssignments BasicRulesoftheDisciplinaryProcess ProgressiveDiscipline SelfDiscipline Summary ReviewQuestions Chapter11.MotivationandMorale "TheoryX"and"TheoryY" OrganizationalBehavior
WorkMotivationTheory Demotivators Summary ReviewQuestions Chapter12.Promotions IdentifyingPromotionalCandidates SelectionoftheRightCandidate TheBoardInterview FollowingtheSelection Promotionfrom"within" VerticalPromotionoutsidetheDepartment AdvantagesofMultipleLayers "Temporary"Promotions "Retreating" Summary ReviewQuestions Chapter13.Communication TypesofCommunication AboutListening Summary ReviewQuestions Chapter14.Career(Proprietary)versusNoncareer(andContract)Personnel CareerPersonnel PartTimeNoncareerPersonnel ContractualNoncareerPersonnel
CombiningCareerandNoncareerPersonnel Summary ReviewQuestions PARTIII.OperationalManagement Chapter15.PlanningandBudgeting WhatIsaBudget? WhyDoWeHaveaBudget? WhenIsaBudgetPrepared? WhoParticipatesintheBudgetingProcess? HowIsaBudgetPrepared? JustifyingtheSecurityBudget Summary ReviewQuestions Chapter16.ProgramManagement TheSecurityInspectionProcess AssessmentofRisksandCountermeasures StatisticsinProgramManagement Summary ReviewQuestions Chapter17.Risk RiskDefined RiskProgramsandtheSecurityProfessional'sRole RiskProgramComponents Summary ReviewQuestions
Chapter18.TheSecuritySurvey WhatisaSecuritySurvey? ThePurposeofaSecuritySurvey DefiningSecuritySurveyGoals BuildingaSurveyProgram/ComponentsofaSecuritySurvey Summary ReviewQuestions Chapter19.OfficeAdministration DescriptionofFunctions OfficeSecurity TheOfficeEnvironment Summary ReviewQuestions Chapter20.WrittenPoliciesandProcedures HistoricalEvolution Policy Benefits Compliance CombiningPoliciesandProcedures FreeStandingPolicies ImportanceoftheWrittenPolicy Policies,Procedures,andtheSecurityManual FormatandMechanics PostOrders Summary
ReviewQuestions Chapter21.ComputersandEffectiveSecurityManagement Introduction PCHardware PCSoftware WordProcessing DatabaseManagement Spreadsheets DesktopPublishing EncryptionSoftware ComputerGraphics Telecommunications SpecializedManagementPrograms ArtificialIntelligence Multimedia RisksofUsingPCs Summary ReviewQuestions Chapter22.StatisticsasaSecurityManagementTool Introduction PlanningForFutureSecurityNeeds InternalStatisticalAnalysis ExternalStatisticalAnalysis Methodology InformationforRiskAnalysis
ReturnonInvestment Summary ReviewQuestions PARTIV.PublicRelations Chapter23.SellingSecuritywithintheOrganization HowtoSellSecurity Summary ReviewQuestions Chapter24.RelationshipwithLawEnforcement ServicesofthePublicSector ServicesofthePrivateSector Summary ReviewQuestions Chapter25.RelationshipwiththeIndustry EffectiveRelationshipCategories Summary ReviewQuestions Chapter26.CommunityRelations CommunityRelationsandtheSecurityProfessional Networking Summary ReviewQuestions PARTV.Mismanagement Chapter27.JackassManagementTraits 1TheManagerWhoSeekstoBe"Liked"RatherThanRespected
2TheManagerWhoIgnorestheOpinionsandAdviceofSubordinates 3TheManagerWhoFailstoDelegateProperly 4TheManagerWhoIgnorestheTrainingandDevelopmentalNeedsofSubordinates 5TheManagerWhoInsistsonDoingEverything"TheCompanyWay" 6TheManagerWhoFailstoGiveCreditWhenCreditIsDue 7TheManagerWhoTreatsSubordinatesasSubordinates 8TheManagerWhoIgnoresEmployees'Complaints 9TheManagerWhoDoesNotKeepPeopleInformed 10TheManagerWhoHoldsHisorHerAssistantBack 11TheManagerWhoViewstheDisciplinaryProcessasaPunitiveAction 12TheManagerWhoFailstoBackupHisorHerPeople 13TheManagerWhoseWordCannotBeTrusted 14TheManagerWhoAvoidsMakingDecisions 15TheManagerWho"PlaysFavorites" 16TheManagerWhoFailstoStayCurrentintheField 17TheManagerWhoEnjoys"Pouringon"MoreWorkthanaSubordinatecanHandle 18TheManagerWhoActsorOverreactsTooQuickly 19TheNewlyPromotedManagerWhoBelieveshisorherManureisOdorless 20TheManagerWhoIsMoody 21ManagersWhoFailtoPlanandPutPrioritiesontheirWork 22TheManagerWhoLacksEmotionandEmpathy 23TheManagerWhoHiresRelativesintotheOrganization 24TheManagerWhoViewsWomenasBeingLimitedtoPleasure,Breeding,andMenialFunctions 25TheManagerWhoFaithfullyPracticestheArtofPessimism 26TheManagerWhoStealsSubordinates'Ideas
27TheManagerWhoseStyleandAuthorityareBasedonAbsolutePower 28TheManagerWhoSeemsOblivioustoWhatIsHappening 29TheManagerWhoLovesto"Sack"Employees 30TheManagerWhoEmbarrassesSubordinatesinthePresenceofOthers 31TheManagerWhoFollows"DoubleStandards"intheOrganization 32TheManagerWhoIsaReligiousorRacialBigot Summary AppendixA.EmployeePerformanceEvaluation RATINGCODEDEFINITIONS PARTI 1.KNOWLEDGEOFJOB 2.QUALITYOFWORK 3.QUANTITYOFWORK 4.ADAPTABILITY 5.ATTITUDE 6.DEPENDABILITY 7.JUDGMENT 8.INITIATIVE 9.CUSTOMERSERVICE(AsApplicable) 10.MERCHANDISEKNOWLEDGE(AsApplicable) 11.SALESPERFORMANCE(AsApplicable) 12.APPEARANCE 13.ATTENDANCE PARTII SUMMARYRATING
PARTIII 1.DISPOSITION 2.RECOMMENDATIONSFORTRAININGOROTHERACTION 3.REMARKS PARTIV 1.REPORTOFINTERVIEW AppendixB.SecurityVulnerabilitySurvey I.GENERALFUNCTION II.BUILDING&PERIMETER III.VEHICULARMOVEMENT IV.LIGHTING V.LOCKINGCONTROLS VI.ALARMS VII.GUARDS/SECURITYCONTROLS VIII.EMPLOYEEANDVISITORCONTROLS IX.PRODUCTCONTROLS(ShippingandReceiving) X.MONEYCONTROLS XI.PROPRIETARYINFORMATION XII.OTHERVULNERABILITIES XIII.PERSONNELSECURITY AppendixC.SelectedSecurityRelatedOrganizations AppendixD.SuggestedSecurity/LossPreventionReferenceSources
Chapter3.Security'sRoleintheOrganization TheProtectiveServiceRole SpecialServices EducationalServices ManagementServices Summary ReviewQuestions Chapter4.TheSecurityDirector'sRole TheSecurityDirectorasaLeader AsaCompanyExecutive AsanExecutivewithHighVisibility AsanExecutivewithaBroadProfile AsanInnovator AsaCounselorandAdvisor(InHouseSecurityConsultant) AsaTrainer AsaContemporaryProfessional AsaGoalSetterandStrategicPlanner TheNewSecurityDirector Summary ReviewQuestions Chapter5.TheSecuritySupervisor'sRole TheSupervisorasanInspector TheSupervisorandtheIndividualEmployee SupervisoryAuthority TheSupervisorasthe"InBetween"Person
TheSupervisor'sSpanofControl OneBoss AutomaticShiftingintheLineofCommand FunctionalorStaffSupervision SupervisoryTraining Summary ReviewQuestions Chapter6.TheIndividualSecurityEmployee StandardsofConduct Summary ReviewQuestions PARTII.SecurityPersonnelManagement Chapter7.HiringSecurityPersonnel Hiring Summary ReviewQuestions Chapter8.JobDescriptions AccuracyandCompletenessinDescribingtheJob MatchingApplicanttotheJob Employee'sUnderstandingoftheJob MatchingTrainingtoJobDescription PerformanceEvaluationsBasedonJobDescriptions JobDescriptionsAreCurrent CompositionoftheJobDescription SampleJobDescription
Summary ReviewQuestions Chapter9.Training ShortcomingsofTypical"Training" TrainingDefined OntheJobTraining FormalorStructuredTraining POPFormula:Policy,Objective,Procedure TrainingasOngoingResponsibility TypesofSecurityTrainingPrograms MeetingOrganizationalNeeds SecurityManual Summary ReviewQuestions Chapter10.Discipline TheSupervisor'sRoleinDiscipline DisciplinaryProblemsArisingfromMisunderstoodAssignments BasicRulesoftheDisciplinaryProcess ProgressiveDiscipline SelfDiscipline Summary ReviewQuestions Chapter11.MotivationandMorale "TheoryX"and"TheoryY" OrganizationalBehavior
WorkMotivationTheory Demotivators Summary ReviewQuestions Chapter12.Promotions IdentifyingPromotionalCandidates SelectionoftheRightCandidate TheBoardInterview FollowingtheSelection Promotionfrom"within" VerticalPromotionoutsidetheDepartment AdvantagesofMultipleLayers "Temporary"Promotions "Retreating" Summary ReviewQuestions Chapter13.Communication TypesofCommunication AboutListening Summary ReviewQuestions Chapter14.Career(Proprietary)versusNoncareer(andContract)Personnel CareerPersonnel PartTimeNoncareerPersonnel ContractualNoncareerPersonnel
CombiningCareerandNoncareerPersonnel Summary ReviewQuestions PARTIII.OperationalManagement Chapter15.PlanningandBudgeting WhatIsaBudget? WhyDoWeHaveaBudget? WhenIsaBudgetPrepared? WhoParticipatesintheBudgetingProcess? HowIsaBudgetPrepared? JustifyingtheSecurityBudget Summary ReviewQuestions Chapter16.ProgramManagement TheSecurityInspectionProcess AssessmentofRisksandCountermeasures StatisticsinProgramManagement Summary ReviewQuestions Chapter17.Risk RiskDefined RiskProgramsandtheSecurityProfessional'sRole RiskProgramComponents Summary ReviewQuestions
Chapter18.TheSecuritySurvey WhatisaSecuritySurvey? ThePurposeofaSecuritySurvey DefiningSecuritySurveyGoals BuildingaSurveyProgram/ComponentsofaSecuritySurvey Summary ReviewQuestions Chapter19.OfficeAdministration DescriptionofFunctions OfficeSecurity TheOfficeEnvironment Summary ReviewQuestions Chapter20.WrittenPoliciesandProcedures HistoricalEvolution Policy Benefits Compliance CombiningPoliciesandProcedures FreeStandingPolicies ImportanceoftheWrittenPolicy Policies,Procedures,andtheSecurityManual FormatandMechanics PostOrders Summary
ReviewQuestions Chapter21.ComputersandEffectiveSecurityManagement Introduction PCHardware PCSoftware WordProcessing DatabaseManagement Spreadsheets DesktopPublishing EncryptionSoftware ComputerGraphics Telecommunications SpecializedManagementPrograms ArtificialIntelligence Multimedia RisksofUsingPCs Summary ReviewQuestions Chapter22.StatisticsasaSecurityManagementTool Introduction PlanningForFutureSecurityNeeds InternalStatisticalAnalysis ExternalStatisticalAnalysis Methodology InformationforRiskAnalysis
ReturnonInvestment Summary ReviewQuestions PARTIV.PublicRelations Chapter23.SellingSecuritywithintheOrganization HowtoSellSecurity Summary ReviewQuestions Chapter24.RelationshipwithLawEnforcement ServicesofthePublicSector ServicesofthePrivateSector Summary ReviewQuestions Chapter25.RelationshipwiththeIndustry EffectiveRelationshipCategories Summary ReviewQuestions Chapter26.CommunityRelations CommunityRelationsandtheSecurityProfessional Networking Summary ReviewQuestions PARTV.Mismanagement Chapter27.JackassManagementTraits 1TheManagerWhoSeekstoBe"Liked"RatherThanRespected
2TheManagerWhoIgnorestheOpinionsandAdviceofSubordinates 3TheManagerWhoFailstoDelegateProperly 4TheManagerWhoIgnorestheTrainingandDevelopmentalNeedsofSubordinates 5TheManagerWhoInsistsonDoingEverything"TheCompanyWay" 6TheManagerWhoFailstoGiveCreditWhenCreditIsDue 7TheManagerWhoTreatsSubordinatesasSubordinates 8TheManagerWhoIgnoresEmployees'Complaints 9TheManagerWhoDoesNotKeepPeopleInformed 10TheManagerWhoHoldsHisorHerAssistantBack 11TheManagerWhoViewstheDisciplinaryProcessasaPunitiveAction 12TheManagerWhoFailstoBackupHisorHerPeople 13TheManagerWhoseWordCannotBeTrusted 14TheManagerWhoAvoidsMakingDecisions 15TheManagerWho"PlaysFavorites" 16TheManagerWhoFailstoStayCurrentintheField 17TheManagerWhoEnjoys"Pouringon"MoreWorkthanaSubordinatecanHandle 18TheManagerWhoActsorOverreactsTooQuickly 19TheNewlyPromotedManagerWhoBelieveshisorherManureisOdorless 20TheManagerWhoIsMoody 21ManagersWhoFailtoPlanandPutPrioritiesontheirWork 22TheManagerWhoLacksEmotionandEmpathy 23TheManagerWhoHiresRelativesintotheOrganization 24TheManagerWhoViewsWomenasBeingLimitedtoPleasure,Breeding,andMenialFunctions 25TheManagerWhoFaithfullyPracticestheArtofPessimism 26TheManagerWhoStealsSubordinates'Ideas
27TheManagerWhoseStyleandAuthorityareBasedonAbsolutePower 28TheManagerWhoSeemsOblivioustoWhatIsHappening 29TheManagerWhoLovesto"Sack"Employees 30TheManagerWhoEmbarrassesSubordinatesinthePresenceofOthers 31TheManagerWhoFollows"DoubleStandards"intheOrganization 32TheManagerWhoIsaReligiousorRacialBigot Summary AppendixA.EmployeePerformanceEvaluation RATINGCODEDEFINITIONS PARTI 1.KNOWLEDGEOFJOB 2.QUALITYOFWORK 3.QUANTITYOFWORK 4.ADAPTABILITY 5.ATTITUDE 6.DEPENDABILITY 7.JUDGMENT 8.INITIATIVE 9.CUSTOMERSERVICE(AsApplicable) 10.MERCHANDISEKNOWLEDGE(AsApplicable) 11.SALESPERFORMANCE(AsApplicable) 12.APPEARANCE 13.ATTENDANCE PARTII SUMMARYRATING
PARTIII 1.DISPOSITION 2.RECOMMENDATIONSFORTRAININGOROTHERACTION 3.REMARKS PARTIV 1.REPORTOFINTERVIEW AppendixB.SecurityVulnerabilitySurvey I.GENERALFUNCTION II.BUILDING&PERIMETER III.VEHICULARMOVEMENT IV.LIGHTING V.LOCKINGCONTROLS VI.ALARMS VII.GUARDS/SECURITYCONTROLS VIII.EMPLOYEEANDVISITORCONTROLS IX.PRODUCTCONTROLS(ShippingandReceiving) X.MONEYCONTROLS XI.PROPRIETARYINFORMATION XII.OTHERVULNERABILITIES XIII.PERSONNELSECURITY AppendixC.SelectedSecurityRelatedOrganizations AppendixD.SuggestedSecurity/LossPreventionReferenceSources
CHAPTER2IdentificationandAuthentication Introduction Identification Authentication Summary Exercises Bibliography CHAPTER3AuthorizationandAccessControl Introduction Authorization Accesscontrol Accesscontrolmethodologies Summary Exercises Bibliography CHAPTER4AuditingandAccountability Introduction Accountability Auditing Summary Exercises Bibliography CHAPTER5Cryptography Introduction History
Moderncryptographictools Protectingdataatrest,inmotion,andinuse Summary Exercises Bibliography CHAPTER6OperationsSecurity Introduction Originsofoperationssecurity Theoperationssecurityprocess Lawsofoperationssecurity Operationssecurityinourpersonallives Summary Exercises Bibliography CHAPTER7PhysicalSecurity Introduction Physicalsecuritycontrols Protectingpeople Protectingdata Protectingequipment Summary Exercises Bibliography CHAPTER8NetworkSecurity Introduction
Protectingnetworks Protectingnetworktraffic Networksecuritytools Summary Exercises Bibliography CHAPTER9OperatingSystemSecurity Introduction Operatingsystemhardening Protectingagainstmalware Softwarefirewallsandhostintrusiondetection Operatingsystemsecuritytools Summary Exercises Bibliography CHAPTER10ApplicationSecurity Introduction Softwaredevelopmentvulnerabilities Websecurity Databasesecurity Applicationsecuritytools Summary Exercises Bibliography
IT Security Policy Management Usage Patterns Using IBM Tivoli Security Policy Manager
By: Axel Buecker; Scott Andrews; Craig Forster; Nicholas Harlow; Ming Lu; Sridhar Muppidi; Trevor Norvill; Philip Nye; Gnter Waller; Eric T. White Publisher: IBM Redbooks Pub. Date: October 26, 2011 Part Number: SG24-7880-00 Print ISBN-10: 0-7384-3614-3 Print ISBN-13: 978-0-7384-3614-2 Pages in Print Edition: 314
Notices Trademarks Preface Theteamwhowrotethisbook Nowyoucanbecomeapublishedauthor,too! Commentswelcome StayconnectedtoIBMRedbooks Part1:Businesscontext Chapter1:BusinessdriversandfoundationforITsecuritypolicymanagement 1.1:Driversthatinfluencesecurity Businessdriversthatinfluencesecurity ITdriversthatinfluencesecurity 1.2:IBMSecurityFramework SecurityGovernance,RiskManagement,andCompliancemodel PeopleandIdentitydomain
1.3:IBMSecurityBlueprint 1.4:SOAgovernance SOAadoption:Impactonbusinessandsecurity RelatingSOAgovernancetootherbusinessdrivers 1.5:Identityandaccessmanagementgovernance Criticaldata:Ensuringauthorizedaccessonlywhenneeded Drivingoperationalefficiencythroughautomation EnforcingconsistentpolicyenforcementacrosstheITenvironment 1.6:Compliancemanagement Regulationandprivacyconcerns Assessingcompliance:Theaudittrail Relatingcompliancemanagementandgovernance 1.7:Dataandinformationsecurity Riskofunauthorizedaccessanddataloss Contextbasedinformationaccess DatasecurityincloudandSOAenvironments 1.8:ITsecuritypolicymanagement:Aunifyingsolution Addressinggovernance Complianceanddatasecurity Riskmanagementandthecostcontainment 1.9:IntroductiontoITsecuritypolicylifecyclemanagement Policyauthoring Transform Enforcement Monitor
1.10:Conclusion Chapter2:Architecturepatternsforexternalizingsecurityfromapplicationsandservices 2.1:Intermediaryapproach Customerexample Integratingpolicyattheintermediarylevel 2.2:Containerlevelapproach Customerexample Integratingpolicyatthecontainerlevel 2.3:Databaselevelapproach Customerexample Integratingpolicyatthedatabaselevel 2.4:Applicationlevelapproach Customerexample Integratingpolicyattheapplicationlevel 2.5:Conclusion Part2:Implementingapolicylifecyclemanagementsolution Chapter3:TivoliSecurityPolicyManageroverviewandarchitecture 3.1:TivoliSecurityPolicyManageroverview TivoliSecurityPolicyManagercomponents 3.2:TivoliSecurityPolicyManagerarchitecture Logicalcomponentarchitecture Policyserverarchitecture Tivoliruntimesecurityservicearchitecture Policydatamodel,repository,andexchange Policyadministrationandclassification
Delegatedadministrativesecurity Auditingandreporting 3.3:Exampledeploymentphysicalarchitecture 3.4:Conclusion Chapter4:Integrationwithexternalsystems 4.1:Identitymanagement Integrationwithidentitymanagement IntegrationwithTivoliIdentityManager Integrationwithotheridentitymanagementsystems 4.2:Accessmanagement IntegrationwithTivoliAccessManagerforebusiness Integrationwithotheraccessmanagementsystems 4.3:Rolemanagement 4.4:Userrepositories IntegrationwithTivoliDirectoryServer IntegrationwithTivoliDirectoryIntegrator Integrationwithotheruserrepositories 4.5:Trustservices IntegrationwithTivoliFederatedIdentityManager 4.6:Applicationrepositories Databases Userregistries Proprietaryrepositories Java 4.7:Classificationmanagementtools
4.8:Compliancemanagement 4.9:Rulesengines 4.10:Conclusion Part3:UsagepatternsforITsecuritypolicymanagement Chapter5:Intermediarylevelintegration 5.1:Conceptsandbenefits ScenarioA:Establishedapplicationenvironments ScenarioB:Servicesexternaltotheenterprise ScenarioC:SOAmessageprotectionpolicies Conclusion 5.2:JavaWebApplicationServers Foundationforintegration JavaWebApplicationServerintegrationandusingthepolicylifecyclemodel Conclusion 5.3:WebApplicationFirewalls Foundationforintegration WebSphereDataPowerSOAApplianceintegrationwithTivoliSecurityPolicyManager IBMWebSphereDataPowerintegrationandusingthepolicylifecyclemodel Conclusion 5.4:EnterpriseServiceBus Foundationforintegration WebSphereDataPowerSOAApplianceintegrationwithTivoliSecurityPolicyManager Conclusion 5.5:Thirdpartyintermediaries 5.6:Conclusion
Chapter6:Containerlevelintegration 6.1:Conceptsandbenefits 6.2:WebSphereApplicationServer Foundationforintegration WebSphereintegrationusingthepolicylifecyclemodel Conclusion 6.3:Microsoftenvironment Microsoftcontainerintegration IntegrationwithTivoliSecurityPolicyManager Microsoftintegrationusingthepolicylifecyclemodel Conclusion 6.4:Conclusion Chapter7:Databaselevelintegration 7.1:Conceptsandbenefits 7.2:Databasepolicyinformationpoint Foundationforintegration IntegrationwithTivoliSecurityPolicyManager Databaseintegrationusingthepolicylifecyclemodel Conclusion 7.3:Databasepolicyenforcementpoint Foundationforintegration IntegrationwithTivoliSecurityPolicyManager Databaseintegrationusingthepolicylifecyclemodel Conclusion 7.4:Enterprisecontentmanagementdatabases
Foundationforintegration IntegrationwithTivoliSecurityPolicyManager ECMintegrationusingthepolicylifecyclemodel Conclusion Chapter8:Applicationlevelintegration 8.1:Runtimesecurityservicesinterfaces TivoliSecurityPolicyManagerauthorizationAPI JSPtaglibrary Customauthorizationsolutionsforexternalsystems Policyinformationpoint Externalrules 8.2:PolicymanagementAPI Pluginstructure Datamodel Plugins 8.3:Applicationintegration IntegrationwithJavatechnology IntegrationwithWebSpherePortal IntegrationwithMicrosofttechnology 8.4:Conclusion Chapter9:Deploymentconsiderations 9.1:Businessconsiderations Businessusecases 9.2:Deploymentconsiderations Identifyingstakeholders
Identifyingpolicies,services,anddata Prioritizingservices Identifyingoperationalrequirements 9.3:Deploymentarchitecture Singledatacenterdeploymentpattern Remoteofficedeploymentpattern Otherconsiderationsindeterminingdeploymentpatterns Operationalconsiderations 9.4:Applicationintegrationconsiderations Integrationpatterns Applicationpolicydesignconsiderations Conclusion 9.5:Conclusion Relatedpublications IBMRedbooks Otherpublications Onlineresources HowtogetRedbooks HelpfromIBM
AnHistoricalView:RootsofCloudComputing ABriefPrimeronSecurity:From50,000ft ABriefPrimeronArchitecture SecurityArchitecture:ABriefDiscussion CloudIsDrivingBroadChanges Endnotes Chapter2.CloudComputingArchitecture CloudReferenceArchitecture ControloverSecurityintheCloudModel MakingSenseofCloudDeployment MakingSenseofServicesModels HowCloudsAreFormedandKeyExamples RealworldCloudUsageScenarios Endnotes Chapter3.SecurityConcerns,RiskIssues,andLegalAspects CloudComputing:SecurityConcerns AssessingYourRiskToleranceinCloudComputing LegalandRegulatoryIssues Summary Endnotes Chapter4.SecuringtheCloud:Architecture SecurityRequirementsfortheArchitecture SecurityPatternsandArchitecturalElements CloudSecurityArchitecture PlanningKeyStrategiesforSecureOperation
Endnotes Chapter5.SecuringtheCloud:DataSecurity OverviewofDataSecurityinCloudComputing DataEncryption:ApplicationsandLimits CloudDataSecurity:SensitiveDataCategorization CloudDataStorage CloudLockin(theRoachMotelSyndrome) Summary Endnotes Chapter6.SecuringtheCloud:KeyStrategiesandBestPractices OverallStrategy:EffectivelyManagingRisk OverviewofSecurityControls TheLimitsofSecurityControls BestPractices SecurityMonitoring Summary Endnotes Chapter7.SecurityCriteria:BuildinganInternalCloud PrivateClouds:MotivationandOverview SecurityCriteriaforEnsuringaPrivateCloud Summary Endnotes Chapter8.SecurityCriteria:SelectinganExternalCloudProvider SelectingaCSP:OverviewofAssurance SelectingaCSP:OverviewofRisks
SelectingaCSP:SecurityCriteria Endnotes Chapter9.EvaluatingCloudSecurity:AnInformationSecurityFramework EvaluatingCloudSecurity ChecklistsforEvaluatingCloudSecurity Summary Endnotes Chapter10.OperatingaCloud FromArchitecturetoEfficientandSecureOperations SecurityOperationsActivities Summary Endnotes
Chapter2.UnderstandingPKIBuildingBlocks Certificates CertificationAuthority(CA) SubordinateCertificationAuthorities(SubCA) RegistrationAuthority(RA) EndpointEntities:UsersandDevices KeyandCertificateStorage Summary Chapter3.PKIProcessesandProcedures Enrollment CertificateExpirationandRenewal CertificateVerificationandEnforcement PKIResiliency Summary Chapter4.Troubleshooting KeyingMaterialGeneration EnrollmentProcess CertificateUseandValidation TroubleshootingFlowCharts Summary PartII:DesignandSolutions Chapter5.GenericPKIDesigns BasicDesignwithFlatCAArchitecture HierarchicalArchitecture HierarchicalArchitectureWithoutChaining
HierarchicalArchitecturewithChaining Summary Chapter6.IntegrationinLargeScaleSitetoSiteVPNSolutions HowDoVPNTechnologiesUsePKIasaService? IKEUsingDigitalCertificates PKIDesignandLeadingPractices GETVPNPKIDesignandLeadingPractices Summary Chapter7.IntegrationinRemoteAccessVPNSolutions CiscoIPsecVPNRemoteAccess CiscoVPNClientUsingDigitalCertificates SSLVPNAccess TroubleshootingtheAnyConnectSolution Summary Chapter8.Using802.1XCertificatesinIdentityBasedNetworking EAPTLS:CertificateBased802.1x Summary Chapter9.PKIinUnifiedCommunications PKIConceptsinCiscoUC CertificatesDistribution Applications Summary PartIII:CaseStudies Chapter10.UnderstandingCiscoVirtualOffice CVOPKIHighlights
Section2.1.FoundationalSecurityManagement Section2.2.Subcomponents Section2.3.Conclusion Chapter3.TheNetwork,ServerandEndpointsolutionpattern Section3.1.DerivingthesolutionpatternsfortheIBMSecurityFrameworksecuritydomains Section3.2.ExaminingtheIBMSecurityBlueprintcomponentsforNetwork,ServerandEndpoint Section3.3.UsingthesolutionpatternforNetwork,ServerandEndpointplanninganddesign Section3.4.Conclusion Chapter4.Commonsecurityarchitectureandnetworkmodels Section4.1.Securityisomnipresent Section4.2.EnterpriseSecurityArchitecturemodel Section4.3.Commonnetworkcomponents Section4.4.Commonnetworkmodelsandsecuritydomains Section4.5.Practicaldesigns Section4.6.Additionalcomponents Section4.7.Conclusion Chapter5.Threatandvulnerabilitymanagement Section5.1.Securityconceptsandterminology Section5.2.Malware Section5.3.Denialofservice(DoS) Section5.4.AdvancePersistentThreat(APT) Section5.5.Threatmanagement Section5.6.Vulnerabilitymanagement Section5.7.Conclusion Part:2IBMSecuritySolutionsforNetwork,ServerandEndpoint
Chapter6.Securityintelligence,research,andtechnology Section6.1.Securityandcyberintelligence Section6.2.Research Section6.3.Development Section6.4.Howcanyourbusinessbenefit Section6.5.ProtocolAnalysisModule Section6.6.Contentanalysisresearchandtechnology Section6.7.Spamprotection Section6.8.Securitytermsanddefinitions Section6.9.Conclusion Chapter7.Centralizedmanagement Section7.1.Benefitsofcentralizedmanagement Section7.2.Managingthreatsandvulnerabilities Section7.3.IBMSecuritySiteProtectoroverview Section7.4.ManagingoperationalsecurityinSiteProtector Section7.5.Conclusion Chapter8.Networksecuritysolutions Section8.1.IBMSecurityNetworkIPS Section8.2.Intrusionandintrusionpreventiondefinitions Section8.3.Intrusionpreventionpolicies Section8.4.Intrusionpreventionenforcement Section8.5.Physicaldeploymentmodel Section8.6.IBMTivoliNetcoolConfigurationManager Section8.7.IBMWebSphereDataPower Section8.8.IBMLotusProtectorforMailSecurity
Section8.9.Conclusion Chapter9.Hostsecuritysolutions Section9.1.IBMTivoliEndpointManager Section9.2.ProventiaDesktopEndpointSecurity Section9.3.IBMSecurityServerProtection Section9.4.Conclusion Chapter10.Virtualserversecuritysolutions Section10.1.Virtualizationdefined Section10.2.Virtualizationthreats Section10.3.IBMVirtualServersecuritysolutions Section10.4.IBMSecurityVirtualServerProtectionforVMwarecomponentmodel Section10.5.Conclusion Chapter11.SecurityservicesforNetwork,ServerandEndpoint Section11.1.ProfessionalSecurityServices Section11.2.ManagedSecurityServices Section11.3.CloudSecurityServices Section11.4.Conclusion Part:3Businessscenarios Chapter12.ABCGovernmentAgency Section12.1.Companyoverview Section12.2.Businessvision Section12.3.Businessrequirements Section12.4.Functionalrequirements Section12.5.Designapproach Section12.6.Implementationapproach
Section12.7.Conclusion Chapter13.XYZCardio Section13.1.Companyoverview Section13.2.Businessvision Section13.3.Businessrequirements Section13.4.Functionalrequirements Section13.5.Designapproach Section13.6.Implementationapproach Section13.7.Conclusion Relatedpublications IBMRedbooks Otherpublications Onlineresources HowtogetRedbooks HelpfromIBM
WhereCyberFitsintheWarfightingDomains Threatscape FieldingSystemsattheSpeedofNeed Summary Endnotes Chapter3.CyberDoctrine CurrentU.S.Doctrine SampleDoctrine/StrategyfromAroundtheWorld TranslatingTraditionalMilitaryDoctrine GuidanceandDirectives OperationsandExercises Endnotes Chapter4.CyberWarriors WhatDoesaCyberWarriorLookLike? DifferencesfromTraditionalForces PresentCyberWarfareForces StaffingforCyberWar Endnotes Chapter5.LogicalWeapons ReconnaissanceTools ScanningTools AccessandEscalationTools ExfiltrationTools SustainmentTools AssaultTools
ObfuscationTools Summary Endnotes Chapter6.PhysicalWeapons HowtheLogicalandPhysicalRealmsareConnected InfrastructureConcerns SupplyChainConcerns ToolsforPhysicalAttackandDefense Summary Endnotes Chapter7.PsychologicalWeapons SocialEngineeringExplained HowtheMilitaryApproachesSocialEngineering HowtheMilitaryDefendsAgainstSocialEngineering Endnotes Chapter8.ComputerNetworkExploitation IntelligenceandCounterIntelligence Reconnaissance Surveillance Summary Endnotes Chapter9.ComputerNetworkAttack WagingWarintheCyberEra TheAttackProcess Endnotes
Chapter10.ComputerNetworkDefense WhatWeProtect SecurityAwarenessandTraining DefendingagainstCyberAttacks Summary Endnotes Chapter11.NonStateActorsinComputerNetworkOperations IndividualActors Corporations CyberTerrorism OrganizedCyberCrime AutonomousActors Summary Endnotes Chapter12.LegalSystemImpacts LegalSystems KeyU.S.Laws PrivacyImpacts DigitalForensics Endnotes Chapter13.Ethics EthicsinCyberWarfare BellumIustum(JustWarTheory) Summary Endnotes
Chapter14.CyberspaceChallenges CybersecurityIssuesDefined InterrelationshipofCybersecurityIssues WayAhead Summary Endnotes Chapter15.TheFutureofCyberWar NearTermTrends MostLikelyandMostDangerousCoursesofAction NewTechnologiesandNewproblems InternationalInteractions Endnotes Appendix:CyberTimeline
Section2.2.ApplicationversusDBMScompliancecontrols Section2.3.Privilegedusercontrols Section2.4.DB2forz/OSfromanevolutionaryperspective Part:2DB2capabilities Chapter3.Administrativeauthoritiesandsecurityrelatedobjects Section3.1.Rationalefornewfeatures Section3.2.Managementofsecurityrelatedobjects Section3.3.SECADM Section3.4.SYSTEMDBADM Section3.5.ACCESSCTRL Section3.6.DATAACCESS Section3.7.ReassigningpowerfulprivilegesheldbySYSADMandSYSCTRL Section3.8.Revokingwithoutcascade Section3.9.Debuggingandperformanceanalysisprivileges Section3.10.DSNZPARMsrelatedtosecurity Chapter4.Rolesandtrustedcontexts Section4.1.Existingchallenges Section4.2.Roles Section4.3.Trustedcontexts Section4.4.Challengesaddressedbyrolesandtrustedcontexts Section4.5.Exampleofalocaltrustedcontext:SecuringDBAactivities Section4.6.Exampleofaremotetrustedconnection Section4.7.Exampleofaremotetrustedconnectionwithmultipleusers Section4.8.ProtectingnewDB210administrativeauthorities Chapter5.Dataaccesscontrol
Section5.1.Newaccesscontrolfunctionsandterminology Section5.2.Rowpermissionobject Section5.3.Columnmasks Section5.4.EXPLAINtableinformation Section5.5.TriggersandUDFinformation Chapter6.CryptographyforDB2data Section6.1.DB2builtinfunctionsupportforencryption Section6.2.InfoSphereGuardiumDataEncryptionforDB2andIMSDatabases Section6.3.DiskstoragebasedencryptionwithIBMSystemStorageDS8000 Section6.4.Tapestorageencryption Section6.5.OverviewofSSLandIPATTLS Chapter7.Userauthentication Section7.1.Authenticationandthedataserversecuritycategories Section7.2.z/OSSecurityServerpasswordphraseandDRDAencryption Section7.3.z/OSidentitypropagationanddistributedDB2workloads Section7.4.z/OSdigitalcertificatesandDB2ATTLS Chapter8.Auditpolicies Section8.1.Policybasedauditcapability Chapter9.RACFandDB2 Section9.1.AuthorizationIDsforaccessingdatawithinDB2 Section9.2.DB2managedsecurity Section9.3.RACFmanagedsecurity Part:3Implementationscenarios Chapter10.Implementingdataaccesscontrol Section10.1.DescriptionoftheSpiffyComputerCompany
Section10.2.Scenario1:Separationofduties Section10.3.Scenario2:Classificationofusers Section10.4.TheSYSADMauthority Chapter11.Remoteclientapplicationsaccess Section11.1.Usingapasswordphraseforremoteclientapplications Section11.2.ProtectingdatathroughDB2SSLwithdigitalcertification Section11.3.Identitypropagationforaremoteclientapplication Section11.4.ConsiderationsaboutSQLinjection Chapter12.Databasemonitoringandtheauditapplication Section12.1.ActivitymonitoringoptionsonDB2forz/OS Section12.2.TivoliOMEGAMONforDB2PerformanceExpertVersionV5R1 Chapter13.DB2temporalsupport Section13.1.Temporaltables Section13.2.Usingtemporaltablesforauditing Part:4Securitytools Chapter14.Securitytoolsfordiscoveryandcontrol Section14.1.InfoSphereDiscovery Section14.2.IBMTivoliSecuritySolutions Section14.3.SQLinjectionandIBMOptimpureQueryRuntime Chapter15.AuditingandInfoSphereGuardium Section15.1.InfoSphereGuardium Section15.2.DatabasesecurityfunctionalityusingInfoSphereGuardium Section15.3.InfoSphereGuardiumSTAPforDB2forz/OS Part:5Appendixes AppendixA:SpiffyComputerCompanysecuritysetup
SpiffyComputerCompany OrganizationofSpiffyComputerCompany AppendixB:Introductiontocryptography Fundamentalsofcryptography IntegratedCryptographicServiceFacilityforz/OS TivoliKeyLifecycleManager Abbreviationsandacronyms Relatedpublications IBMRedbooks Otherpublications Onlineresources HelpfromIBM
Vulnerabilityassessmentversuspenetrationtesting Securitytestingmethodologies BackTracktestingmethodology Theethics Summary section:IIPartII Chapter3.TargetScoping Gatheringclientrequirements Preparingthetestplan Profilingtestboundaries Definingbusinessobjectives Projectmanagementandscheduling Summary Chapter4.InformationGathering Publicresources Documentgathering DNSinformation Routeinformation Utilizingsearchengines Allinoneintelligencegathering Documentingtheinformation Summary Chapter5.TargetDiscovery Introduction Identifyingthetargetmachine
OSfingerprinting Summary Chapter6.EnumeratingTarget Portscanning Serviceenumeration VPNenumeration Summary Chapter7.VulnerabilityMapping Typesofvulnerabilities Vulnerabilitytaxonomy OpenVulnerabilityAssessmentSystem(OpenVAS) Ciscoanalysis Fuzzyanalysis SMBanalysis SNMPanalysis Webapplicationanalysis Summary Chapter8.SocialEngineering Modelinghumanpsychology Attackprocess Attackmethods SocialEngineeringToolkit(SET) CommonUserPasswordsProfiler(CUPP) Summary Chapter9.TargetExploitation
Vulnerabilityresearch Vulnerabilityandexploitrepositories Advancedexploitationtoolkit Summary Chapter10.PrivilegeEscalation Attackingthepassword Networksniffers Networkspoofingtools Summary Chapter11.MaintainingAccess Protocoltunneling Proxy Endtoendconnection Summary Chapter12.DocumentationandReporting Documentationandresultsverification Typesofreports Presentation Posttestingprocedures Summary section:IIPARTIII AppendixA.SupplementaryTools Vulnerabilityscanner Webapplicationfingerprinter NetworkBallista
Chapter2:SmartphoneDataProtectionUsingMobileUsagePatternMatching Abstract Introduction Background ApproximateUsageStringMatching Conclusion Chapter3:ConservationOfMobileDataAndUsabilityConstraints Abstract Introduction Background DeviceProtectionInIso/Iec27002CyberSecurityStandard MobileDataEncryptionAndAccessControlTools SecurityMethodsAndUsabilityConstraints CommunicationModelAndSecurityLevelOfServices ZeroInteractionAuthentication(Zia) Conclusion Section2:SocialMedia,BotnetsAndIntrusionDetection Chapter4:CyberSecurityAndPrivacyInTheAgeOfSocialNetworks Abstract Introduction Background ImpactOfSocialMediaOnCyberSecurityAndPrivacy PrivacyOnSocialMedia SocialNetworkingOnPortableInternetDevices LocationBasedSocialApplications
SocialMediaUseInsideOrganizations IdentityAndAuthentication FutureResearchDirections Conclusion Chapter5:BotnetsAndCyberSecurity Abstract Introduction Background CurrentEfforts ExistingConstraintsToBotnetMitigation SolutionsAndRecommendations FutureResearchDirections Conclusion Chapter6:EvaluationOfContemporaryAnomalyDetectionSystems(Adss) Abstract Introduction Background AdsEvaluationFramework PerformanceEvalautionOfContemporaryNadssAndLessonsLearnt Conclusion Section3:FormalMethodsAndQuantumComputing Chapter7:PracticalQuantumKeyDistribution Abstract Introduction Background
TheProposedDecoyStateMethod TheStatisticalFluctuations TheSimulationOfPracticalDecoyQkdSystem:TheSimulationOfFiberBasedPracticalDecoyQkd System ExperimentalSetUp ResultsAndDiscussion FutureResearchDirections Conclusion Chapter8:AutomatedFormalMethodsForSecurityProtocolEngineering Abstract Introduction Background StateOfTheArt FutureResearchDirections Conclusion Section4:EmbeddedSystemsAndScadaSecurity Chapter9:FaultTolerantRemoteTerminalUnits(Rtus)InScadaSystems Abstract Introduction ScadaSystemArchitecture FaultTolerantRemoteTerminalUnit CanProtocol FaultTolerantScheme ReliabilityModeling AvailabilityModelingOfAProcessingNodeInFtrtu DiscussionOfTheResult
CyberSecurityAndVulnerabilityForScadaSystems CyberSecurityMitigation Conclusion Chapter10:EmbeddedSystemsSecurity Abstract Introduction Background SecurityIssuesInEmbeddedSystems SecurityOfCellPhones FutureResearchDirections Conclusion Section5:IndustrialAndApplicationsSecurity Chapter11:CyberSecurityInLiquidPetroleumPipelines Abstract Introduction CriticalInfrastructure:WhatIsIt? ScadaSystems CyberSecurityStandards ResilientScadaSystemsAreCyberSecureSystems DefenseInDepth ScadaCyberSecurityEnvironmentalUniqueness ComparisonBetweenScadaAndItSystems OperatingSystemUpdateApproaches ManagementInfrastructure FutureResearchDirections
Conclusion Chapter12:ApplicationOfCyberSecurityInEmergingC4isrSystems Abstract IntroductionToTheC4isrSystems GeneralizedViewOfAC4isrSystem ImportanceOfCyberSecurityInC4isrSystems CaseStudiesManifestingTheImportanceOfCyberSecurity CyberSecurityInStandardizedC4isrArchitectures GeneralSecurityOfProtocolsInTcp/IpFamily SecurityFeaturesInDifferentParts/ComponentsOfC4isrSystems RecentDevelopmentsAndInitiativesInCyberSecurityOfC4isrSystems UseOfOpenSourceAndCotsInC4isrSystems Conclusion Appendix:Acronyms Chapter13:PracticalWebApplicationSecurityAuditFollowingIndustryStandardsAndCompliance Abstract Introduction Background DefendingWebApplicationInfrastructure FutureResearchDirections Conclusion CompilationOfReferences
HOMEANDAWAYLAPTOPSANDSMARTPHONES SECURINGHOMEWIFI SUMMARY 3GOODSECURITYPRACTICE BACKUPYOURDATA CHOOSINGGOODPASSWORDS PATCHINGVULNERABILITIES CREATINGARESILIENTSYSTEM SECURINGYOURAPPLICATIONS STAYINGAWARE SUMMARY 4SECURITYONTHEWORLDWIDEWEB SAFERSURFING FIREWALLTHEINTERNET SECUREECOMMERCE PROTECTINGCHILDRENINCYBERSPACE PROTECTINGYOURPRIVACY SOCIABLENETWORKING ERASINGDATAONYOURPC SUMMARY 5EMAILSECURITY BASICPRECAUTIONS SECUREEMAILUSINGENCRYPTION SPAMJUNKEMAIL SUMMARY
6VIRUSESANDOTHERMALIGNANTSOFTWARE ANINTRODUCTIONTOMALWARE TYPESOFMALWARE SOMEMALWAREEXAMPLES MALWARECOUNTERMEASURES RECOGNISINGANDCURINGVIRUSINFECTIONS VIRUSHOAXES SUMMARY 7WORKINGSECURELYATHOME RISKSATHOME TELECOMMUTING LAPTOPSANDSMARTPHONES SMALLOFFICEANDHOMEOFFICENETWORKS CYBERCRIMEANDTHELAW SUMMARY
FutureResearchDirections Conclusion Chapter2:SocialNetworksAndStudents'EthicalBehavior Abstract Introduction Background StudentIdeasAboutSocialNetworking SocialNetworking'SEffectOnOne'SEthicalStructure FutureResearchDirections Conclusion Chapter3:TheEthicsOfSecurityOfPersonalInformationUponFacebook Abstract Introduction Background:TheHistoryOfSocialNetworking BackgroundToTheFacebookSocialNetworkingSite FacebookSecurityAndPrivacyExamples InformationLoss Viruses,MalwaresAndTrojanAttacks ThirdPartyApplications OrganisationalImpact TheRightToPrivacy? TheImpactOfPublicOpinion:AnAustralianCase OnlineHarassment FacebookSecurityIssuesFramework SolutionsAndRecommendations
FutureResearchDirections Conclusion Chapter4:CopyrightAndEthicalIssuesInEmergingModelsForTheDigitalMediaReportingOfSports NewsInAustralia Abstract Introduction Background SportsNewsReportingAndDigitalMedia FutureResearchDirections Conclusion Section2:EthicalConcernsInTheHandlingAndDeliveryOfHealthAndSafetyInformation Chapter5:TheProtocolsOfPrivilegedInformationHandlingInAnEHealthContext Abstract Introduction Background ResearchDesign RightsAndResponsibilities TheNaturalHospitalEnvironment(Nhe) PkiAndNash ItSupport FutureResearchDirections Conclusion Chapter6:TheChangingWorldOfIctAndHealth Abstract Introduction ThePatientAsAConsumer
EmpoweringThroughConvergingCommunications TheEvolutionOfCommunicationMediums InternetPenetrationVs.MobilePenetration AccessToHealthInformation:DevelopingCountryPerspective FutureResearchDirections Conclusion Chapter7:TheSocioEthicalConsiderationsSurroundingGovernmentMandatedLocationBased ServicesDuringEmergencies Abstract Introduction EmergencyManagementInAustralia TheEmergenceOfLocationBasedServicesSolutions EmergencyWarningAndAlertingMethodsInAustralia Conclusion Section3:EthicsAndSecurityInOrganisations Chapter8:MonitoringEmployeeActionsInTheWorkplace Abstract Introduction Background Surveillance FutureResearchDirections Conclusion Chapter9:PolicyAndIssuesInDeployingAutomatedPlagiarismDetectionSystemsInAcademic Communities Abstract Introduction
PolicyAndIssues CaseStudy:VeriguideInCuhk FutureResearchDirections Conclusion Chapter10:SecurityTechnologiesAndPoliciesInOrganisations Abstract Introduction InformationForManagers Background CaseStudy0 CaseStudy1 CommonSecurityIssues TheHacker`Ethic' TheDutiesOfSecurityStaff CaseStudy2 ThePowerToMoveMountains TheTheftOfTheIntangible CaseStudy3 ProducingAConsistentEthicalFramework Conclusion Chapter11:CriticalInfrastructureProtection Abstract Introduction Background TheCriticalInfrastructureProtectionCaseStudy
OutliningTheEthicalDilemma SolutionsAndRecommendations FutureResearchDirections Conclusion Chapter12:EffectiveInfrastructureProtectionThroughVirtualization Abstract Introduction Background TopicsInVirtualization SolutionsAndRecommendations FutureResearchDirections Conclusion Chapter13:FirewallRulebaseManagement Abstract Introduction Background FirewallRulebaseManagement CaseStudy:OrphanedRuleIdentificationAndPrevention FutureResearchDirections Conclusion Chapter14:IntegrationOfCobit,BalancedScorecardAndSseCmmAsAnOrganizational&Strategic InformationSecurityManagement(Ism)Framework Abstract Introduction TheNeedForAStrategicIsmFramework FormulationOfTheIntegratedFramework(Methodology)
Expert Oracle and Java Security: Programming Secure Oracle Database Applications with Java
By: David Coffin Publisher: Apress Pub. Date: September 13, 2011 Print ISBN: 978-1-4302-3831-7 Web ISBN: 1-4302-3831-3 Pages in Print Edition: 468
Title Dedication ContentsataGlance Contents AbouttheAuthor AbouttheTechnicalReviewer Acknowledgments Introduction Chapter1:Introduction Requirements ForWindowsandUNIX/LinuxUsers Background HowtoUseThisBook OrganizationofThisBook JavaObjectsandOracleDatabaseStructures ChapterReview Chapter2:OracleDatabaseSecurity
FindingaTestOracleDatabase WorkingfromanExistingOracleDatabase OracleUsersandSchemas SQL*Plus,SQLDeveloper,JDeveloper,orTOAD OrganizationoftheNextFewSections WorkingastheSYSUser WorkingastheSecurityAdministrator WorkingastheHRSchemaUser TestApplicationUserAccess AuditTrailLogsfortheSensitiveView RegardingSynonyms ChapterReview Chapter3:SecureJavaDevelopmentConcepts JavaDevelopmentKit OracleJavaDatabaseConnectivity JARFileDirectorySeparator JavaPackages DevelopmentatCommandPrompt JavaCodeandSyntaxConcepts Exceptions JavaVirtualMachineSandbox ChapterReview Chapter4:JavaStoredProcedures JavaStoredProcedureExample MethodSyntaxinJavaStoredProcedures
CleaningUp TheOracleJavaVirtualMachine ChapterReview Chapter5:PublicKeyEncryption GenerateKeysontheClient RSAPublicKeyCryptography JavaCodetoGenerateandUseRSAKeys TestingontheClient KeyExchange TestingonClientandServer ChapterReview Chapter6:SecretPasswordEncryption Approach JavaCodeforSecretPasswordEncryption OracleStructuresforSecretPasswordEncryption JavaMethodsforSecretPasswordDecryption TestingDESEncryptionontheClientOnly CodingtoTestClient/ServerSecretPasswordEncryption TestingOurSecureClient/ServerDataTransmission ChapterReview Chapter7:DataEncryptioninTransit SecurityAdministratorActivities ApplicationSecurityUserActivities UpdatingtheApplicationSecurityPackage MethodsforUsingandTestingEncryptioninTransit
LoadingUpdatedOracleJavaSecureClassintoOracle SecurityStructuresfortheHRUser InsertinganEMPLOYEESRecord:UpdateaSequence DemonstrationsandTestsofEncryptedDataExchange ExecutingtheDemonstrationsandTests PackagingTemplatetoImplementEncryption Don'tStopNow ChapterReview Chapter8:SingleSignOn AnotherLayerofAuthentication? WhoIsLoggedInontheClient? AccessOracleDatabaseasOurIdentifiedUser ProxySessions UsingConnectionPools ApplicationUseofOracleSSO ChapterReview Chapter9:TwoFactorAuthentication GetOracleDatabasetoSendEMail GettingOracleDatabasetoBrowseWebPages TheTwoFactorAuthenticationProcess SecurityConsiderationsforTwoFactorDistributionAvenues OracleStructuresSupportingTwoFactorAuthentication UpdateOracleJavaSecurity.javaforTwoFactorAuthentication TestingTwoFactorAuthentication ChapterReview
Chapter10:ApplicationAuthorization SecureApplicationRoleProcedureforMultipleApplications RewriteandRefactorMethodtoDistributeTwoFactorCode UpdatetoTwoFactorDistributionFormats ApplicationAuthorizationOverview UserforApplicationAuthorization StructuresforApplicationAuthorization ASetofConnectionStringsforanApplication SaveConnectionStringsfromtheClientPerspective SaveConnectionStringsfromtheServerPerspective GetanApplicationConnectionString:TheJavaClientSide GetaListofApplicationConnectionStrings:TheServerSide TestApplicationAuthentication,Phase1 TestingaSecondApplication GetApplicationAuthenticationConnectionandRole TestApplicationAuthentication,Phase2 ChapterReview Chapter11:EnhancingSecurity HidetheAPPVERConnectionString CreateanOracleClientWallet TraceOracleClientCode LoggingOracleThinClientTraceData EncryptDataStoredonOracleDatabase ManageConnectionStringsforApplications AddOtherAuthenticationCredentials
UpdateApplicationSecurityStructures AuthenticateonaSeparateOracleInstance TestEnhancedSecurity TestfromaDifferentApplication,TestOracleJavaSecure ChapterReview Chapter12:AdministrationofSecurity ASecurityAdministrationInterface ApplicationLoginScreen SecurityAdministrationMenu Add/ModifyUserFunctionalScreen UserAdministrationScreen ApplicationAssignmentScreen ApplicationRegistrationScreen ApplicationSelectionScreen ConnectionStringEditor ConnectionStringCopyScreen LimitingCertainAdministratorstoCertainApplications ScriptsExecutionandCodeCompilation FinalUpdatestoOracleJavaSecure SingleOracleInstanceCode BootstrapOJSAdmin ChapterReview AppendixA:ListofMethodsfromOracleJavaSecureClass AppendixB:OracleProcedures,FunctionsandTriggersforOracleandJavaSecurity Index
WrapUp Chapter2SecurityStrategyAnalysis:FoundationofYourSecurityPolicy CaseStudy:HackingIsanEqualOpportunitySport TheH.U.M.O.R.Matrix HumanResources UtilizationofResourcesandAssets MonetaryConsiderations OperationsManagement ReputationManagement WrapUp Chapter3MonitoringintheSocialMediaLandscape CaseStudy:ADangerousPublic WhatAreYourCustomersandtheGeneralPublicSaying? WhatAreYourEmployeesSaying? TheWhatIfScenario WrapUp PartIIAssessingSocialMediaThreats Chapter4ThreatAssessment CaseStudy:PoliticalHacking TheChangingThreatLandscape IdentifyingtheThreats ThreatAssessmentandtheThreatManagementLifecycle H.U.M.O.R.ThreatAssessment AssessingDamage DevelopingaResponse
WrapUp Chapter5WhatCanGoWrong CaseStudy:Firesheep,ARealWorldExampleofSocialMediaHacking DangersSpecifictoSocialNetworks Cyberstalking ValidatingtheEndUser DataScraping WrapUp PartIIIOperations,Policies,&Processes Chapter6SocialMediaSecurityPolicyBestPractices CaseStudy:GrowthofSocialMediaPolicyUsage WhatIsanEffectiveSocialMediaSecurityPolicy? H.U.M.O.R.Guidelines DevelopingYourSocialMediaSecurityPolicy ASampleSocialMediaSecurityPolicy WrapUp Chapter7HumanResources:Strategy&Collaboration CaseStudy:ExpensivePaperweightGetsFired IdentifyingBusinessProcesses,Regulations,andLegalRequirements TheCommunityManager:DefiningandImplementing Training WrapUp Chapter8UtilizationofResources:Strategy&Collaboration CaseStudy:InappropriateTweets HowAreSecurityProcessesHandled?
PreventingDataLoss EducatingEmployees WrapUp Chapter9MonetaryConsiderations:Strategy&Collaboration CaseStudy:CalculatingtheCostofDataLoss CostsofImplementingControls CostsofThreatsandCountermeasures WrapUp Chapter10OperationsManagement:Strategy&Collaboration CaseStudy:MilitaryCyberprofiles OperationsManagementStrategy ControlsAuditing WrapUp Chapter11ReputationManagement:Strategy&Collaboration CaseStudy:DominosReputationAttack AttemptstoRuinBrandEquity:FromLogostoBrands ActivelyManagingYourReputation ZenandtheArtofSocialMediaStrategy WhoDoYouCallinaCrisis? ReducingReputationRiskswithIncidentManagement WrapUp PartIVMonitoring&Reporting Chapter12HumanResourcesMonitoring&Reporting CaseStudy:FacebookPostingLeadstoFiring MonitoringbyHumanResources
HowtoMonitorEmployeeUsage HowtoUseSocialMediatoMonitorProspectiveEmployees BaselineMonitoringandReportingRequirements PolicyManagement WrapUp Chapter13UtilizationMonitoring&Reporting CaseStudy:HowNottoRespond Who,What,Where,When,andHow? Technology IntellectualProperty Copyright IncidentManagement ReportingMetrics WrapUp Chapter14MonetaryMonitoring&Reporting CaseStudy:TheBudgetaryChallenge SocialMediaSecurityonaLimitedBudget SocialMediaSecurityonaBigBudget TrainingCosts WrapUp Chapter15OperationsManagementMonitoring&Reporting CaseStudy:SocialMediaSuccess TypesofMonitoringtoEnsureSecurityPracticesAreFollowed DataLossManagement:ToolsandPractices MonitoringandManagementTools
TrackingEmployeeUsage WrapUp Chapter16ReputationManagementMonitoring&Reporting CaseStudy:UncontrolledReputationDamage OnlineReputationManagement SettingUpaMonitoringSystem EstablishingaBaselineandComparingHistoricalPeriods HowtoMakeGoodUseofReputationInformation WrapUp PartVSocialMedia3.0 Chapter17AssessingYourSocialMediaStrategy HowJAGsDoing TheChallengesAhead ActiveReputationManagement WrapUp Chapter18TheFutureofSocialMediaSecurity TheInternetofThings EvolvingThreatstotheGlobalBrain TheBestDefenseIsaGoodOffense JumpingintotheDeepEnd WrapUp
Take Control of iPhone and iPod touch Networking & Security, iOS 4 Edition
By: Glenn Fleishman Publisher: TidBITS Publishing, Inc. Pub. Date: April 4, 2011 Pages in Print Edition: 178
Copyright ReadMeFirst Introduction Chapter1.QuickStarttoNetworkingandSecurity Chapter2.QuickConnectionGuide Section2.1.ConnectwithWiFiatHomeorWork Section2.2.ConnecttoaWiFiHotspot Chapter3.InDepthonWiFi Section3.1.ManagingWiFiConnections Section3.2.WiFiTroubleshooting Section3.3.TweakingYourNetworkforFasterPerformance Chapter4.ConnecttoaSecureWiFiNetwork Section4.1.KnowtheWiFiSecurityTypes Section4.2.ConnectwithWPA/WPA2Personal Section4.3.ConnectwithWPA2Enterprise Section4.4.OutdatedMethods Chapter5.Workwith3GonaniPhone Section5.1.PickaDataPlan Section5.2.KeepingUsageRestrained Section5.3.ChoosetoUse3GorWiFi
Section5.4.CrossBorderiPhoneUse Section5.5.AlternativestoPhoneDataPlans Chapter6.PersonalHotspotandTethering Section6.1.PayforPersonalHotspot Section6.2.TurnOnPersonalHotspot Section6.3.ConnecttothePersonalHotspot Chapter7.Bluetooth Section7.1.BluetoothBasics Section7.2.PairingAnyDevice Section7.3.PeertoPeerPairing Section7.4.HandsFreeCallingandTalking Section7.5.AppleWirelessKeyboard Section7.6.AudioDevices Chapter8.AirplaneMode Section8.1.WhatsAirplaneMode? Section8.2.TurningRadiosoffSeparately Chapter9.RemoteAccessandControl Section9.1.iTeleport(FormerlyJaaduVNC) Section9.2.LogMeInIgnition Chapter10.AccessDocuments Section10.1.WhatKindsofStorage Section10.2.AirSharingPro Section10.3.GoodReader Section10.4.ConnecttoaniOSAppWebDAVServer Section10.5.iBooks
Section10.6.Dropbox Section10.7.iDisk Chapter11.TransferDataSecurely Section11.1.Exposure Section11.2.SecureSolutions Chapter12.KeepDataSafe Section12.1.Exposure Section12.2.TheDangerofSafarisAutoFill Section12.3.Mitigation Chapter13.WhenYouriOSDeviceGoesMissing Section13.1.SafetyTipswhileOutandAbout Section13.2.FindMyiOSDeviceviaMobileMe Section13.3.RemoteTrackingSoftware AppendixA.AboutThisBook SectionA.1.EbookExtras SectionA.2.AbouttheAuthor SectionA.3.AuthorsAcknowledgments SectionA.4.AboutthePublisher SectionA.5.ProductionCredits
Android Forensics: Investigation, Analysis, and Mobile Security for Google Android
By: Andrew Hoog Publisher: Syngress Pub. Date: June 15, 2011 Print ISBN-13: 978-1-59749-651-3 E-Book ISBN-13: 978-1-59749-652-0 Pages in Print Edition: 393
FrontCover AndroidForensics Copyright Dedication Contents Acknowledgements Introduction Chapter1 Chapter5 Website AbouttheTechnicalEditor Chapter1Androidandmobileforensics Androidplatform Linux,opensourcesoftware,andforensics AndroidOpenSourceProject Internationalization AndroidMarket
Androidforensics Summary References Chapter2Androidhardwareplatforms Overviewofcorecomponents Overviewofdifferentdevicetypes ROMandbootloaders Manufacturers Androidupdates Specificdevices References Chapter3Androidsoftwaredevelopmentkitandandroiddebugbridge Androidplatforms Softwaredevelopmentkit(SDK) Androidsecuritymodel ForensicsandtheSDK Summary References Chapter4Androidfilesystemsanddatastructures DataintheShell Typeofmemory Filesystems Mountedfilesystems References Chapter5Androiddevice,data,andappsecurity
Introduction Datathefttargetsandattackvectors Securityconsiderations Individualsecuritystrategies Corporatesecuritystrategies Appdevelopmentsecuritystrategies Summary References Chapter6Androidforensictechniques Introduction ProceduresforhandlinganAndroiddevice ImagingAndroidUSBmassstoragedevices Logicaltechniques Physicaltechniques References Chapter7Androidapplicationandforensicanalysis Analysistechniques FATforensicanalysis YAFFS2forensicanalysis Androidappanalysisandreference Summary References
IBM z/OS V1R12 Communications Server TCP/IP Implementation: Volume 4 Security and Policy-Based Networking
By: Mike Ebbers; Rama Ayyar; Octavio L. Ferreira; Gazi Karakus; Yukihiko Miyamoto; Joel Porterie; Andi Wijaya Publisher: IBM Redbooks Pub. Date: July 18, 2011 Part Number: SG24-7899-00 Print ISBN-10: 0-7384-3566-X Print ISBN-13: 978-0-7384-3566-4 Pages in Print Edition: 954
Figures Tables Examples Notices Preface Theteamwhowrotethisbook Nowyoucanbecomeapublishedauthor,too! Commentswelcome StayconnectedtoIBMRedbooks Part:1SAFbasedsecurity Chapter1.RACFdemystified Section1.1.RACFbasicconcepts Section1.2.Protectingyournetworkresources Section1.3.Protectingyourprograms Section1.4.AssociatingauserIDwithastartedtask
Section1.5.Settingupsecurityfordaemonsinz/OSUNIX Section1.6.RACFmultilevelsecurityfornetworkresources Section1.7.DigitalcertificatesinRACF Section1.8.Additionalinformation Chapter2.Protectingnetworkresources Section2.1.TheSERVAUTHresourceclass Section2.2.ProtectingyourTCP/IPstack Section2.3.Protectingyournetworkaccess Section2.4.Protectingyournetworkports Section2.5.Protectingtheuseofsocketoptions Section2.6.Protectingsensitivenetworkcommands Section2.7.ProtectingFTP Section2.8.Protectingnetworkmanagementresources Section2.9.Protectingmiscellaneousresources Part:2Managingsecurity Chapter3.Certificatemanagementinz/OS Section3.1.Digitalcertificatesoverview Section3.2.Digitalcertificatetypes Section3.3.Configuringtheutilitiestogeneratecertificatesinz/OS Section3.4.UsingcertificatesinsampleIBMenvironments Part:3Policybasednetworking Centralizingsecurityservices Chapter4.Policyagent Section4.1.Policyagentdescription Section4.2.ImplementingPAGENTonz/OS
Section4.3.TheIBMConfigurationAssistantforz/OSCommunicationServer Section4.4.Backupandmigrationconsiderations Section4.5.SettinguptheTrafficRegulationManagementDaemon Section4.6.Additionalinformation Chapter5.CentralPolicyServer Section5.1.Background Section5.2.Basicconcepts Section5.3.Configuringdistributed(centralized)policyservices Section5.4.Activatingandverifyingthepolicyservicesenvironment Section5.5.Diagnosingthecentralizedpolicyservicesenvironment Section5.6.ConfiguringtheCentralPolicyServerwithoutSSLSecurity Section5.7.Additionalinformation Chapter6.QualityofService Section6.1.QualityofServicedefinition Section6.2.ConfiguringQoSinthez/OSCommunicationsServer Section6.3.IncludingQOSinthepolicyagentconfiguration Section6.4.VerifyinganddiagnosingtheQoSimplementation Chapter7.IPfiltering Section7.1.DefineIPfiltering Section7.2.z/OSIPfilteringimplementation Chapter8.IPSecurity Section8.1.IPSecdescription Section8.2.Basicconcepts Section8.3.IPsecsupportcurrency Section8.4.Workingwiththez/OSCommunicationsServerNetworkManagementInterface
Section8.5.HowIPSecisimplemented Section8.6.ConfiguringIPSecbetweentwoz/OSsystems:PresharedKeyMode Section8.7.ConfiguringIPSecbetweentwoz/OSsystems:RSAsignaturemodeforIKEv1 Section8.8.Additionalinformation Chapter9.NetworkSecurityServicesforIPSecclients Section9.1.Basicconcepts Section9.2.ConfiguringNSSfortheIPSecdiscipline Section9.3.VerifyingtheNSSenvironmentfortheIKEDClient Section9.4.DiagnosingtheNSSDenvironment Section9.5.WorksheetquestionsforNSSDimplementation(IKEDClient) Section9.6.Additionalinformation Chapter10.NetworkSecurityServicesforWebSphereDataPowerappliances Section10.1.Basicconcepts Section10.2.ConfiguringNSS Section10.3.VerifyingtheNSSconfigurationwiththeNSSClient(XMLApplianceDiscipline) Section10.4.Additionalinformation Section10.5.NSSconfigurationworksheetforanNSSXMLApplianceclient Chapter11.NetworkAddressTranslationtraversalsupport Section11.1.NetworkAddressTranslation Section11.2.IPSecandNATincompatibilities Section11.3.NAPTtraversalsupportforintegratedIPSec/VPN Chapter12.ApplicationTransparentTransportLayerSecurity Section12.1.ConceptualoverviewofATTLS Section12.2.ATTLSImplementationExample:REXXsocketAPI Section12.3.ProblemdeterminationforATTLS
Section12.4.AdditionalinformationsourcesforATTLS Chapter13.Intrusiondetectionservices Section13.1.Whatisintrusiondetectionservices Section13.2.Basicconcepts Section13.3.HowIDSisimplemented Chapter14.IPdefensivefiltering Section14.1.Overviewofdefensivefiltering Section14.2.Basicconcepts Section14.3.Implementingdefensivefiltering Section14.4.Additionalinformation Chapter15.Policybasedrouting Section15.1.Policybasedroutingconcept Section15.2.Routingpolicy Section15.3.Implementingpolicybasedrouting Part:4Applicationbasedsecurity Chapter16.Telnetsecurity Section16.1.ConceptualoverviewofTN3270security Section16.2.TN3270nativeTLSconnectionsecurity Section16.3.BasicnativeTLSconfigurationexample Section16.4.TN3270withATTLSsecuritysupport Section16.5.BasicATTLSconfigurationexample Section16.6.ProblemdeterminationforTelnetserversecurity Section16.7.AdditionalinformationsourcesforTN3270ATTLSsupport Chapter17.SecureFileTransferProtocol Section17.1.ConceptualoverviewofFTPsecurity
Section17.2.FTPclientwithSOCKSproxyprotocol Section17.3.FTPwithnativeTLSsecuritysupport Section17.4.FTPwithATTLSsecuritysupport Section17.5.Backingupthebackingstorefileandpolicies Section17.6.MigratingfromnativeFTPTLStoFTPATTLS Section17.7.FTPTLSandATTLSproblemdetermination Section17.8.Additionalinformation Part:5Appendixes AppendixA:Basiccryptography Cryptographybackground Potentialproblemswithelectronicmessageexchange Secretkeycryptography Publickeycryptography Performanceissuesofcryptosystems Messageintegrity AppendixB:Telnetsecurityadvancedsettings AdvancednativeTLSconfiguration AdvancedATTLSconfigurationusingclientIDgroups AppendixC:ConfiguringIPSecbetweenz/OSandWindows IPSecbetweenz/OSandWindows:PresharedKeyMode IPSecbetweenz/OSandWindows:RSAmode SetupaWindowsIPSecpolicyforRSAmode AppendixD:zIIPAssistedIPSec Background ConfiguringzIIPAssistedIPSEC
ExampleofzIIPAssistedIPSecimplementation AppendixE:AES256andtrustedTCPconnections AEScryptographicsupportforintegratedIPSec/VPN TrustedTCPconnections AppendixF:z/OSCommunicationsServerIPSecRFCcurrency AppendixG:Ourimplementationenvironment Theenvironmentusedforallfourbooks Relatedpublications IBMRedbookspublications Otherpublications Onlineresources HowtogetIBMRedbookspublications HelpfromIBM
More for Less: Security Operations CentersImproving Resiliency while Simultaneously Reducing Cost
By: The Bellwether Group Publisher: FT Press Pub. Date: July 27, 2011 Print ISBN-10: 0-13-277969-2 Print ISBN-13: 978-0-13-277969-2 Web ISBN-10: 0-13-277972-2 Web ISBN-13: 978-0-13-277972-2 Pages in Print Edition: 15
Introduction KeySecurityChallengesFacingCompaniesToday WhatIsaGSOC? MainBenefitsofGSOCs AttributesofanEffectiveGSOC ManaginganEffectiveGSOC ManagingSecurityProactively EstablishingaGSOC GSOC2.0FusionCenter IntegrationwithOtherEmergencyResponseOperations GSOCTrendsintheMarketToday Conclusion
CMS Security Handbook: The Comprehensive Guide for WordPress, Joomla!, Drupal, and Plone
By: Tom Canavan Publisher: John Wiley & Sons Pub. Date: April 26, 2011 Print ISBN: 978-0-470-91621-6 Web ISBN: 0-470916-21-4 Pages in Print Edition: 432
CoverPage TitlePage Copyright Dedication Credits AbouttheAuthor AbouttheTechnicalEditor Acknowledgments Contents Introduction OverviewoftheBookandTechnology HowThisBookIsOrganized WhoShouldReadThisBook ToolsYouWillNeed Summary CHAPTER1:IntroductiontoCMSSecurityandOperations TargetAcquired
OperationalConsiderations LookingatYourSiteThroughtheEyesofaHacker StepstoGainingAccesstoYourSite ExamplesofThreats ReviewingYourPerimeter HowWillYouRespondtoanIncident? Summary CHAPTER2:ChoosingtheRightHostingCompany TypesofHostingAvailable SelectingtheRightHostingOption WhattoLookforinWebHostSecurity AcceptingCreditCardsonYourWebsite DomainNameSystemServers HostingYourOwnWebsiteServer Summary CHAPTER3:PreventingProblemsBeforeTheyStart ChoosinganAppropriateCMSforYourNeeds BuildingItBeforeYouBuildIt PerformingCMSInstallations AdvancedSecurityAfterInstallation CleanupandVerificationBeforeGoingLive Summary CHAPTER4:BaseliningYourExistingWebsite StartingYourBaseline IdentifyingAreasofTrouble
UncoveringHiddenDangersThroughVulnerabilityScanning RemediatingProblems Summary CHAPTER5:HardeningtheServerAgainstAttack EnsuringSecurePasswords SecurelyConfiguringtheLinuxOperatingSystem SecuringanApacheServer SecuringSNMP ConfiguringPHPforSecureOperation CheckingforOpenPorts SecuringFTPCommunicationsPorts SecuringSFTPCommunicationsPorts EnsuringSecureLogging UsingSSL MiscellaneousHardeningTasks PhysicallySecuringEquipment Summary CHAPTER6:EstablishingaWorkableDisasterRecoveryPlan UnderstandingSiteandSystemsDisasterPlanning IdentifyingaBasicBackupPolicy ServerSideBackupandRestorationMethods CMSBackupandRestorationMethods ConsiderationsforSettingUpAlternativeWebHosts AdditionalConsiderations Summary
CHAPTER7:PatchingProcess UnderstandingthePatchingProcess UnderstandingtheNeedforthePatchingProcess OrganizationalRequirements SecurityMetrics MonitoringforNewVulnerabilities TestingforDeployment DeployingaPatchorFix DocumentingYourPatches PatchingafteraSecurityBreach PatchingaCMS Summary CHAPTER8:LogReview UnderstandingtheNeedtoRetainLogs PlanningforYourLogs UsingStandardLogFiles UsingToolstoAssistinLogAnalysis UsingLogRotation Summary CHAPTER9:HackRecovery ActivatingYourDisasterRecoveryPlan ToolsforSuccessfulRecovery CollectingtheInformation ProceduresforContainment CrisisCommunicationtotheUserCommunity
ReportingAttack(s)totheISPofOrigin Summary CHAPTER10:WirelessNetworks DeterminingtheBusinessNeedforWirelessNetworks UnderstandingThreatstoYourWirelessSecurity SecuringtheDataintheAir EmployingAdequateCountermeasures BluetoothSecurityConsiderations Summary CHAPTER11:InformationSecurityPolicyandAwareness EstablishinganInformationSecurityPolicy SocialEngineering Summary APPENDIXA:SecurityTools,PortVulnerabilities,andApacheTips SecurityTools BackdoorIntruders ApacheStatusCodes .htaccesssettings APPENDIXB:AcronymsandTerminology
Information Assurance and Security Technologies for Risk Assessment and Threat Management
By: Te-Shun Chou Publisher: IGI Global Pub. Date: December 31, 2011 Print Isbn-10: 1-61350-507-8 Print Isbn-13: 978-1-61350-507-6 Web Isbn-10: 1-61350-508-6 Web Isbn-13: 978-1-61350-508-3 Pages in Print Edition: 371
TitlePage CopyrightPage EditorialAdvisoryBoard ListOfReviewers Foreword Preface Acknowledgment Section1:AttacksAndVulnerabilities Chapter1:AttacksOnItSystems Abstract Introduction Outlook Chapter2:WirelessSecurity Abstract Introduction
ABriefHistoryOfWirelessTechnologies WirelessThreatAnalysis WirelessLocalAreaNetwork(Wlan) WirelessPersonalAreaNetwork(Wpan) SecurityCountermeasuresAgainstBluetoothThreats Conclusion Section2:SecurityTechnologies Chapter3:Analysis,DevelopmentAndDeploymentOfStatisticalAnomalyDetectionTechniquesFor RealEMailTraffic Abstract Introduction RelatedWork MonitoringOfEMailTraffic TheBaselineAnalysisMethod ConclusionAndFutureWork Chapter4:ForensicsChallengesForMobilePhoneSecurity Abstract Introduction Background FutureResearchDirections Conclusion Chapter5:ApplyingContinuousAuthenticationToProtectElectronicTransactions Abstract Introduction TrustInElectronicCommunicationsSystems BriefRevisionAboutConventionalAuthenticationModels
ContinuousAuthentication(Ca)Concepts Biometrics OtherFormsOfContinuousAuthentication Conclusion Chapter6:IdentityBasedCryptography Abstract Background IdentityBasedCrytography(Ibc) ExistingSolutionsForIbcSecurityVulnerabilities Conclusion Chapter7:AudioVisualSystemForLargeScalePeopleAuthenticationAndRecognitionOverInternet Protocol(Ip) Abstract Introduction Background FrontEndProcessingForAudioVisualRecognition TrainingArchitectureForLargeScalePeopleRecognition SimulationResultsAndDiscussion Conclusion Chapter8:Firewall Abstract Introduction TypeOfFirewalls FirewallArchitecture FirewallImplementationConsiderations Conclusion
Section3:RiskAssessmentAndManagement Chapter9:RiskAssessmentAndRealTimeVulnerabilityIdentificationInItEnvironments Abstract Introduction RelatedWorks MainFocusOfTheChapter RiskStructures,AttacksAndVulnerabilities RiskAnalysisMethodsAndFrameworks ManagementOfResources FutureResearchDirections Conclusion Chapter10:ChallengesToManagingPrivacyImpactAssessmentOfPersonallyIdentifiableData Abstract Introduction PrivacyImpactAssessment PrivacyImpactSuitabilityAssessment(Pisa)Framework PrivacyScreeningFramework(Psf) FutureResearchDirections Conclusion Chapter11:CombiningSecurityAndPrivacyInRequirementsEngineering Abstract Introduction Background SquareForPrivacy CombiningSecurityAndPrivacyRiskAssessmentTechniques
PrivacyRequirementsElicitationTechniques ConclusionAndFutureResearchDirections Section4:StrategicPlanningOfInformationSecurity Chapter12:RegulatoryAndPolicyComplianceWithRegardToIdentityTheftPrevention,Detection,And Response Abstract Introduction Background RegulatoryCompliance PoliciesForPreventingIdentityTheft PoliciesForRespondingToIdentityTheft PolicyCompliance Auditing Conclusion
Network Intrusion Prevention Design Guide: Using IBM Security Network IPS
By: Axel Buecker; Matthew Dobbs; Dr. Werner Filip; Craig Finley; Vladimir Jeremic; Alisson Quesada; Karl Sigler; Mario Swainson; Joris van Herzele Publisher: IBM Redbooks Pub. Date: December 02, 2011 Part Number: SG24-7979-00 Print ISBN-10: 0-7384-3621-6 Print ISBN-13: 978-0-7384-3621-0 Pages in Print Edition: 278
Notices Trademarks Preface Theteamwhowrotethisbook Nowyoucanbecomeapublishedauthor,too! Commentswelcome StayconnectedtoIBMRedbooks Part:1Architectureanddesign Chapter1.Businesscontextforthreatandvulnerabilitymanagement Section1.1.Driversthatinfluencesecurity Section1.2.IBMSecurityFramework Section1.3.IBMSecurityBlueprint Section1.4.Threatandvulnerabilitymanagement Section1.5.Conclusion Chapter2.IntroducingtheIBMSecurityNetworkIPSsolution
Section2.1.Intrusionprevention Section2.2.Physicalandvirtualappliances Section2.3.IBMSecurityNetworkIPSfunctionality Section2.4.Enforcingintrusionpreventionpolicies Section2.5.CentralizedmanagementinIBMSecuritySiteProtector Section2.6.Conclusion Chapter3.IBMSecurityNetworkIPSarchitecture Section3.1.Softwarecomponentsandlogicaldesign Section3.2.Hardwarearchitecture Section3.3.ProtocolAnalysisModule Section3.4.Highavailability Section3.5.Filesystemarchitecture Section3.6.Defaultusers Section3.7.Conclusion Chapter4.IBMSecurityNetworkIPSsolutiondesignandmanagement Section4.1.Deploymentlocations Section4.2.Scalingconsiderations Section4.3.Highavailabilityandexternalbypassoptions Section4.4.Setup,licensing,andupdatingbeforedeployment Section4.5.Tuningthepolicybeforemovingtoblockingmode Section4.6.Conclusion Part:2Customerscenario Chapter5.Overviewofscenario,requirements,andapproach Section5.1.Companyoverview Section5.2.Businessvision
Section5.3.Businessrequirements Section5.4.Functionalrequirements Section5.5.Designapproach Section5.6.Implementationapproach Section5.7.Conclusion Chapter6.Phase1:DesignandimplementationofIBMSecurityNetworkIPS Section6.1.Design Section6.2.Implementation Section6.3.Conclusion Chapter7.Phase2:PolicytuningforIBMSecurityNetworkIPS Section7.1.Policytuningobjectives Section7.2.OverviewoftheIBMSecurityNetworkIPSpolicy Section7.3.Falsepositivesversusfalsealarms Section7.4.Falsenegatives Section7.5.Modifyingdefaultsettings Section7.6.Conclusion AppendixA:Troubleshooting Locationoflogsandsystemmessages Definitionsforhealthandsystemmessages SiteProtectorcommunication Identifyingpacketloss Conclusion Relatedpublications IBMRedbooks Onlineresources
HelpfromIBM
Set Up Security and Integration with the DataPower XI50z for zEnterprise
By: Rufus Credle; Libor Cada; Karan Punwani; Noriyuki Samejima; Pradeep Thomas; Corrado Troncone Publisher: IBM Redbooks Pub. Date: December 20, 2011 Part Number: SG24-7988-00 Print ISBN-10: 0-7384-3634-8 Print ISBN-13: 978-0-7384-3634-0 Pages in Print Edition: 172
Notices Trademarks Preface Theteamwhowrotethisbook Nowyoucanbecomeapublishedauthor,too! Commentswelcome StayconnectedtoIBMRedbooks Chapter1.GettingstartedwiththeXI50z Section1.1.zEnterpriseensemble Section1.2.Ensemblenetworking Section1.3.Ensembleplanning Section1.4.Initialsetup Chapter2.Security Section2.1.SecurityconceptsfortheXI50z Section2.2.TheXI50zAAAframework Section2.3.zEnterprisesecurity
Section2.4.TheXI50zRBMsettings:EnablingRACFuserstousethemanagementGUI Section2.5.SAFauthenticationandauthorizationdetails Section2.6.IdentitypropagationusingICRXtokensforCICSWS Section2.7.SecuringkeysandcertificatesonzEnterprise Chapter3.Integrationusecases Section3.1.XI50zconnectingtoandusingWMQ Section3.2.ConnectingwithCICS Section3.3.ConnectingwithIMS Section3.4.ConnectingwithDB2onz/OS Relatedpublications IBMRedbooks Onlineresources HelpfromIBM
DatabaseEncryption EncryptingDatawithinTables EncryptingDataatRest EncryptingDataontheWire EncryptingDatawithMPIODrivers EncryptingDataviaHBAs Summary References Chapter3SQLPasswordSecurity SQLServerPasswordSecurity StrongPasswords EncryptingClientConnectionStrings ApplicationRoles UsingWindowsDomainPoliciestoEnforcePasswordLength Summary References Chapter4SecuringtheInstance WhattoInstall,andWhen? SQLAuthenticationandWindowsAuthentication PasswordChangePolicies AuditingFailedLogins RenamingtheSAAccount DisablingtheSAAccount SecuringEndpoints StoredProceduresasaSecurityMeasure
MinimumPermissionsPossible LinkedServers UsingPoliciestoSecureYourInstance SQLAzureSpecificSettings InstancesThatLeavetheOffice Summary Chapter5AdditionalSecurityforanInternetFacingSQLServerandApplication SQLCLR ExtendedStoredProcedures ProtectingYourConnectionStrings DatabaseFirewalls ClearVirtualMemoryPagefile UserAccessControl(UAC) OtherDomainPoliciestoAdjust ReportingServices Summary Chapter6SQLInjectionAttacks WhatIsanSQLInjectionAttack? WhyAreSQLInjectionAttacksSoSuccessful? HowtoProtectYourselffromanSQLInjectionAttack CleaningUptheDatabaseAfteranSQLInjectionAttack Summary References Chapter7DatabaseBackupSecurity OverwritingBackups
MediaSetandBackupSetPasswords BackupEncryption TransparentDataEncryption CompressionandEncryption OffsiteBackups Summary References Chapter8AuditingforSecurity LoginAuditing DataModificationAuditing DataQueryingAuditing SchemaChangeAuditing UsingPolicyBasedManagementtoEnsurePolicyCompliance C2Auditing CommonCriteriaCompliance Summary References Chapter9ServerRights OSRightsNeededbytheSQLServerService OSRightsNeededbytheDBA OSRightsNeededtoInstallServicePacks OSRightsNeededtoAccessSSISRemotely ConsoleAppsMustDie DefaultSysadminRights Vendor'sandtheSysadminFixedServerRole
DETERMININGTHESECURITYRISK PERSONALRESPONSIBILITY 5DELIVERINGSECURITYONEMPLOYEESPERSONALLAPTOPS BENEFITSOFBRINGYOUROWN SECURITYDRAWBACKS PLUGINSECURITY VIRTUALWORKSPACES ASSESSINGTHEBENEFITS NOTES 6SAFETYTRAININGFORTHEWORKFORCE HOWBIGISTHEICEBERG? ITSASIFNOONECARES THETIMEHASCOMEFORACTION 7CEOsINTHEDOCK SMARTPHONESAREMINICOMPUTERS SENIORMANAGERSAREPERSONALLYLIABLE TAKINGSECURITYMEASURES AREBUSINESSPEOPLEBREAKINGTHELAW? 8STOPPINGTHEMOBILEBOTTHREAT LACKOFSECURITY MALWARELAUNCHPAD BLENDEDTHREATS 9PASSWORDSECURITY ENFORCINGSTRONGERPASSWORDPOLICIES PASSWORDSECURITYDOESNOTHAVETOBEAPAIN
HIGHERRISKGROUPS TYPESOFATTACKS 10ENCRYPTIONISSOMETIMESNOTENOUGH RISKRISKTRADEOFFS THEEFFECTSOFENCRYPTION NOTES 11NFC:ANOTHERONEFORTHEACRONYMSOUP 12NETWORKSECURITYWHENGOINGMOBILE NAC=RIPANDREPLACE NAC=ANOTHERBRICKINTHEWALL NAC=THESECURITYORCHESTRATOR 13IMPROVINGYOURNETWORKANDAPPLICATIONASSURANCESTRATEGY THE0DAYMENACE TIEREDAPPROACH NOTES 14MOBILERULESFORSECURITYOFFICERS:ACASESTUDY MOBILERULES USEFULLINKS RESEARCHANDARTICLES ORGANISATIONS BLOGS OTHER
Step1:ClarifytheGoals,Roles,andAccountabilities Step3:IdentifyWorkDutiesandTechnicalCompetencies Step4:PinpointPossessorsofSpecializedKnowledge Step6:AlignStrategicPlanswithFutureTalentNeeds Step7:Recruit,Develop,andRetainPeoplewithSpecialKnowledge Step9:EvaluatetheContinuingResults ChapterSummary 2.ConceptualizingtheIssuesinTechnicalTalentManagement EffectiveTechnicalTalentManagementPrograms Characteristic1:TopManagersSupporttheProgram Characteristic2:TopManagersDevoteResourcestotheProgram Characteristic3:ThereIsRecognitionoftheDifferenceBetweenTechnical/ProfessionalWorkersand Management Characteristic4:ThereisRecognitionoftheDifferenceBetweenPotentialandExpertise Characteristic6:TTMIsBasedonKnowledgeofCriticalBusinessValue CommonMistakesandMisstepstoAvoid Problem1:ConfusionAbouttheProgram Problem3:UnrealisticSenseofUrgency VariationsonProgramImplementation ChapterSummary 3.RecruitingandSelectingTechnicalandProfessionalWorkers ARecruitmentStrategy APowerfulEmploymentBrand ResearchingtheOrganization'sEmploymentBrand Externalvs.InternalEmploymentBrands RecruitmentandSelectionProcessesforTechnical/ProfessionalWorkers
WhatIsSpecialAboutTechnical/ProfessionalWorkers? CreativeApproachesforRecruitingProfessionalWorkers SelectingtheBestTechnical/ProfessionalWorkers OnboardingtheTechnicalandProfessionalWorkers RecruitingandSelectingWorkerstoReplaceKnowledge ChapterSummary 4.DevelopingTechnicalandProfessionalWorkers TheUniqueChallenges LaunchinganEmployeeDevelopmentProgram TheTechnicalCompetencyModels ImplementingandEvaluatingaDevelopmentPlan ActionLearning BestPracticesinDevelopingTechnical/ProfessionalWorkers UsingTechnicalCoaches UsingDevelopmentEffortstoPassonKnowledge ChapterSummary 5.RetainingTechnicalandProfessionalWorkers RetainingYourTechnicalandProfessionalWorkers TheCareerLadderasaRetentionTool TheTypesofCareerLadders DualCareerLadders DualCareerLadders,inPracticeandTheory TheAdvantagesandDisadvantagesofDualLadders ChapterSummary 6.ManagingandEngagingTechnicalandProfessionalWorkers
TheUniqueChallenges Challenge1:ChoosingtheLeadersofTechnical/ProfessionalWorkers Challenge2:TrainingandDevelopingManagersofTechnical/ProfessionalWorkers LeadershipCompetenciesforManagingTechnical/ProfessionalWorkers EngagingYourTechnicalandProfessionalWorkers TheCharacteristicsofEngagement TheConstructionofanEngagementCulture IntegratingInnovationandEngagement ATacticalModeltoBuildTechnicalTalent ChapterSummary 7.TransferringValuableKnowledge:TheoryandModels WhyKnowledgeTransferIsImportant AModelforTechnicalSuccessionPlanning BarrierstoOvercomeinKnowledgeTransfer ChapterSummary 8.TransferringValuableKnowledge:PracticalStrategies ElegantlySimplebutEffective JobShadowing CommunitiesofPractice CriticalIncidentInterviewsorQuestionnaires Storyboards Storytelling BestPracticeStudiesorMeetings AfterActionMeetings Wikipedia
SocialNetworkingandChatRooms WorldCafPrograms ExpertSystems OtherStrategies ChapterSummary 9.TacklingFutureChallenges TheFutureofTTMSomePredictions HiProsWillBecomeIncreasinglyImportantfortheOrganization'sCompetitiveness OrganizationsWillFocusonQuantityandQualityofTechnical/ProfessionalSupport TechnicalandProfessionalCompetenceWillRequireCustomization RapidlyFindingSpecializedTalentWillGrowIncreasinglyImportant CreativeApproachestoHRWillBeUsedMoreOften TheSocializationofProspectiveandNewRecruitsWillRequireMoreAttention TalentManagementWillAccommodateSpecialNeedsandStatus InnovatorsandThoseWhoInspireOthersWillBeinGreatestDemand EffectiveInterpersonalSkillsWillBeCritical HiProsWillServeasMentors Technical/ProfessionalWorkersWillFeelMoreLoyaltytoTheirFieldThantoEmployers PerformanceManagementWillFocusonLongTermContributions RewardSystemsWillBeBasedonResults,Behaviors,andEthics SelectionSystemsWillFavorUniqueGiftsorTalents KnowledgeTransferWillBeEssentialforGoodManagement OrganizationsWillBeatHighRiskWhenTheyLoseValuableEmployees ChapterSummary AppendixI:CasesinTechnicalandProfessionalTalentManagement
CASESTUDY1:StoppingBrainDrain CASESTUDY2:BuildingaTalentPipeline LimitedTalentSupply EnablingEvent HumanCapitalManagement RapidIdeaGeneration SubstantialResults CASESTUDY3:TheUtilityLeadersoftheFuture RecruitingToday'sTalent GroomingGenerationY TrainingandRetainingToday'sTalent AppendixII:AnInstrumentforMeasuringtheStrategicFrameworkforaTechnicalandProfessional TalentManagementProgram AppendixIII:AnInstrumentforMeasuringTechnicalandProfessionalTalentManagementasEnactedon aDaily(Tactical)Basis
Section2.4.Statementsofintegrity Section2.5.Certification Section2.6.Trustedprograms Section2.7.Interoperability Part:2Technicalview Chapter3.z/Architecture:hardwareandz/OSconcepts Section3.1.Systemcomponents Section3.2.z/OSstorageconcepts Chapter4.Virtualization Section4.1.SystemzvirtualizationsecurityandIBMSecurityBlueprint Section4.2.Introductiontovirtualization Section4.3.Overview Section4.4.IntroductiontovirtualizationinSystemz:PR/SMandz/VM Section4.5.SystemzProcessorResource/SystemsManager(PR/SM) Section4.6.Reconfigurationoflogicalpartitions Section4.7.MoreonPR/SMlogicalpartitioningandI/Oconfiguration Section4.8.Afewmorewordsonlogicalpartitionsandcryptographiccoprocessors Section4.9.MoreonPR/SMsecurity:thecertificationproofpoints Chapter5.z/VMSecurity Section5.1.z/VMandtheIBMSecurityBlueprint Section5.2.Introductiontoz/VMvirtualization Section5.3.z/VMsecurityfeatures Section5.4.Additionalfeatures Section5.5.z/VMvirtualnetworking Section5.6.z/VMcertification
Section5.7.Referencedmaterial Chapter6.Otheroperatingsystems Section6.1.z/VSEandsecurity Section6.2.z/TPFandsecurity Section6.3.Referencedmaterial Chapter7.z/OSSecurity Section7.1.z/OSandtheIBMSecurityBlueprint Section7.2.Theheartofz/OS Section7.3.SystemAuthorisationFacility(SAF) Section7.4.z/OSsecurityserver:RACF Section7.5.z/OSoperatingsystemcomponents Section7.6.Otherz/OScomponents Section7.7.Certification Chapter8.HostingthebuildingblocksofIBMSecurityFrameworkinz/OS Section8.1.Complementingz/OSRACF Section8.2.Javaandz/OSSecurityservices Section8.3.WebSphereApplicationServerandz/OS Section8.4.TheIBMTivoliSecurityportfolio Chapter9.Securityexploiters Section9.1.DB2 Section9.2.CICSTS Section9.3.IMS Section9.4.WebSphereMQ Chapter10.Solutionpatternexample Relatedpublications
Chapter2.FirewallFundamentals WhatIsaFirewall? WhyDoYouNeedaFirewall? WhatAreZonesofRisk? HowFirewallsWorkandWhatFirewallsDo TCP/IPBasics TypesofFirewalls IngressandEgressFiltering TypesofFiltering SoftwareVersusHardwareFirewalls DualHomedandTripleHomedFirewalls PlacementofFirewalls CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER2ASSESSMENT Chapter3.VPNFundamentals WhatIsaVPN? WhatAretheBenefitsofDeployingaVPN? WhatAretheLimitationsofaVPN? TheRelationshipBetweenEncryptionandVPNs WhatIsVPNAuthentication? VPNAuthorization CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER3ASSESSMENT
Chapter4.NetworkSecurityThreatsandIssues HackerMotivation FavoriteTargetsofHackers ThreatsfromInternalPersonnelandExternalEntities CommonITInfrastructureThreats MaliciousCode(Malware) FastGrowthandOveruse WirelessVersusWired Eavesdropping ReplayAttacks InsertionAttacks FragmentationAttacks,BufferOverflows,andXSSAttacks ManintheMiddle,SessionHijacking,andSpoofingAttacks CovertChannels NetworkandResourceAvailabilityThreats DenialofService(DoS) DistributedDenialofService(DDoS) HackerTools SocialEngineering CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER4ASSESSMENT PartTWO:TechnicalOverviewofNetworkSecurity,Firewalls,andVPNs Chapter5.NetworkSecurityImplementation SevenDomainsofaTypicalITInfrastructure
NetworkDesignandDefenseinDepth ProtocolsandTopologies CommonTypesofAddressing ControllingCommunicationPathways HardeningSystems EquipmentSelection Authentication,Authorization,andAccounting CommunicationEncryption Hosts:LocalOnlyorRemoteandMobile Redundancy NodeSecurity CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER5ASSESSMENT Chapter6.NetworkSecurityManagement NetworkSecurityManagementBestPractices FailSecure,FailOpen,FailCloseOptions PhysicalSecurity WatchingforCompromise IncidentResponse TrappingIntrudersandViolators WhyContainmentIsImportant ImposingCompartmentalization UsingHoneypots,Honeynets,andPaddedCells EssentialHostSecurityControls
BackupandRecovery UserTrainingandAwareness NetworkSecurityManagementTools SecurityChecklist NetworkSecurityTroubleshooting ComplianceAuditing SecurityAssessment ConfigurationScans VulnerabilityScanning PenetrationTesting PostMortemAssessmentReview CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER6ASSESSMENT Chapter7.ExploringtheDepthsofFirewalls FirewallRules AuthenticationandAuthorization MonitoringandLogging UnderstandingandInterpretingFirewallLogsandAlerts IntrusionDetection LimitationsofFirewalls ImprovingPerformance TheDownsideofEncryptionwithFirewalls FirewallEnhancements ManagementInterfaces
CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER7ASSESSMENT Chapter8.FirewallDeploymentConsiderations WhatShouldYouAllowandWhatShouldYouBlock? CommonSecurityStrategiesforFirewallDeployments EssentialElementsofaFirewallPolicy SoftwareandHardwareOptionsforFirewalls BenefitandPurposeofReverseProxy UseandBenefitofPortForwarding ConsiderationsforSelectingaBastionHostOS ConstructingandOrderingFirewallRules EvaluatingNeedsandSolutionsinDesigningSecurity WhatHappensWhenSecurityGetsintheWayofDoingBusiness? CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER8ASSESSMENT Chapter9.FirewallManagementandSecurityConcerns BestPracticesforFirewallManagement SecurityMeasuresinAdditiontoaFirewall SelectingtheRightFirewallforYourNeeds TheDifferenceBetweenBuyingandBuildingaFirewall MitigatingFirewallThreatsandExploits ConcernsRelatedtoTunnelingThroughorAcrossaFirewall TestingFirewallSecurity
ImportantToolsforManagingandMonitoringaFirewall TroubleshootingFirewalls ProperFirewallImplementationProcedure RespondingtoIncidents CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER9ASSESSMENT Chapter10.UsingCommonFirewalls IndividualandSmallOffice/HomeOffice(SOHO)FirewallOptions UsesforaHostSoftwareFirewall UsingWindows7'sHostSoftwareFirewall UsingaLinuxHostSoftwareFirewall ManagingtheFirewallonanISPConnectionDevice CommercialSoftwareNetworkFirewalls OpenSourceSoftwareNetworkFirewalls ApplianceFirewalls VirtualFirewalls SimpleFirewallTechniques CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER10ASSESSMENT Chapter11.VPNManagement VPNManagementBestPractices DevelopingaVPNPolicy DevelopingaVPNDeploymentPlan
VPNThreatsandExploits CommercialorOpenSourceVPNs DifferencesBetweenPersonalandNetworkVPNs BalancingAnonymityandPrivacy ProtectingVPNSecuritytoSupportAvailability TheImportanceofUserTraining VPNTroubleshooting CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER11ASSESSMENT Chapter12.VPNTechnologies DifferencesBetweenSoftwareandHardwareSolutions DifferencesBetweenLayer2andLayer3VPNs InternetProtocolSecurity(IPSec) Layer2TunnelingProtocol(L2TP) SecureSocketsLayer(SSL)/TransportLayerSecurity(TLS) SecureShell(SSH)Protocol EstablishingPerformanceandStabilityforVPNs UsingVPNswithNetworkAddressTranslation(NAT) TypesofVirtualization DifferencesBetweenInternetProtocol(IP)Version4andInternetProtocol(IP)Version6 CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER12ASSESSMENT PartTHREE:Implementation,Resources,andtheFuture
Chapter13.FirewallImplementation Constructing,Configuring,andManagingaFirewall SmoothWall ExaminingYourNetworkandItsSecurityNeeds HardwareRequirementsforSmoothWall PlanningaFirewallImplementationwithSmoothWall InstallingaFirewallwithSmoothWall ConfiguringaFirewallwithSmoothWall ElementsofFirewallDeployment PerformingTestingwithSmoothWall FirewallTroubleshooting AdditionalSmoothWallFeatures FirewallImplementationBestPractices CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER13ASSESSMENT Chapter14.RealWorldVPNs OperatingSystemBasedVPNs VPNAppliances RemoteDesktopProtocol UsingRemoteControlTools PerformingRemoteAccess TerminalServices MicrosoftDirectAccess DMZ,Extranet,andIntranetVPNSolutions
InternetCafVPNs OnlineRemoteVPNOptions TheTorApplication PlanningaVPNImplementation VPNImplementationBestPractices CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER14ASSESSMENT Chapter15.Perspectives,ResourcesandtheFuture WhattheFutureHoldsforNetworkSecurity,Firewalls,andVPNs ResourcesSitesforNetworkSecurity,Firewalls,andVPNs ToolsforNetworkSecurity,Firewalls,andVPNs TheImpactofUbiquitousWirelessConnectivity PotentialUsesofSecurityTechnologies SpecializedFirewallsAvailable EffectofHoneypots,Honeynets,andPaddedCells EmergingNetworkSecurityTechnologies CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER15ASSESSMENT AppendixA.AnswerKey AppendixB.StandardAcronyms
DefineConstituency EnsureUpperManagementSupport SecureFundingandFundingModels Central,Distributed,andVirtualTeams DevelopingPoliciesandProcedures Summary References Chapter3.OperatinganIRT TeamSizeandWorkingHours NewTeamMemberProfile AdvertisingtheIRTsExistence AcknowledgingIncomingMessages CooperationwithInternalGroups BePrepared! MeasureofSuccess Summary References Chapter4.DealingwithanAttack AssigninganIncidentOwner LawEnforcementInvolvement AssessingtheIncidentsSeverity AssessingtheScope SolvingtheProblem InvolvingOtherIncidentResponseTeams InvolvingPublicRelations
PostMortemAnalysis Summary References Chapter5.IncidentCoordination MultipleSitesCompromisedfromYourSite HowtoContactSomebodyFarAway WorkingwithDifferentTeams KeepingTrackofIncidentInformation ProductVulnerabilities ExchangingIncidentInformation Summary References Chapter6.GettingtoKnowYourPeers:TeamsandOrganizationsAroundtheWorld FIRST APCERT TFCSIRT BARF InfraGard ISAC NSPSecurityForum OtherForumsandOrganizationsofImportance Summary References PartII:ProductSecurity Chapter7.ProductSecurityVulnerabilities
DefinitionofSecurityVulnerability SevereandMinorVulnerabilities FixingTheoreticalVulnerabilities,orDoWeNeedanExploit? InternallyVersusExternallyFoundVulnerabilities AreVendorsSlowtoProduceRemedies? ReasonsForandAgainstApplyingaRemedy QuestionofAppliances Summary References Chapter8.CreatingaProductSecurityTeam WhyMustaVendorHaveaProductSecurityTeam? PlacementofaPST ProductSecurityTeamRolesandtheTeamSize VirtualTeamorNot? Summary References Chapter9.OperatingaProductSecurityTeam WorkingHours SupportingTechnicalFacilities ThirdPartyComponents Summary References Chapter10.ActorsinVulnerabilityHandling Researchers Vendors
Coordinators Users InteractionAmongActors Summary References Chapter11.SecurityVulnerabilityHandlingbyVendors KnownUnknowns StepsinHandlingVulnerability DiscoveryoftheVulnerability InitialTriage Reproduction DetailedEvaluation RemedyProduction RemedyDistributionandNotification MonitoringtheSituation Summary References Chapter12.SecurityVulnerabilityNotification TypesofNotification WhentoDiscloseVulnerability AmountofInformationintheNotice DisclosingInternallyFoundVulnerabilities PublicVersusSelectedRecipients VulnerabilityPredisclosure ScheduledVersusAdHocNotificationPublication
VulnerabilityGrouping NotificationFormat PushorPull InternalNotificationReview NotificationMaintenance AccesstotheNotifications Summary References Chapter13.VulnerabilityCoordination WhyCooperateandHowtoDealwithCompetitors WhoShouldBeaCoordinator? HowtoCoordinateVendorsonaGlobalScale Summary References Chapter14.MonocultureandProductSecurity TheOriginalMonocultureArgument SoftwareDevelopmentTheGoryDetails WhyDontWeSeeMoreProblems? WhereDoesThisLeaveUs? Summary
Chapter2.BusinessDriversforInformationSecurityPolicies WhyAreBusinessDriversImportant? MaintainingCompliance MitigatingRiskExposure MinimizingLiabilityoftheOrganization ImplementingPoliciestoDriveOperationalConsistency CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER2ASSESSMENT ENDNOTES Chapter3.U.S.ComplianceLawsandInformationSecurityPolicyRequirements U.S.ComplianceLaws WhomDotheLawsProtect? WhichLawsRequireProperSecurityControlsIncludingPolicies? AligningSecurityPoliciesandControlswithRegulations IndustryLeadingPracticesandSelfRegulation SomeImportantIndustryStandards CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER3ASSESSMENT ENDNOTES Chapter4.BusinessChallengesWithintheSevenDomainsofITResponsibility TheSevenDomainsofaTypicalITInfrastructure InformationSecurityBusinessChallengesandSecurityPoliciesThatMitigateRiskWithintheSeven Domains CHAPTERSUMMARY
KEYCONCEPTSANDTERMS CHAPTER4ASSESSMENT Chapter5.InformationSecurityPolicyImplementationIssues HumanNatureintheWorkplace OrganizationalStructure TheChallengeofUserApathy TheImportanceofExecutiveManagementSupport TheRoleofHumanResources PolicyRoles,Responsibilities,andAccountability WhenPolicyFulfillmentIsNotPartofJobDescriptions ImpactonEntrepreneurialProductivityandEfficiency TyingSecurityPolicytoPerformanceandAccountability SuccessIsDependentUponProperInterpretationandEnforcement CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER5ASSESSMENT ENDNOTE PartTWO:TypesofPoliciesandAppropriateFrameworks Chapter6.ITSecurityPolicyFrameworks WhatIsanITPolicyFramework? WhatIsaProgramFrameworkPolicyorCharter? BusinessConsiderationsfortheFramework InformationAssuranceConsiderations InformationSystemsSecurityConsiderations BestPracticesforITSecurityPolicyFrameworkCreation
CaseStudiesinPolicyFrameworkDevelopment CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER6ASSESSMENT Chapter7.HowtoDesign,Organize,Implement,andMaintainITSecurityPolicies PoliciesandStandardsDesignConsiderations DocumentOrganizationConsiderations ConsiderationsForImplementingPoliciesandStandards PolicyChangeControlBoard MaintainingYourPoliciesandStandardsLibrary BestPracticesforPoliciesandStandardsMaintenance CaseStudiesandExamplesofDesigning,Organizing,Implementing,andMaintainingITSecurityPolicies CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER7ASSESSMENT Chapter8.ITSecurityPolicyFrameworkApproaches ITSecurityPolicyFrameworkApproaches Roles,Responsibilities,andAccountabilityforPersonnel SeparationofDuties GovernanceandCompliance BestPracticesforITSecurityPolicyFrameworkApproaches CaseStudiesandExamplesofITSecurityPolicyFrameworkApproaches CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER8ASSESSMENT
ENDNOTE Chapter9.UserDomainPolicies TheWeakestLinkintheInformationSecurityChain SixTypesofUsers WhyGovernUserswithPolicies? AcceptableUsePolicy(AUP) ThePrivilegedLevelAccessAgreement(PAA) SecurityAwarenessPolicy(SAP) BestPracticesforUserDomainPolicies CaseStudiesandExamplesofUserDomainPolicies CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER9ASSESSMENT Chapter10.ITInfrastructureSecurityPolicies AnatomyofanInfrastructurePolicy WorkstationDomainPolicies LANDomainPolicies LANtoWANDomainPolicies WANDomainPolicies RemoteAccessDomainPolicies System/ApplicationDomainPolicies TelecommunicationsPolicies BestPracticesforITInfrastructureSecurityPolicies CaseStudiesandExamplesofITInfrastructureSecurityPolicies CHAPTERSUMMARY
KEYCONCEPTSANDTERMS CHAPTER10ASSESSMENT Chapter11.DataClassificationandHandlingPoliciesandRiskManagementPolicies DataClassificationPolicies DataHandlingPolicies IdentifyBusinessRisksRelatedtoInformationSystems BusinessImpactAnalysis(BIA)Policies RiskAssessmentPolicies BusinessContinuityPlanning(BCP)Policies DisasterRecoveryPlan(DRP)Policies BestPracticesforRiskManagementPolicies CaseStudiesandExamplesofRiskManagementPolicies CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER11ASSESSMENT Chapter12.IncidentResponseTeam(IRT)Policies IncidentResponsePolicy IncidentClassification TheResponseTeamCharter IncidentResponseTeamMembers ResponsibilitiesDuringanIncident ProceduresforIncidentResponse BestPracticesforIncidentResponsePolicies CaseStudiesandExamplesofIncidentResponsePolicies CHAPTERSUMMARY
KEYCONCEPTSANDTERMS CHAPTER12ASSESSMENT PartTHREE:ImplementingandMaintaininganITSecurityPolicyFramework Chapter13.ITSecurityPolicyImplementations ImplementationIssuesforITSecurityPolicies SecurityAwarenessPolicyImplementations InformationDisseminationHowtoEducateEmployees OvercomingTechnicalHindrances OvercomingNontechnicalHindrances BestPracticesforITSecurityPolicyImplementations CaseStudiesandExamplesofSuccessfulITSecurityPolicyImplementations CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER13ASSESSMENT ENDNOTE Chapter14.ITSecurityPolicyEnforcement OrganizationalSupportforITSecurityPolicyEnforcement AnOrganization'sRighttoMonitorUserActionsandTraffic ComplianceLaw:RequirementorRiskManagement? WhatIsLawandWhatIsPolicy? WhatAutomatedSecurityControlsCanBeImplementedThroughPolicy? LegalImplicationsofITSecurityPolicyEnforcement WhoIsUltimatelyLiableforRisk,Threats,andVulnerabilities? BestPracticesforITSecurityPolicyEnforcement CaseStudiesandExamplesofSuccessfulITSecurityPolicyEnforcement
CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER14ASSESSMENT Chapter15.ITPolicyComplianceSystemsandEmergingTechnologies DefiningaBaselineDefinitionforInformationSystemsSecurity Tracking,Monitoring,andReportingITSecurityBaselineDefinitionandPolicyCompliance AutomatingITSecurityPolicyCompliance EmergingTechnologiesandSolutions BestPracticesforITSecurityPolicyComplianceMonitoring CaseStudiesandExamplesofSuccessfulITSecurityPolicyComplianceMonitoring CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER15ASSESSMENT AppendixA.AnswerKey AppendixB.StandardAcronyms
Conclusion Chapter3.ManagementTools ManagingYourESXiHostwiththevSphereClient ManagingYourHostswithvCenterServer GettingStartedwithPowerCLIandthevCLI ConfiguringandTroubleshootingESXiwiththeDCUI UsingThirdPartyProductstoManageYourHosts Conclusion Chapter4.InstallationOptions UsingESXiEmbedded ESXiInstallableMediaandBootOptions Conclusion Chapter5.MigratingfromESX Prerequisites UpgradingtovCenterServer4.1 UpgradingDatastoreandNetworkPermissions MigratingESXHosts UpgradingVirtualMachines Conclusion Chapter6.SystemMonitoringandManagement ConfiguringActiveDirectoryIntegration EnablingTimeSynchronizationandNTP RedirectingESXiLogstoaRemoteSyslogServer MonitoringESXiandvCenterServerwithSNMP MonitoringYourHostswithvCenterServer
IntegrationwithServerManagementSystems HostBackupandRecovery Conclusion Chapter7.SecuringESXi ESXiArchitectureandSecurityFeatures NetworkProtocolsandPortsforESXi ProtectingESXiandvCenterServerwithFirewalls UsingESXiLockdownMode ConfiguringUsersandPermissions SecuringVMwareESXiandvCenterServerwithSSLCertificates ConfiguringIPv6andIPSec SecuringNetworkStorage SecuringVirtualNetworking SecurityandClustering IsolatingVirtualMachineEnvironments Conclusion Chapter8.ScriptingandAutomationwiththevCLI InstallingthevCLIonLinuxandWindows InstallingandConfiguringthevMA RunningvCLICommands ConfiguringvMAComponents ManagingvSpherewiththevCLI ScriptingwiththevCLIandthevSphereSDKforPerl Conclusion Chapter9.ScriptingandAutomationwithPowerCLI
InstallingvSpherePowerCLI UnderstandingtheBasicsofPowerShellandPowerCLI UsingPowerShellDrives ManagingVirtualMachineswithPowerCLI ManagingESXiHostsandvCenterServerwithPowerCLI ExtendingPowerCLIwithOtherTools Conclusion Chapter10.PatchingandUpdatingESXi InstallingPatchesforESXi PatchingESXiwiththevCLICommandvihostupdate PatchingESXiwiththevCenterUpdateManager PatchingESXiwithPowerCLI Conclusion Chapter11.UndertheHoodwiththeESXiTechSupportMode AccessingTechSupportMode AuditingTechSupportMode ExploringtheFileSystem UnderstandingSystemBackupsandRestores TroubleshootingwithTechSupportMode Conclusion
WhatIsPrivacy? HowIsPrivacyDifferentfromInformationSecurity? WhatAretheSourcesofPrivacyLaw? WhatAreThreatstoPersonalDataPrivacyintheInformationAge? WhatIsWorkplacePrivacy? WhatAreGeneralPrinciplesforPrivacyProtectioninInformationSystems? CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER2ASSESSMENT ENDNOTES Chapter3.TheAmericanLegalSystem TheAmericanLegalSystem SourcesofLaw TypesofLaw TheRoleofPrecedent RegulatoryAuthorities WhatIstheDifferenceBetweenComplianceandAudit? HowDoSecurity,Privacy,andComplianceFitTogether? CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER3ASSESSMENT ENDNOTES PartTWO:LawsInfluencingInformationSecurity Chapter4.SecurityandPrivacyofConsumerFinancialInformation BusinessChallengesFacingFinancialInstitutions
TheDifferentTypesofFinancialInstitutions ConsumerFinancialInformation WhoRegulatesFinancialInstitutions? FederalFinancialInstitutionsExaminationCouncil(FFIEC) TheGrammLeachBlileyAct FederalTradeCommissionRedFlagsRule PaymentCardIndustryStandards CaseStudiesandExamples CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER4ASSESSMENT ENDNOTES Chapter5.SecurityandPrivacyofInformationBelongingtoChildrenandEducationalRecords ChallengesinProtectingChildrenontheInternet Children'sOnlinePrivacyProtectionAct Children'sInternetProtectionAct(CIPA) FamilyEducationalRightsandPrivacy CaseStudiesandExamples CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER5ASSESSMENT ENDNOTES Chapter6.SecurityandPrivacyofHealthInformation BusinessChallengesFacingtheHealthCareIndustry WhyIsHealthCareInformationSoSensitive?
TheHealthInsurancePortabilityandAccountabilityAct TheHITECHAct TheRoleofStateLawsProtectingMedicalRecords CaseStudiesandExamples CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER6ASSESSMENT ENDNOTES Chapter7.CorporateInformationSecurityandPrivacyRegulation TheEnronScandalandSecuritiesLawReform WhyIsAccurateFinancialReportingImportant? TheSarbanesOxleyActof2002 ComplianceandSecurityControls SOXInfluenceinOtherTypesofCompanies CorporatePrivacyIssues CaseStudiesandExamples CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER7ASSESSMENT ENDNOTES Chapter8.FederalGovernmentInformationSecurityandPrivacyRegulations InformationSecurityChallengesFacingtheFederalGovernment TheFederalInformationSecurityManagementAct ProtectingPrivacyinFederalInformationSystems ImportandExportControlLaws
CaseStudiesandExamples CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER8ASSESSMENT ENDNOTES Chapter9.StateLawsProtectingCitizenInformationandBreachNotificationLaws HistoryofStateActionstoProtectPersonalInformation BreachNotificationRegulations DataSpecificSecurityandPrivacyRegulations EncryptionRegulations DataDisposalRegulations CaseStudiesandExamples CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER9ASSESSMENT ENDNOTES Chapter10.IntellectualPropertyLaw TheDigitalWildWestandtheImportanceofIntellectualPropertyLaw LegalOwnershipandtheImportanceofProtectingIntellectualProperty Patents Trademarks Copyright ProtectingCopyrightsOnlineTheDigitalMillenniumCopyrightAct(DMCA) CaseStudiesandExamples CHAPTERSUMMARY
KEYCONCEPTSANDTERMS CHAPTER10ASSESSMENT ENDNOTES Chapter11.TheRoleofContracts GeneralContractingPrinciples ContractingOnline SpecialTypesofContractsinCyberspace HowDoTheseContractsRegulateBehavior? EmergingContractLawIssues CaseStudiesandExamples CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER11ASSESSMENT ENDNOTES Chapter12.CriminalLawandTortLawIssuesinCyberspace GeneralCriminalLawConcepts CommonCriminalLawsUsedinCyberspace GeneralTortLawConcepts CommonTortLawActionsinCyberspace CaseStudiesandExamples CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER12ASSESSMENT ENDNOTES PartTHREE:SecurityandPrivacyinOrganizations
Chapter13.InformationSecurityGovernance WhatIsInformationSecurityGovernance? InformationSecurityGovernanceDocuments RecommendedInformationSecurityPolicies CaseStudiesandExamples CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER13ASSESSMENT ENDNOTES Chapter14.RiskAnalysis,IncidentResponse,andContingencyPlanning ContingencyPlanning RiskManagement ThreeTypesofContingencyPlanning SpecialConsiderations CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER14ASSESSMENT ENDNOTES Chapter15.ComputerForensicsandInvestigations WhatIsComputerForensics? WhatIstheRoleofaComputerForensicExaminer? Collecting,Handling,andUsingDigitalEvidence LegalIssuesInvolvingDigitalEvidence CHAPTERSUMMARY KEYCONCEPTSANDTERMS
CHAPTER15ASSESSMENT ENDNOTES AppendixA.AnswerKey AppendixB.StandardAcronyms AppendixC.LawandCaseCitations U.S.FederalLaws CourtRules CourtCases AppendixD.TheConstitutionoftheUnitedStatesofAmerica AmendmentstotheConstitutionoftheUnitedStatesofAmerica.
GeneralNetworkConceptsandVulnerabilities NetworkServicesandNetworkDevices InternetSecurityandVulnerabilities NetworkSecurityToolsandDevices Summary Chapter4.SystemSecurity GeneralSystemSecurityThreats HardwareandPeripheralDevices OSandApplicationSecurity Virtualization SystemBasedSecurityApplications Summary Chapter5.OrganizationalandOperationalSecurity PhysicalSecurityConceptsandVulnerabilities PoliciesandProcedures RiskAnalysis BusinessContinuityandDisasterRecovery Summary Chapter6.SecurityAssessmentsandAudits VulnerabilityAssessmentsandTesting Monitoring LoggingandAuditing Summary AppendixA:CommonApplicationsandPortNumbers AppendixB:InformationSecurityProfessionalCertifications
References Chapter2.Organizing Introduction Staffing IndependentContractorsandConsultants Practices EstablishingObjectives OrganizingConsistentwithPolicies OrganizingOutsideoftheSecurityGroup TerminatingUnacceptableEmployees OrganizationalStructures ReviewQuestions References Chapter3.ManagingPeople Introduction Maslow'sTheory MaslowintheSecurityEnvironment PeopleDevelopment PerformanceAppraisal PerformanceAppraisalCycle UpwardFeedback PositionEvaluation ReviewQuestions References Chapter4.LeadershipandManagementSkills
Introduction LeadershipintheManagementofSecurity BuildaVision Empowerment Followers LeadersAddValue CompetitionamongLeaders PriceofLeadership LeadingintheTwentyFirstCentury Conclusion ReviewQuestions References Chapter5.Strategy Introduction BusinessStrategy CoreandSupportActivities OutsourcingandtheSecurityGroup EffectofStrategyonSecurityManagement TechnicalKnowledge StrategyandRisk Imperatives StrategicPlanning Conclusion ReviewQuestions References
Chapter6.BudgetManagement Introduction BudgetPreparation Authorization Execution Audit TheBudgetDirector ZeroBasedBudgeting ControllingCosts Overspending Conclusion ReviewQuestions References Chapter7.ManagingChange Introduction AdjustingtoChange TechnologyandChange PoliticsandChange ChangeonaPersonalLevel ReviewQuestions References Chapter8.MakingDecisions Introduction ADecisionMakingStrategy ImplicationsfortheCSO
Conclusion ReviewQuestions References Chapter9.ManagingRisk Introduction RiskAnalysis RiskAssessmentversusThreatAssessment SelfAssessment SecurityReview SecurityAudit ProjectReview SecurityIncidentCausationModel SICMStandards ManagementFailures ApplyingtheSICMTechnique Conclusions ReviewQuestions References Chapter10.ManagingGuardOperations Introduction SecurityOfficerSelectionandTraining NeedsAssessment LifeSafetyProgram ProprietaryversusContractSecurity Assurance
ValueofGuardServices Conclusions ReviewQuestions References Chapter11.ManagingPhysicalSecurity Introduction TypesofProtectedAssets Safeguards FactorsinSelectingSafeguards ConcentricProtection SecurityLighting Sensors IntrusionDetectionSystems LockandKeySystems Conclusions ReviewQuestions References Chapter12.ManagingAccessControl Introduction EmployeeBadgesandVisitorPasses TypesofIdentificationCards TrafficControl MaterialsControl AccessControlBarriers Biometrics
ClosedCircuitTelevision(CCTV) IntrusionDetection ThreatIndividuals Conclusions ReviewQuestions References Chapter13.ManagingInvestigations Introduction CaseManagement PrivateInvestigation InvestigationTypes PhysicalEvidence Forensics PolygraphTesting TheDeposition Discovery PretrialPreparation TrialProcedures Conclusions ReviewQuestions References Chapter14.PreEmploymentScreening Introduction NegligentHiring EmploymentApplicationForm
VerifyingApplicationInformation EmployeeRelease ReferenceChecks RecordsofInterest DatabaseSearches CostAvoidance FairCreditReportingAct FreedomofInformationAct PrivacyActof1974 TheGrammLeachBlileyAct HealthInsurancePortabilityandAccountabilityAct ApplicantTesting ReviewQuestions References Chapter15.EmergencyManagement Introduction EmergencyManagementProcess DealingwiththeMedia NationalIncidentManagementSystem(NIMS) IncidentCommandSystem(ICS) BombIncidents FireEmergencies NaturalDisasters MedicalEmergencies Conclusions
ReviewQuestions References Chapter16.BusinessContinuity Introduction Policy RiskAssessment ThinkingAhead ContinuationandResumption BusinessImpactAnalysis RecoveryProgram Conclusion ReviewQuestions References Chapter17.ManagingInformationSecurity Introduction ManagementIntention ITGovernance TheImportanceofTransparency ThreatAssessment EstimatingCostsofExposure:QuantitativeversusQualitativeRiskAssessment HowManagementCanRespondtoRisk SecurityManagement IntellectualProperty ActivitiestoSecureIntellectualProperty TheRiskofScale
ReviewQuestions References Chapter18.SubstanceAbuse Introduction RoleoftheChiefSecurityOfficer TestingforIllegalDrugs AlcoholTesting EmployeeAwarenessandCooperation Intervention Investigation TheHealthInsurancePortabilityandAccountabilityActof1996(HIPAA) ReviewQuestions References Chapter19.ExecutiveProtection Introduction TheProtectedPersons ProgramSize,Equipment,andObjectives ProtectionattheOfficeandatHome TheThreat AdversaryAttemptsattheResidenceorOffice EventProtectionintheUnitedStates EventProtectionOverseas OperationalPlan AntikidnapPlan Abduction
ProofofLife Countermeasures Conclusions ReviewQuestions References Chapter20.WorkplaceViolence Introduction Policy CharacteristicsofWorkplaceViolence Assessment Readiness Response Intervention PsychologicalProfiling Liability Conclusion ReviewQuestions References Chapter21.EmployeeAwarenessProgram Introduction Goals AwarenessProgram TheMessage WorkforceCulture Conclusion
ReviewQuestions References Chapter22.VulnerabilityAssessment Introduction TheProcess ExitBriefing FinalReport ManagementActions Conclusions ReviewQuestions References Chapter23.SecurityProgramDesign Introduction ThreePillars Training TestingtheDesign FullProgramTesting Revising SecurityProgramDesignandtheExternalEnvironment Conclusion ReviewQuestions References Chapter24.CriticalInfrastructuresandKeyResources Introduction PresidentialDirective
ThePatriotAct CriticalInfrastructureandKeyResources AttackPossibilities TheWorldTradeCenterasaCIKR Vulnerability ThreatProbability TheOfficeofInfrastructureProtection(IP) TheNationalCounterterrorismCenter(NCTC) TheNationalIntelligenceProgram(NIP) FusionCenters TheNationalStrategyforInformationSharing(NSIP) TheNationalCriminalIntelligenceResourceCenter(NCIRC) NationalInfrastructureAdvisoryCouncil(NIAC) FederalBureauofInvestigation(FBI) CentralIntelligenceAgency(CIA) IntelligenceOperations DefenseIntelligenceAgency(DIA) U.S.CoastGuard(USCG) U.S.SecretService(USSS) LawEnforcement DHSPrivateSectorOffice Conclusions ReviewQuestions References Chapter25.TheTerroristThreat
Introduction TerroristGroups TheEvolutionofTerrorism Motives Evaluation Tactics TerroristPreparation Conclusions ReviewQuestions References Index
IT Security Metrics: A Practical Framework for Measuring Security & Protecting Data
By: Lance Hayden Publisher: McGraw-Hill Pub. Date: June 21, 2010 Print ISBN-10: 0-07-171340-9 Print ISBN-13: 978-0-07-171340-5 Web ISBN-10: 0-07-171341-7 Web ISBN-13: 978-0-07-171341-2 Pages in Print Edition: 396
Copyright AbouttheAuthor Foreword Acknowledgments Introduction PartI:IntroducingSecurityMetrics Chapter1.WhatIsaSecurityMetric? MetricsandMeasurement SecurityMetricsToday TheDissatisfyingStateofSecurityMetrics:LessonsfromOtherIndustries ReassessingOurIdeasAboutSecurityMetrics Summary FurtherReading Chapter2.DesigningEffectiveSecurityMetrics ChoosingGoodMetrics
GQMforBetterSecurityMetrics MoreSecurityUsesforGQM Summary FurtherReading Chapter3.UnderstandingData WhatAreData? DataSourcesforSecurityMetrics WeHaveMetricsandDataNowWhat? Summary FurtherReading CaseStudy1.InSearchofEnterpriseMetrics CaseStudy1:InSearchofEnterpriseMetrics ScenarioOne:OurNewVulnerabilityManagementProgram ScenarioTwo:WhosonFirst? ScenarioThree:TheValueofaSlide ScenarioFour:TheMonitoringProgram ScenarioFive:WhatCost,theTruth? Summary PartII:ImplementingSecurityMetrics Chapter4.TheSecurityProcessManagementFramework ManagingSecurityasaBusinessProcess TheSPMFramework BeforeYouBeginSPM Summary FurtherReading
Chapter5.AnalyzingSecurityMetricsData TheMostImportantStep AnalysisToolsandTechniques Summary FurtherReading Chapter6.DesigningtheSecurityMeasurementProject BeforetheProjectBegins PhaseOne:BuildaProjectPlanandAssembletheTeam PhaseTwo:GathertheMetricsData PhaseThree:AnalyzetheMetricsDataandBuildConclusions PhaseFour:PresenttheResults PhaseFive:ReusetheResults ProjectManagementTools Summary FurtherReading CaseStudy2.NormalizingToolDatainaSecurityPostureAssessment CaseStudy2:NormalizingToolDatainaSecurityPostureAssessment Background:OverviewoftheSPAService ObjectivesoftheCaseStudy Summary PartIII:ExploringSecurityMeasurementProjects Chapter7.MeasuringSecurityOperations SampleMetricsforSecurityOperations SampleMeasurementProjectsforSecurityOperations Summary
FurtherReading Chapter8.MeasuringComplianceandConformance TheChallengesofMeasuringCompliance SampleMeasurementProjectsforComplianceandConformance Summary FurtherReading Chapter9.MeasuringSecurityCostandValue SampleMeasurementProjectsforComplianceandConformance TheImportanceofDatatoMeasuringCostandValue Summary FurtherReading Chapter10.MeasuringPeople,Organizations,andCulture SampleMeasurementProjectsforPeople,Organizations,andCulture Summary FurtherReading CaseStudy3.WebApplicationVulnerabilities CaseStudy3:WebApplicationVulnerabilities SourceDataandNormalization Outcomes,Timelines,Resources InitialReportingwithDirtyData WorkingwithStakeholderstoPerformDataCleansing FollowupwithReportsandDiscussionswithStakeholders LessonLearned:FixtheProcess,andThenAutomate LessonLearned:DontWaitforPerfectDataBeforeReporting Summary
PartIV:BeyondSecurityMetrics Chapter11.TheSecurityImprovementProgram MovingfromProjectstoPrograms ManagingSecurityMeasurementwithaSecurityImprovementProgram RequirementsforaSIP MeasuringtheSIP CaseStudy:ASIPforInsiderThreatMeasurement Summary FurtherReading Chapter12.LearningSecurity:DifferentContextsforSecurityProcessManagement OrganizationalLearning ThreeLearningStylesforITSecurityMetrics FinalThoughts Summary FurtherReading CaseStudy4.GettingManagementBuyinfortheSecurityMetricsProgram CaseStudy4:GettingManagementBuyinfortheSecurityMetricsProgram TheCISOHackedMyComputer WhatIsBuyin? Corporationsvs.HigherEd:WhosCrazier? HigherEducationCaseStudy Conclusion
Section2.4.ESManddirectorymanagersecurityobservations Section2.5.Securingconsoleaccesstoz/VMvirtualmachines Section2.6.Securingnetworkaccesstoz/VM Section2.7.Securingz/VMresources Section2.8.z/VMDirectoryMaintenanceFacility(DirMaint) Chapter3.Configuringandusingthez/VMLDAPserver Section3.1.Thez/VMLDAPserver Section3.2.Settingupthez/VMLDAPserver Section3.3.ExtendingtheLDBMschema Section3.4.UsingphpLDAPadmintomanagethez/VMLDAPserver Section3.5.LDBMandNativeAuthentication Section3.6.Linuxauthenticationusingthez/VMLDAPserver Section3.7.CentralizingLinuxauditinformationwithz/VMRACF Section3.8.UsinganOpenLDAPserverwiththez/VMLDAPserver Chapter4.Authenticationandaccesscontrol Section4.1.SELinux Section4.2.AppArmor Section4.3.PluggableAuthenticationModules Chapter5.Cryptohardware Section5.1.Clearkey Section5.2.SecureKeyCrypto Chapter6.PhysicalandinfrastructuresecurityonSystemz Section6.1.Physicalenvironment Section6.2.ProtectingtheHardwareManagementConsole Section6.3.Protectingtheconfiguration
Section6.4.Buildingasecuremultizoneapplicationenvironment Section6.5.IBMProventiaproducts Section6.6.Linuxfirewalls Section6.7.Disksecurity Section6.8.ProtectingECKDdisk Section6.9.ProtectingFibreChannelProtocol(FCP)disks Section6.10.Protectingz/VMminidisks Chapter7.Bestpractices Section7.1.Securitychecklist Section7.2.Physicalsecurity Section7.3.Securingthelogicalaccesstoz/VM Section7.4.Securingthedata Section7.5.Securingthenetwork Section7.6.Accesscontrol Section7.7.Authentication Section7.8.Usermanagement Section7.9.Audit Section7.10.Separationofduties AppendixA:Usingz/OSfeaturesinaLinuxenvironment AuthenticationusingIBMTivoliAccessManager IBMTivoliAccessManagerWebSEAL AppendixB:z/VSESecurityandLinuxonSystemz AppendixC:Additionalmaterial LocatingtheWebmaterial UsingtheWebmaterial
Section4.8.AlternativestoiPadDataPlans Chapter5.SetUpBluetooth Section5.1.BluetoothBasics Section5.2.PairingAnyDevice Section5.3.Tethering Section5.4.PeertoPeerPairing Section5.5.AppleWirelessKeyboard Section5.6.AudioDevices Chapter6.AirplaneMode Section6.1.WhatsAirplaneMode? Section6.2.TurningRadiosoffSeparately Chapter7.TransferDataSecurely Section7.1.Exposure Section7.2.SecureSolutions Chapter8.KeepDataSafe Section8.1.Exposure Section8.2.TheDangerofSafarisAutoFill Section8.3.Mitigation Chapter9.WhenYouriPadGoesMissing Section9.1.SafetyTipsWhileOutandAbout Section9.2.FindMyiOSDevice Section9.3.RemoteTrackingSoftware AppendixA.AboutThisBook SectionA.1.EbookExtras SectionA.2.AbouttheAuthor
SectionA.3.AboutthePublisher
Onsecurityassessmentsandsecuritypolicies Onsecurityassessmentsandcompliance Chapter3.SecurityAssessmentsClassification Onbroadcategoriesofsecurityaudits Ontechnicalinformationsecurityassessments Onnontechnicalinformationsecurityaudits Chapter4.AdvancedPreAssessmentPlanning Onpreauditgapanalysis Onauditingtheauditors Onarrangingtheauditprocess Chapter5.SecurityAuditStrategiesandTactics Oncriticalpoints Onreconnaissance Onevaluatingvulnerabilitiesandgaps Theoperationalartofvulnerabilityassessment Chapter6.SyntheticEvaluationofRisks Onapplicableepistemologyofrisk Analysingindividualvulnerabilityrisks Riskssynthesis,summaryanditsbreakdown Chapter7.PresentingtheOutcomeandFollowUpActs Onstructureandcontentoftheassessmentreport Ondrawingconclusions Onauditrecommendationsandfollowupreaction Chapter8.ReviewingSecurityAssessmentFailuresandAuditorManagementStrategies Oninformationsecurityassessmentfollies
Onassemblingandmanagingtheauditorteam Scienceandartofinformationsecurityevaluation Bibliography InformationandITsecuritysources General/militarystrategyandrelatedsources ITGResources OtherWebsites PocketGuides Toolkits BestPracticeReports TrainingandConsultancy Newsletter
Chapter2.ManagingGroupPolicywiththeGPMC Section2.1.CommonProcedureswiththeGPMC Section2.2.SecurityFilteringandDelegationwiththeGPMC Section2.3.PerformingRSoPCalculationswiththeGPMC Section2.4.SearchingandCommentingGroupPolicyObjectsandPolicySettings Section2.5.StarterGPOs Section2.6.BackUpandRestoreforGroupPolicy Section2.7.GPMCAtaGlanceIconView Section2.8.TheGPMCAtaGlanceCompatibilityTable Section2.9.FinalThoughts Chapter3.GroupPolicyProcessingBehaviorEssentials Section3.1.GroupPolicyProcessingPrinciples Section3.2.PolicyApplicationviaRemoteAccess,SlowLinks,andafterHibernation Section3.3.UsingGroupPolicytoAffectGroupPolicy Section3.4.FinalThoughts Chapter4.AdvancedGroupPolicyProcessing Section4.1.WMIFilters:FineTuningWhenandWhereGroupPolicyApplies Section4.2.GroupPolicyLoopbackProcessing Section4.3.GroupPolicywithCrossForestTrusts Section4.4.FinalThoughts Chapter5.GroupPolicyPreferences Section5.1.PowersoftheGroupPolicyPreferences Section5.2.GroupPolicyPreferencesArchitectureandInstallationInstructions Section5.3.GroupPolicyPreferencesConcepts Section5.4.GroupPolicyPreferencesTips,Tricks,andTroubleshooting
Section5.5.FinalThoughts Chapter6.ManagingApplicationsandSettingsUsingGroupPolicy Section6.1.AdministrativeTemplates:AHistoryandPolicyvs.Preferences Section6.2.ADMvs.ADMXandADMLFiles Section6.3.ADMXandADMLFiles:WhatTheyDoandtheProblemsTheySolve Section6.4.TheCentralStore Section6.5.CreatingandEditingGPOsinaMixedEnvironment Section6.6.ADMandADMXTemplatesfromOtherSources Section6.7.ADMXMigratorandADMXEditorTools Section6.8.PolicyPakCommunityEdition Section6.9.FinalThoughts Chapter7.TroubleshootingGroupPolicy Section7.1.UndertheHoodofGroupPolicy Section7.2.TheBirth,Life,andDeathofaGPO Section7.3.HowClientSystemsGetGroupPolicyObjects Section7.4.WhyIsn'tGroupPolicyApplying? Section7.5.ClientSideTroubleshooting Section7.6.AdvancedGroupPolicyTroubleshootingwithLogFiles Section7.7.FinalThoughts Chapter8.ImplementingSecuritywithGroupPolicy Section8.1.TheTwoDefaultGroupPolicyObjects Section8.2.TheStrangeLifeofPasswordPolicy Section8.3.InsideAuditingWithandWithoutGroupPolicy Section8.4.RestrictedGroups Section8.5.RestrictSoftware:SoftwareRestrictionPolicyandAppLocker
Section8.6.ControllingUserAccountControl(UAC)withGroupPolicy Section8.7.Wireless(802.3)andWiredNetwork(802.11)Policies Section8.8.ConfiguringWindowsFirewallwithGroupPolicy Section8.9.FinalThoughts Chapter9.Profiles:Local,Roaming,andMandatory Section9.1.WhatIsaUserProfile? Section9.2.RoamingProfiles Section9.3.MandatoryProfiles Section9.4.FinalThoughts Chapter10.ImplementingaManagedDesktop,Part1:RedirectedFolders,OfflineFiles,andthe SynchronizationManager Section10.1.OverviewofChangeandConfigurationManagement Section10.2.RedirectedFolders Section10.3.OfflineFilesandSynchronization Section10.4.UsingFolderRedirectionandOfflineFilesoverSlowLinks Section10.5.FinalThoughts Chapter11.TheManagedDesktop,Part2:SoftwareDeploymentviaGroupPolicy Section11.1.GroupPolicySoftwareInstallation(GPSI)Overview Section11.2.AssigningandPublishingApplications Section11.3.AdvancedPublishedorAssigned Section11.4.DefaultGroupPolicySoftwareInstallationProperties Section11.5.RemovingApplications Section11.6.UsingGroupPolicySoftwareInstallationoverSlowLinks Section11.7.Managing.MSIPackagesandtheWindowsInstaller Section11.8.DeployingOffice2007andOffice2010UsingGroupPolicy Section11.9.DoYouNeeda"Big"ManagementToolforYourEnvironment?
Section11.10.FinalThoughts Chapter12.FinishingToucheswithGroupPolicy:Scripts,InternetExplorer,HardwareControl,Deploying Printers,andShadowCopies Section12.1.Scripts:Logon,Logoff,Startup,andShutdown Section12.2.ManagingInternetExplorerwithGroupPolicy Section12.3.RestrictingAccesstoHardwareviaGroupPolicy Section12.4.AssigningPrintersviaGroupPolicy Section12.5.ShadowCopies(akaPreviousVersions) Section12.6.FinalThoughtsforThisChapterandfortheBook AppendixA.GroupPolicyTools SectionA.1.SecuringWorkstationswithTemplates SectionA.2.TheSecurityConfigurationWizard SectionA.3.MigratingGroupPolicyObjectsbetweenDomains SectionA.4.MicrosoftToolsRoundup SectionA.5.ThirdPartyVendorsList BonusChapter1:ScriptingGroupPolicyOperationswithWindowsPowerShell SectionBC1.1.UsingPowerShelltoDoMorewithGroupPolicy SectionBC1.2.MakingPowerShellEvenEasierwithCommercialTools SectionBC1.3.ReplacingMicrosoft'sGPMCScriptswithPowerShellEquivalents SectionBC1.4.FinalThoughts BonusChapter2:AdvancedGroupPolicyManagement(AGPMv4) SectionBC2.1.TheChallengeofGroupPolicyChangeManagement SectionBC2.2.ArchitectureandInstallationofAGPM SectionBC2.3.WhatHappensafterAGPMisInstalled? SectionBC2.4.UnderstandingtheAGPMDelegationModel SectionBC2.5.AGPMCommonTasks
Section2.3.Exponents,Logarithms,andSensitivitytoChange Section2.4.TheExponentialFunctionex Section2.5.TheDecibel Section2.6.SecurityRiskandtheConceptofScale Section2.7.SomeCommonPhysicalModelsinSecurityRisk Section2.8.VisualizingSecurityRisk Section2.9.AnExample:GuardingCosts Section2.10.Summary Chapter3.Securityriskmeasurementsandsecurityprograms Section3.1.Introduction Section3.2.TheSecurityRiskAssessmentProcess Section3.3.ManagingSecurityRisk Section3.4.SecurityRiskAudits Section3.5.SecurityRiskProgramFrameworks Section3.6.Summary Part2:MeasuringandMitigatingSecurityRisk Chapter4.Measuringthelikelihoodcomponentofsecurityrisk Section4.1.Introduction Section4.2.LikelihoodorPotentialforRisk? Section4.3.EstimatingtheLikelihoodofRandomlyOccurringSecurityIncidents Section4.4.EstimatingthePotentialforBiasedSecurityIncidents Section4.5.AveragesandDeviations Section4.6.ActuarialApproachestoSecurityRisk Section4.7.Randomness,Loss,andExpectationValue Section4.8.FinancialRisk
Section4.9.Summary References Chapter5.Measuringthevulnerabilitycomponentofsecurityrisk Section5.1.Introduction Section5.2.VulnerabilitytoInformationLossThroughUnauthorizedSignalDetection Section5.3.VulnerabilitytoExplosiveThreats Section5.4.ATheoryofVulnerabilitytoComputerNetworkInfections Section5.5.Biological,Chemical,andRadiologicalWeapons Section5.6.TheVisualCompromiseofInformation Section5.7.Summary References Chapter6.Mitigatingsecurityrisk:reducingvulnerability Section6.1.Introduction Section6.2.AudibleSignals Section6.3.ElectromagneticSignals Section6.4.VehicleBorneExplosiveThreats:BarriersandBollards Section6.5.ExplosiveThreats Section6.6.RadiologicalThreats Section6.7.BiologicalThreats Section6.8.MitigatingtheRiskofChemicalThreats(BrieflyNoted) Section6.9.GuidelinesforReducingtheVulnerabilitytoNonTraditionalThreatsinCommercialFacilities Section6.10.CommercialTechnicalSurveillanceCountermeasures Section6.11.ElectromagneticPulseWeapons Section6.12.Summary References
Epilogue AppendixA.Scientificprefixes AppendixB.Soundlevelsandintensities AppendixC.Thespeedofsoundincommonmaterials AppendixD.Closedcircuittelevision(CCTV)performancecriteriaandtechnicalspecifications PerformanceCriteria OperationalModes ImageDataandTransmissionRequirements Camera/SystemManagement ImageResolution RecordFrameRate ImageStorage AmbientLighting PowerandResilience FieldofView InformationSecurityRestrictions AppendixE.Physicalaccessauthorizationsystemperformancecriteria HighLevelSystemArchitecture PhysicalAccessAuthorization PhysicalAccessAuthorizationConditionsandSignaling PhysicalAccessAuthorizationInformationTransmission PhysicalAccessAuthorizationHistoryandReporting PhysicalAccessAuthorizationEquipmentSecurity AppendixF.Exteriorbarrierperformancecriteriaandtechnicalspecifications AppendixG.Windowantiblastmethodstechnicalspecifications
AppendixH.QualitativeinterpretationofRwvalues Index
BasicWindowsOperatingSystemArchitecture AccessControlsandAuthentication SecurityAccessTokens,Rights,andPermissions Users,Groups,andActiveDirectory WindowsAttackSurfacesandMitigation FundamentalsofMicrosoftWindowsSecurityMonitoringandMaintenance CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER2ASSESSMENT PartTWO:ManagingandMaintainingMicrosoftWindowsSecurity Chapter3.AccessControlsinMicrosoftWindows ThePrincipleofLeastPrivilege AccessModels:Identification,Authentication,Authorization,ACLs,andMore WindowsObjectsandAccessControls SIDs,GUIDs,andCLSIDs CalculatingMicrosoftWindowsAccessPermissions AuditingandTrackingWindowsAccess MicrosoftWindowsAccessManagementTools BestPracticesforMicrosoftWindowsAccessControl CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER3ASSESSMENT Chapter4.MicrosoftWindowsEncryptionToolsandTechnologies EncryptionMethodsMicrosoftWindowsSupports EncryptingFileSystem,BitLocker,andBitLockerToGo
EnablingFile,Folder,andVolumeLevelEncryption EncryptioninCommunications EncryptionProtocolsinMicrosoftWindows MicrosoftWindowsandSecurityCertificates PublicKeyInfrastructure BestPracticesforWindowsEncryptionTechniques CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER4ASSESSMENT Chapter5.ProtectingMicrosoftWindowsAgainstMalware TypesofMalware AntivirusandAntiSpywareSoftware ImportanceofUpdatingYourSoftware MaintainingaMalwareFreeEnvironment ScanningandAuditingMalware ToolsandTechniquesforRemovingMalware MalwarePreventionBestPractices CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER5ASSESSMENT Chapter6.GroupPolicyControlinMicrosoftWindows GroupPolicyandGroupPolicyObjects MakingGroupPolicyConformtoSecurityPolicy TypesofGPOsintheRegistry TypesofGPOsinActiveDirectory
Designing,Deploying,andTrackingGroupPolicyControls AuditingandManagingGroupPolicy BestPracticesforMicrosoftWindowsGroupPolicyandProcesses CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER6ASSESSMENT Chapter7.MicrosoftWindowsSecurityProfileandAuditTools ProfilingMicrosoftWindowsSecurity MicrosoftBaselineSecurityAnalyzer(MBSA) ShavlikSecurityAnalyzers SecuniaPersonalandCorporateSecurityAnalyzers MicrosoftWindowsSecurityAudit MicrosoftWindowsSecurityAuditTools BestPracticesforMicrosoftWindowsSecurityAudits CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER7ASSESSMENT Chapter8.MicrosoftWindowsBackupandRecoveryTools MicrosoftWindowsOperatingSystem(OS)andApplicationBackupandRecovery Workstation,Server,Network,andInternetBackupTechniques MicrosoftWindowsandApplicationBackupandRecoveryinaBusinessContinuityRecoverySetting MicrosoftWindowsBackupandRestoreUtility RebuildingSystemsfromBareMetal ManagingBackupswithVirtualMachines BestPracticesforMicrosoftWindowsBackupandRecovery
CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER8ASSESSMENT Chapter9.MicrosoftWindowsNetworkSecurity NetworkSecurity PrinciplesofMicrosoftWindowsNetworkSecurity MicrosoftWindowsSecurityProtocolsandServices SecuringMicrosoftWindowsEnvironmentNetworkServices SecuringMicrosoftWindowsWirelessNetworking MicrosoftWindowsDesktopNetworkSecurity MicrosoftWindowsServerNetworkSecurity BestPracticesforMicrosoftWindowsNetworkSecurity CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER9ASSESSMENT Chapter10.MicrosoftWindowsSecurityAdministration SecurityAdministrationOverview MaintainingtheAICTriadintheMicrosoftWindowsOSWorld MicrosoftWindowsOSSecurityAdministration EnsuringDueDiligenceandRegulatoryCompliance TheNeedforSecurityPolicies,Standards,Procedures,andGuidelines BestPracticesforMicrosoftWindowsOSSecurityAdministration CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER10ASSESSMENT
PartTHREE:MicrosoftWindowsOSandApplicationSecurityTrendsandDirections Chapter11.HardeningtheMicrosoftWindowsOperatingSystem UnderstandingtheHardeningProcessandMindset HardeningMicrosoftWindowsOperatingSystemAuthentication HardeningtheNetworkInfrastructure SecuringDirectoryInformationandOperations HardeningMicrosoftWindowsOSAdministration HardeningMicrosoftServersandClientComputers HardeningDataAccessandControls HardeningCommunicationsandRemoteAccess HardeningPKI UserSecurityTrainingandAwareness BestPracticesforHardeningMicrosoftWindowsOSandApplications CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER11ASSESSMENT Chapter12.MicrosoftApplicationSecurity PrinciplesofMicrosoftApplicationSecurity SecuringKeyMicrosoftClientApplications SecuringKeyMicrosoftServerApplications CaseStudiesinMicrosoftApplicationSecurity BestPracticesforSecuringMicrosoftWindowsApplications CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER12ASSESSMENT
Chapter13.MicrosoftWindowsIncidentHandlingandManagement UnderstandingandHandlingSecurityIncidentsInvolvingMicrosoftWindowsOSandApplications FormulatinganIncidentResponsePlan HandlingIncidentResponse IncidentHandlingandManagementToolsforMicrosoftWindowsandApplications InvestigatingMicrosoftWindowsandApplicationsIncidents AcquiringandManagingIncidentEvidence BestPracticesforHandlingMicrosoftWindowsOSandApplicationsIncidentsandInvestigations CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER13ASSESSMENT Chapter14.MicrosoftWindowsandtheSecurityLifeCycle UnderstandingSystemLifeCyclePhases ManagingMicrosoftWindowsOSandApplicationSoftwareSecurity DevelopingSecureMicrosoftWindowsOSandApplicationSoftware Implementing,Evaluating,andTestingMicrosoftWindowsOSandApplicationSoftwareSecurity MaintainingtheSecurityofMicrosoftWindowsOSandApplicationSoftware MicrosoftWindowsOSandApplicationSoftwareRevision,ChangeManagement,andEndofLife Phaseout BestPracticesforMicrosoftWindowsandApplicationSoftwareDevelopmentSecurityInvestigations CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER14ASSESSMENT Chapter15.BestPracticesforMicrosoftWindowsandApplicationSecurity BasicRulesofMicrosoftWindowsOSandApplicationSecurity AuditandRemediationCycles
SecurityPolicyConformanceChecks SecurityBaselineAnalysis OSandApplicationChecksandUpkeep NetworkManagementToolsandPolicies SoftwareTesting,Staging,andDeployment Compliance/CurrencyTestsonNetworkEntry TrendsinMicrosoftWindowsOSandApplicationSecurityManagement CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER15ASSESSMENT AppendixA.AnswerKey AppendixB.StandardAcronyms
ENDNOTE Chapter2.FromBrickandMortartoEcommercetoEbusinessTransformation TheEvolutionofBusinessfromBrickandMortartotheWWW TopofMindBusinessDrivers SolvingCommonBusinessChallenges EbusinessStrategies InternetMarketingStrategies Risks,Threats,andVulnerabilitieswithWebSites CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER2ASSESSMENT Chapter3.EvolutionofPeopletoPeopleCommunications PersonalVersusBusinessCommunications EvolutionofCommunications SocialMediaandSocialNetworking OnlineSocialBehavior LimitationsofLiabilityofWebSiteOwners CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER3ASSESSMENT Chapter4.FromPersonalCommunicationtoSocialNetworking TheHistoryandEvolutionofEmail TheRulesforEmailCommunication TheKeyElementsofWebPages OnlineMessageBoards
OnlineForums OnlineVirtualCommunityPortals OnlineChatRooms Risks,Threats,andVulnerabilitieswithPersonalCommunicationsandSocialNetworks PrivacyViolations CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER4ASSESSMENT PartTWO:SecureWebEnabledApplicationDeploymentandSocialNetworking Chapter5.MitigatingRiskWhenConnectingtotheInternet ThreatsWhenConnectingtotheInternet WebSiteHosting TheSevenDomainsofaTypicalITInfrastructure ProtectingNetworksintheLANtoWANDomain BestPracticesforConnectingtotheInternet CHAPTERSUMMARY KEYCONCEPTANDTERMS CHAPTER5ASSESSMENT Chapter6.MitigatingWebSiteRisks,Threats,andVulnerabilities WhoIsComingtoYourWebSite? WhomDoYouWanttoCometoYourWebSite? DoesYourWebSiteAcceptUserInput? TheOpenWebApplicationSecurityProject(OWASP)Top10 BestPracticesforMitigatingKnownWebApplicationRisks,Threats,andVulnerabilities CHAPTERSUMMARY
KEYCONCEPTSANDTERMS CHAPTER6ASSESMENT Chapter7.IntroducingtheWebApplicationSecurityConsortium(WASC) WASCThreatClassification WebSiteAttacks WebSiteWeaknesses BestPracticesforMitigatingAttackRisks BestPracticesforMitigatingWeaknesses CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER7ASSESSMENT Chapter8.SecuringWebApplications DoesYourApplicationRequireUserInputintoYourWebSite? TechnologiesandSystemsUsedtoMakeaCompleteFunctionalWebSite DoesYourDevelopmentProcessFollowtheSoftwareDevelopmentLifeCycle(SDLC)? DesigningaLayeredSecurityStrategyforWebSitesandWebApplications IncorporatingSecurityRequirementsWithintheSDLC HTTPandClearTextVersusHTTPSandEncryption SSLEncryptionforDataTransferBetweenClientandWebSite SelectinganAppropriateAccessControlSolution BestPracticesforSecuringWebApplications CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER8ASSESSMENT Chapter9.MitigatingWebApplicationVulnerabilities
CausesofVulnerabilities DevelopingPoliciestoMitigateVulnerabilities ImplementingSecureCodingBestPractices IncorporatingHTMLSecureCodingStandardsandTechniques IncorporatingJavaScriptSecureCodingStandardsandTechniques IncorporatingCGIFormandSQLDatabaseAccessSecureCodingStandardsandTechniques ImplementingSoftwareDevelopmentConfigurationManagementandRevisionLevelTracking BestPracticesforMitigatingWebApplicationVulnerabilities CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER9ASSESSMENT Chapter10.MaintainingPCIDSSComplianceforEcommerceWebSites CreditCardTransactionProcessing WhatIsPCIDSS? DesigningandBuildingYourEcommerceWebSitewithPCIDSSinMind WhatDoesaPCIDSSSecurityAssessmentEntail? BestPracticestoMitigateRiskforEcommerceWebSiteswithPCIDSSCompliance CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER10ASSESSMENT Chapter11.TestingandQualityAssuranceforProductionWebSites DevelopmentandProductionSoftwareEnvironments ConfigurationandChangeManagement BuildingaTestPlanandFunctionalityChecklistforWebSiteDeployments TestingforAllNewApplicationsandFeatures
DetectingSecurityGapsandHolesinWebSiteApplications MitigatingAnyIdentifiedGapsandHolesandRetesting DeployingWebSiteApplicationsinaProductionEnvironment MonitoringandAnalyzingWebSiteTraffic,Use,andAccess BestPracticesforTestingandAssuringQualityofProductionWebSites CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER11ASSESSMENT Chapter12.PerformingaWebSiteVulnerabilityandSecurityAssessment SoftwareTestingVersusWebSiteVulnerabilityandSecurityAssessments PerforminganInitialDiscoveryontheTargetedWebSite PerformingaVulnerabilityandSecurityAssessment UsingPlannedAttackstoIdentifyVulnerabilities SpottingVulnerabilitiesinBackEndSystemsandSQLDatabases PreparingaVulnerabilityandSecurityAssessmentReport BestPracticesforWebSiteVulnerabilityandSecurityAssessments CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER12ASSESSMENT PartTHREE:WebApplicationsandSocialNetworkingGoneMobile Chapter13.SecuringEndpointDeviceCommunications EndpointDevices WirelessNetworksandHowTheyWork EndpointDeviceCommunications EndpointDeviceCommunicationRisks,Threats,andVulnerabilities
BestPracticesforSecuringEndpointDeviceCommunications CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER13ASSESSMENT Chapter14.SecuringPersonalandBusinessCommunications StoreandForwardCommunication MethodsofMessaging RealTimeCommunication Telephony/PrivateBranchExchange(PBX)CommunicationSecurityBestPractices VoIPCommunicationSecurityBestPractices SIPApplication(UnifiedCommunications)BestPractices CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER14ASSESSMENT ENDNOTE Chapter15.WebApplicationSecurityOrganizations,Education,Training,andCertification DepartmentofHomelandSecurity(DHS) NationalCyberSecurityDivision(NCSD) ComputerEmergencyResponseTeamCoordinationCenter(CERT/CC) TheMITRECorporationandtheCVEList NationalInstituteofStandardsandTechnology(NIST) InternationalInformationSystemsSecurityCertificationConsortium,Inc.(ISC)2 WebApplicationSecurityConsortium(WASC) OpenWebApplicationSecurityProject(OWASP) CHAPTERSUMMARY
Chapter2.BasicComponentsofLinuxSecurity LinuxSecurityStartswiththeKernel SecurityintheBootProcess LinuxSecurityIssuesBeyondtheBasicOperatingSystem TheUserAuthenticationDatabases FileOwnership,Permissions,andAccessControls FirewallsandMandatoryAccessControls NetworksandEncryptedCommunication TheLatestLinuxSecurityUpdates ContinuityandResiliencywithVirtualization VariationsBetweenDistributions CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER2ASSESSMENT PartTWO:LayeredSecurityandLinux Chapter3.BasicSecurity:FacilitiesThroughtheBootProcess SecurityintheServerRoomandthePhysicalServer OpenSourceTrustedPlatformModulesandOpenTrustedComputing SecurityonVirtualHostsandGuests LockingDownBootHardware LockingDownBootLoaders ChallengeswithaStandardSupportedKernel TheCostsandBenefitsofObscurity BasicSecurityandtheFiveProcessControls BestPractices:BasicSecurity
CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER3ASSESSMENT Chapter4.UserPrivilegesandPermissions TheShadowPasswordSuite AVarietyofChoiceswithUserPrivileges SecuringGroupsofUsers AHierarchyofAdministrativePrivileges RegularandSpecialPermissions TrackingAccessThroughLogs PluggableAuthenticationModules AuthorizingAccesswiththePolicyKit NetworkUserVerificationTools BestPractices:UserPrivilegesandPermissions CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER4ASSESSMENT Chapter5.Filesystems,Volumes,andEncryption FilesystemOrganization Journals,Formats,andFileSizes UsingEncryption LocalFileandFolderPermissions NetworkedFileandFolderPermissions FilesystemsandQuotas FilesystemsandAccessControlLists
BestPractices:Filesystems,Volumes,andEncryption CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER5ASSESSMENT Chapter6.EveryServiceIsaPotentialRisk BasicBastionHardening BastionsinaVirtualizedEnvironment TheRisksofSourceCodeandDevelopmentTools UninstallingDefaultServices ManagingSuperServersandDeactivatingServiceScripts IsolatewithchrootJails AvoidXServersandXClientsWherePossible TheRisksofProductivityTools BestPractices:ServiceDeployment CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER6ASSESSMENT Chapter7.Networks,Firewalls,andMore ServicesonEveryTCP/IPPort ObscurityandtheOpenPortProblem ProtectwithTCPWrappers PacketFilteringFirewalls AlternateAttackVectorsModemsandMore WirelessNetworkIssues SecurityEnhancedLinux(SELinux)
SettingUpAppArmorProfiles BestPractices:Networks,Firewalls,andTCP/IPCommunications CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER7ASSESSMENT Chapter8.NetworkedFilesystemsandRemoteAccess OneSystem,OneSharedNetworkService SecureNFSasifItWereLocal KeepingvsFTPVerySecure LinuxasaMoreSecureWindowsServer MakeSureSSHStaysSecure NetworksandEncryption WhenYou"Must"UseTelnet RemembertheModem MovingAwayfromClearTextAccess BestPractices:NetworkedFilesystemsandRemoteAccess CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER8ASSESSMENT Chapter9.NetworkedApplicationSecurity WebServices:ApacheandFriends WorkingwithSquid DNS:BINDandMore MailTransferAgents:sendmail,Sendmail,Postfix,andMore IfYouAsterisk
LimitThosePrinters ProtectYourTimeServices OptionsforObscurity:DifferentPorts,AlternativeServices BestPractices:NetworkedApplicationSecurity CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER9ASSESSMENT Chapter10.KernelSecurityRiskMitigation FunctionalKernelsforYourDistribution TheStockKernel StockKernelPatchesandUpgrades SecurityandKernelUpdateIssues KernelDevelopmentSoftware KernelDevelopmentTools BuildYourOwnSecureKernel Kernelsandthe/proc/Filesystem BestPractices:KernelSecurityRiskMitigation CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER10ASSESSMENT PartTHREE:BuildingaLayeredLinuxSecurityStrategy Chapter11.ManagingSecurityAlertsandUpdates KeepUptoSpeedwithDistributionSecurity KeepUptoSpeedwithApplicationSecurity LinuxHasAntivirusSystemsToo
GetIntotheDetailswithBugReports SecurityinanOpenSourceWorld AutomatedUpdatesorAnalyzedAlerts LinuxPatchManagement OptionsforUpdateManagers CommercialUpdateManagers OpenSourceUpdateManagers BestPractices:SecurityOperationsManagement CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER11ASSESSMENT Chapter12.BuildingandMaintainingaSecurityBaseline ConfigureaSimpleBaseline ReadOnlyoraLiveBootableOperatingSystem UpdatetheBaseline MonitorLocalLogs ConsolidateandSecureRemoteLogs IdentifyaBaselineSystemState CheckforChangeswithIntegrityScanners BestPractices:BuildandMaintainaSecureBaseline CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER12ASSESSMENT Chapter13.TestingandReporting TestEveryComponentofaLayeredDefense
CheckforOpenNetworkPorts RunIntegrityChecksofInstalledFilesandExecutables MakeSureSecurityDoesNotPreventLegitimateAccess MonitorThatVirtualizedHardware StandardOpenSourceSecurityTestingTools CommercialSecurityTestToolsforLinux TheRightPlacetoInstallSecurityTestingTools BestPractices:TestingandReporting CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER13ASSESSMENT Chapter14.DetectingandRespondingtoSecurityBreaches RegularPerformanceAudits MakeSureUsersStayWithinSecureLimits LogAccessintotheNetwork MonitorAccountBehaviorforSecurityIssues CreateanIncidentResponsePlan HaveLiveLinuxCDsReadyforForensicsPurposes WhenYouPutYourPlanintoAction BackupandRecoveryTools TheRightWaytoSaveCompromisedDataasEvidence DisasterRecoveryfromaSecurityBreach OpenSourceSecurityWorksOnlyIfEveryoneShares BestPractices:SecurityBreachDetectionandResponse CHAPTERSUMMARY
KEYCONCEPTSANDTERMS CHAPTER14ASSESSMENT Chapter15.BestPracticesandEmergingTechnologies MaintainaGoldBaseline RedundancyCanHelpEnsureAvailability TrustButVerifyCorporateSupport CheckConformancewithSecurityPolicies KeeptheLinuxOperatingSystemUptoDate KeepDistributionRelatedApplicationsUptoDate ManageThirdPartyApplicationsCarefully WhenPossible,ShareProblemsandSolutionswiththeCommunity TestNewComponentsBeforePuttingThemintoProduction FutureTrendsinLinuxSecurity CHAPTERSUMMARY KEYCONCEPTSANDTERMS CHAPTER15ASSESSMENT AppendixA.AnswerKey
Section1.10.BluetoothSecurity Section1.11.PrinterSecurity Section1.12.SharingServices Section1.13.SecurelyErasingDisks Section1.14.UsingSecureEmptyTrash Section1.15.UsingEncryptedDiskImages Section1.16.SecuringYourKeychains Section1.17.BestPractices Chapter2.Services,Daemons,andProcesses Section2.1.IntroductiontoServices,Daemons,andProcesses Section2.2.ViewingWhat'sCurrentlyRunning Section2.3.StoppingServices,Daemons,andProcesses Section2.4.StoppingDaemons Section2.5.TypesoflaunchdServices Section2.6.GUIToolsforManaginglaunchd Section2.7.ChangingWhatRunsAtLogin Section2.8.ValidatingtheAuthenticityofApplicationsandServices Section2.9.Summary Chapter3.SecuringUserAccounts Section3.1.IntroducingIdentification,Authentication,andAuthorization Section3.2.ManagingUserAccounts Section3.3.AdvancedSettingsinSystemPreferences Section3.4.WorkingwithLocalDirectoryServices Section3.5.RestrictingAccesswiththeCommandLine:sudoers Section3.6.SecuringMountPoints
Section3.7.SUIDApplications:GettingintotheNittyGritty Section3.8.CreatingFileswithPermissions Section3.9.Summary Chapter4.FileSystemPermissions Section4.1.MacOSFilePermissions:ABriefHistoryofTime Section4.2.POSIXPermissions Section4.3.AccessControlLists Section4.4.AdministeringPermissions Section4.5.UsingtheFindertoManagePermissions Section4.6.UsingchownandchmodtoManagePermissions Section4.7.TheHardLinkDilemma Section4.8.UsingmtreetoAuditFilesystemPermissions Section4.9.Summary Chapter5.ReviewingLogsandMonitoring Section5.1.WhatExactlyGetsLogged? Section5.2.UsingConsole Section5.3.FindingLogs Section5.4.ReviewingUserSpecificLogs Section5.5.ReviewingCommandLineLogs Section5.6.ReviewingLibraryLogs Section5.7.BreakingDownMaintenanceLogs Section5.8.WhattoWorryAbout Section5.9.VirtualMachineandBootcampLogs Section5.10.ReviewRegularly,ReviewOften Section5.11.Summary
PartII:SecuringtheEcosystem Chapter6.ApplicationSigningandSandbox Section6.1.ApplicationSigning Section6.2.Sandbox Section6.3.Summary Chapter7.SecuringWebBrowsersandEmail Section7.1.AQuickNoteAboutPasswords Section7.2.SecuringYourWebBrowser Section7.3.SecurelyConfiguringMail Section7.4.FightingSpam Section7.5.DesktopSolutionsforSecuringEmail Section7.6.UsingMailServerBasedSolutionsforSpamandViruses Section7.7.OutsourcingYourSpamandVirusFiltering Section7.8.Summary Chapter8.MalwareSecurity:CombatingViruses,Worms,andRootKits Section8.1.ClassifyingThreats Section8.2.UsingAntivirusSoftware Section8.3.OtherFormsofMalware Section8.4.Summary Chapter9.EncryptingFilesandVolumes Section9.1.UsingtheKeychaintoSecureSensitiveData Section9.2.UsingDiskImagesasEncryptedDataStores Section9.3.EncryptingUserDataUsingFileVault Section9.4.FullDiskEncryption Section9.5.Summary
PartIII:NetworkTraffic Chapter10.SecuringNetworkTraffic Section10.1.UnderstandingTCP/IP Section10.2.TypesofNetworks Section10.3.UnderstandingRouting Section10.4.PortManagement Section10.5.DMZandSubnets Section10.6.Spoofing Section10.7.StatefulPacketInspection Section10.8.DataPacketEncryption Section10.9.UnderstandingSwitchesandHubs Section10.10.RestrictingNetworkServices Section10.11.SecurityThrough802.1x Section10.12.ProxyServers Section10.13.Summary Chapter11.SettingUptheMacOSXFirewall Section11.1.IntroducingNetworkServices Section11.2.ControllingServices Section11.3.ConfiguringtheFirewall Section11.4.SettingAdvancedFeatures Section11.5.TestingtheFirewall Section11.6.ConfiguringtheApplicationLayerFirewallfromtheCommandLine Section11.7.UsingMacOSXtoProtectOtherComputers Section11.8.WorkingfromtheCommandLine Section11.9.Summary
Chapter12.SecuringaWirelessNetwork Section12.1.WirelessNetworkEssentials Section12.2.IntroducingtheAppleAirPort Section12.3.ConfiguringOlderAirPorts Section12.4.SecuringComputertoComputerNetworks Section12.5.WirelessTopologies Section12.6.WirelessHackingTools Section12.7.CrackingWEPKeys Section12.8.CrackingWPAPSK Section12.9.GeneralSafeguardsAgainstCrackingWirelessNetworks Section12.10.Summary PartIV:Sharing Chapter13.FileServices Section13.1.TheRisksinFileSharing Section13.2.PeertoPeervs.ClientServerEnvironments Section13.3.FileSecurityFundamentals Section13.4.SharingProtocols:WhichOneIsforYou? Section13.5.PermissionModels Section13.6.Summary Chapter14.WebSiteSecurity Section14.1.SecuringYourWebServer Section14.2.PHPandSecurity Section14.3.TamingScripts Section14.4.Securingrobots.txt Section14.5.ProtectingDirectories
Section14.6.TighteningSecuritywithTLS Section14.7.ImplementingDigitalCertificates Section14.8.ProtectingthePrivacyofYourInformation Section14.9.SecuringFilesonYourWebServer Section14.10.CodeInjectionAttacks Section14.11.Summary Chapter15.RemoteConnectivity Section15.1.RemoteManagementApplications Section15.2.UsingTimbuktuPro Section15.3.UsingSecureShell Section15.4.UsingaVPN Section15.5.Summary Chapter16.ServerSecurity Section16.1.LimitingAccesstoServices Section16.2.TheRootUser Section16.3.FoundationsofaDirectoryService Section16.4.ConfiguringandManagingOpenDirectory Section16.5.WebServerSecurityinMacOSXServer Section16.6.FileSharingSecurityinOSXServer Section16.7.WirelessSecurityonOSXServerUsingRADIUS Section16.8.DNSBestPractices Section16.9.SSL Section16.10.SSH Section16.11.ServerAdminfromtheCommandLine Section16.12.iChatServer
Section16.13.SecuringtheMailServer Section16.14.ProxyingServices Section16.15.Summary PartV:SecuringtheWorkplace Chapter17.NetworkScanning,IntrusionDetection,andIntrusionPreventionTools Section17.1.ScanningTechniques Section17.2.IntrusionDetectionandPrevention Section17.3.SecurityAuditingontheMac Section17.4.Summary Chapter18.BackupandFaultTolerance Section18.1.TimeMachine Section18.2.SuperDuper Section18.3.BackingUptoMobileMe Section18.4.Retrospect Section18.5.UsingTapeLibraries Section18.6.Backupvs.FaultTolerance Section18.7.BackingupServices Section18.8.Summary Chapter19.Forensics Section19.1.IncidentResponse Section19.2.MacForensicsLab Section19.3.OtherGUIToolsforForensicAnalysis Section19.4.ForensicallyAcquiringDiskImages Section19.5.ToolsforSafari Section19.6.CommandLineToolsforForensicAnalysis
Section19.7.Summary AppendixA.XsanSecurity SectionA.1.Metadata SectionA.2.FibreChannel SectionA.3.Affinities SectionA.4.Permissions SectionA.5.Quotas SectionA.6.OtherSANSolutions AppendixB.InfoSecAcceptableUsePolicy SectionB.1.1.0Overview SectionB.2.2.0Purpose SectionB.3.3.0Scope SectionB.4.4.0Policy SectionB.5.5.0Enforcement SectionB.6.6.0Definitions SectionB.7.7.0RevisionHistory AppendixC.CDSA AppendixD.IntroductiontoCryptography
REFERENCES Chapter3.RecentDevelopmentsinSimplifiedSignOn ABSTRACT INTRODUCTION CONCLUSION REFERENCES Chapter4.TheEffectivenessofPrivacyPolicyStatements ABSTRACT INTRODUCTION PRIVACYASATRUSTFACTOR PRIVACYPROTECTIONMECHANISMS PRIVACYPOLICYSTATEMENTS RESEARCHDESIGN CONCLUSION ACKNOWLEDGMENT REFERENCES Chapter5.AnEvaluationofUserPasswordPractice ABSTRACT INTRODUCTION PASSWORDSECURITYISSUES ASURVEYOFEMAILPASSWORDSECURITY DISCUSSION CONCLUSION REFERENCES Chapter6.WirelesshandheldDeviceandLANSecurityIssues:ACaseStudy
ABSTRACT INTRODUCTION LITERATURE RESEARCHMETHODOLOGY DATAANALYSIS DISCUSSION CONCLUSION ACKNOWLEDGMENT REFERENCES Chapter7.Web2.0TechnologiesforBusinessSolutions:ASecurityPerspective ABSTRACT INTRODUCTION BACKGROUNDOFWEB2.0TECHNOLOGIES APPLICATIONSOFTHETECHNOLOGIES SECURITYISSUES CONCLUSIONANDFUTURERESEARCH REFERENCES ENDNOTE Chapter8.BusinessContinuityPlanning:AStrategicDilemma? ABSTRACT INTRODUCTION BUSINESSCONTINUITYPLANNING VULNERABILITY&DISRUPTION AVAILABILITY,RESILIENCE,ANDFLEXIBILITY MANAGEMENTCOMMITMENT:THEEXPECTEDVALUEPARADOX
VIRTUALIZATION:AROADTOTHEFUTURE CONCLUSION REFERENCES ENDNOTES Chapter9.FutureTrendsinDigitalSecurity ABSTRACT INTRODUCTION TRENDS WEB2.0TECHNOLOGIES MOBILECOMPUTINGVERSUSCLOUDCOMPUTING SOCIALNETWORKING SECURITYINTHEWORKPLACE COPYRIGHTANDINTELLECTUALPROPERTY CONTROLLINGTHREATS CONCLUSION REFERENCES CompilationofReferences AbouttheContributors
7.Conclusion Chapter2:CombinedImpactOfOutsourcingAndHardTimesOnBpoRiskAndSecurity Abstract Introduction RisksOfOutsourcing RisksOfEconomicDistress RisksDueToOutsourcingAndEconomicDistress OutsourcingRisksAndTheirMitigation Conclusion Chapter3:AComparisonOfCyberCrimeDefinitionsInIndiaAndTheUnitedStates Abstract Introduction CyberCrime Victims CyberLaw ComparisonOfLegalProvisionsForCybercrimeInIndiaAndTheUs Conclusion Chapter4:EmergencyResponseToMumbaiTerrorAttacks Abstract Introduction Background LiteratureReview MumbaiTerrorAttacks26/11 AnalysisUsingActivityTheory Conclusion
Chapter5:PiratesOfTheCopyrightAndCyberspace Abstract Introduction OverviewOfTheIssuesInvolved Analysis Conclusion Section2:CyberSecurity:TechnologyReview Chapter6:ClassifyingHostAnomalies Abstract 1.Introduction 2.Background 3.TheProposedSystem 4.AnomalyDetectionOntology 5.ResultsAndDiscussion 6.ConclusionAndFutureWork Chapter7:SecuringNextGenerationInternetServices Abstract 1.Introduction 2.NextGenerationInternet(Ngi) 3.SecurityIssuesInNextGenerationInternet 4.NextGenerationInternetServices 5.CloudComputing 6.SecurityChallengesForServicesInTheCloud 7.SecurityRequirementAnalysisForCloudReadyServices 8.SecurityDesignForCloudReadyServices
9.ConstructionOfNgiSecuredServices 10.SecurityTestingForCloudReadyServices 11.SecuredDeployment Chapter8:AnExaminationOfIdentityManagementModelsInAnInternetSetting Abstract 1.Introduction 2.Preliminaries 3.TheTraditionalModel 4.TheOmnipresentAuthorityModel 5.TheCertificateAuthorityModel 6.TheIdentityManagementModel 7.SecurityAspectsOfTheModel 8.OtherConsiderationsForThisModel 9.Summary Chapter9:SecuringCloudEnvironment Abstract 1Introduction 2.Architecture 3.CloudComputingChallenges 4.SecureArchitectureModel Conclusion Chapter10:DosAttacksInManets Abstract Introduction 1.DenialOfService(Dos)
2.PhysicalLayer 3.MediaAccessControlLayer 4.NetworkLayer 6.Conclusion Chapter11:DetectingCheatingAggregatorsAndReportDroppingAttacksInWirelessSensorNetworks Abstract Introduction 2RelatedWork,Assumptions,TechniqueOverview 3ReportFormats:DesignConsiderations 4ReportVerificationAtBs 5Proofs 7SecurityAnalysis 8ExperimentalResults Conclusion Chapter12:ExtendedTimeMachineDesignUsingReconfigurableComputingForEfficientRecording AndRetrievalOfGigabitNetworkTraffic Abstract 1.Introduction 2.TrafficCapture 3.ExtendedTimeMachineDesign 4.PerformanceEvaluation 5.Conclusion Chapter13:MetamorphicMalwareAnalysisAndDetectionMethods Abstract 1.EarlyMalware 2MalwareEvolution
4AnatomyOfMetamorphicViruses 5MetamorphicTechniques 6MalwareDetectionMethods 8StaticCodeAnalysisUsingLongestCommonSubsequence 9ConcludingRemarks Section3:CyberSecurity:MethodsAndAlgorithms Chapter14:TowardsCheckingTamperingOfSoftware Abstract 1Introduction 2TechniquesForDetectingSoftwareTampering 3CapturingProgramCharacteristicsThroughBirthmarks 4Conclusion Chapter15:ComplexityMeasuresOfCryptographicallySecureBooleanFunctions Abstract 1.Introduction 2.BooleanFunctions 3.ComplexityCriterionForBooleanFunctions 4.BoundsAndRelationsOnVariousComplexityMeasures:BoundsOnNonlinearity Conclusion Chapter16:EinsteinPodolskyRosenParadoxAndCertainAspectsOfQuantumCryptologyWithSome Applications Abstract Introduction WhatIsQuantumCryptology? TheEprParadox ApplicationsOfQc
ConcludingRemarks Chapter17:ErrorLinearComplexityMeasuresOfBinaryMultisequences Abstract Introduction Conclusion AppendixA AppendixB AppendixC Chapter18:ASurveyOnDigitalImageSteganographicMethods Abstract 1.GenericEmbeddingAndExtractingScheme 3.TransformDomainEmbeddingTechniques 4.Conclusion CompilationOfReferences AboutTheContributors
IT Security Compliance Management Design Guide with IBM Tivoli Security Information and Event Manager
By: Axel Buecker; Jose Amado; David Druker; Carsten Lorenz; Frank Muehlenbrock; Rudy Tan Publisher: IBM Redbooks Pub. Date: July 16, 2010 Part Number: SG24-7530-01 Print ISBN-10: 0-7384-3446-9 Print ISBN-13: 978-0-7384-3446-9 Pages in Print Edition: 464
Notices Trademarks Preface Theteamwhowrotethisbook Nowyoucanbecomeapublishedauthor,too! Commentswelcome StayconnectedtoIBMRedbooks Summaryofchanges July2010,SecondEdition Part:1Architectureanddesign Chapter1.BusinesscontextforITsecuritycompliancemanagement Section1.1.IntroductiontoITsecuritycompliancemanagement Section1.2.BusinessdriversforITsecuritycompliancemanagement Section1.3.Businessdriversforlogmanagement Section1.4.CriteriaofanITsecuritycompliancemanagementsolution
Section1.5.RecentchallengesforITsecuritycompliancemanagement Section1.6.Conclusion Chapter2.DesigninganITsecuritycompliancemanagementsolution Section2.1.SecurityInformationandEventManagementarchitecture Section2.2.Solutionarchitecture Section2.3.Conclusion Chapter3.IntroducingtheIBMSecurityInformationandEventManagementsolution Section3.1.IntroducingtheIBMSIEMsolution Section3.2.TheIBMSIEMarchitecture Section3.3.Realtimeeventcorrelationandalerting Section3.4.SIEMintegrationscenarios Section3.5.Conclusion Chapter4.IBMTivoliSecurityInformationandEventManagercomponentstructure Section4.1.Logicalcomponents Section4.2.Dataflow Section4.3.Physicalcomponents Section4.4.Deploymentarchitecture Section4.5.Conclusion Chapter5.Compliancemanagementsolutiondesign Section5.1.Functionaldesignandconfiguration Section5.2.Operationaldesignandconfiguration Section5.3.Conclusion Part:2Customerenvironment Chapter6.IntroducingXYZFinancialAccounting Section6.1.Organizationprofile
Section6.2.CurrentITinfrastructure Section6.3.Securitycompliancebusinessobjectives Section6.4.Conclusion Chapter7.Compliancemanagementdesign Section7.1.Businessrequirements Section7.2.Functionalrequirements Section7.3.Designapproach Section7.4.Implementationapproach Section7.5.Conclusion Chapter8.Basicauditing Section8.1.Phaseoneauditing Section8.2.Installingthecluster Section8.3.Phaseonereportingrequirements Section8.4.Enablingandconfiguringauditing Section8.5.ConfiguringStandardServerforneweventsources Section8.6.Installinganagentonthetargetmachine Section8.7.ConfiguringW7groups Section8.8.ComplianceDashboard Section8.9.Selfauditing Section8.10.Conclusion Chapter9.Extendingauditingtoothersupportedplatforms Section9.1.ITenvironment Section9.2.Basicapproach Section9.3.AuditingAIX6.1systems Section9.4.AuditingLotusDominoR6systems
Section9.5.AuditingSAPsystems Section9.6.Addingsyslogreceiverforanytypeofmessages Section9.7.Conclusion Chapter10.Customizedandregulatoryreporting Section10.1.Producingcustomizedreports Section10.2.Usingcompliancemanagementmodules Section10.3.Conclusion Chapter11.Systemzintegration Section11.1.Reportingrequirements Section11.2.Auditsettings Section11.3.Implementation Section11.4.Conclusion Chapter12.Customeventsourceintegration Section12.1.Introductiontocustomeventsources Section12.2.Ubiquitouseventsource Section12.3.W7Logeventsource Section12.4.TheGenericExtendITeventsource Section12.5.Customeventsourcemethodscomparisontable Section12.6.CreatingacustomUISusingGenericExtendIT Section12.7.Conclusion AppendixA:Corporatepolicyandstandards Standards,practices,andprocedures Practicalexample Externalstandardsandcertifications Summary
AppendixB:Additionalmaterial LocatingtheWebmaterial UsingtheWebmaterial Glossary Relatedpublications IBMRedbookspublications Otherpublications Onlineresources HowtogetIBMRedbookspublications HelpfromIBM Index
Securing the Borderless Network: Security for the Web 2.0 World
By: Tom Gillis Publisher: Cisco Press Pub. Date: April 09, 2010 Print ISBN-10: 1-58705-886-3 Print ISBN-13: 978-1-58705-886-8 Web ISBN-10: 1-58714-128-0 Web ISBN-13: 978-1-58714-128-7 Pages in Print Edition: 168
Copyright AbouttheAuthor Acknowledgments Foreword Introduction Chapter1.NetworkSecurityYesterday,Today,andTomorrow TheEvolutionofFirewalls ProxyVersusStatefulInspection FromProxytoStatefulInspectionandBackAgain Endnote Reference Chapter2.CollaborationandWeb2.0Technologies ViralUncertaintyPrinciple OnlyConnectDigitally EasyOnlineCollaboration
EnterpriseLevelOnlineCollaborationTools StorageandApplicationsintheCloud Endnotes Chapter3.BuildingRelationshipswithWeb2.0 DemolishingCommunicationSilos NoFuturefortheFaceless Endnotes References Chapter4.TheCloudComputingRevolution ManagingtheIslands DisconnectedWorkflows:MinimalSecurity SleepingEasierAboutSecurity Endnotes References Chapter5.YoureinSanJose,IminBangaloreLetsMeet BreakthroughTechnology TravelCostsDropDramatically Richer,MoreProductiveMeetings NetworkImplications Endnotes References Chapter6.Watson,CanYouHearUs? HumanNeedforConnectedness CuttingtheCord OneChipMakesYouSmaller
HandheldHarvest:ApplestoBlackBerrys TheseUnprecedentedTimes EvolutionoftheSmartphone Endnotes References Chapter7.TheConsumerizationofIT TalkinboutanEvolution BlameItontheMusic MoreThanJustSmartphones Consumerization:APullandaPush SafelyConsumerizingIT References Chapter8.TheBadGuysfromOutside:Malware ModernMalwareOverview FindingtheWeakPoints SocialEngineeringforSuccess SpammingandPhishingGetTargeted ProfitMotive Endnotes References Chapter9.WhoAreTheseGuys? TheBusinessofMalware StudyingPharmaceuticalSpam OtherLinksintheGlobalChain TakingontheBadGuys
Endnotes References Chapter10.SignsofHope HarnessingtheNetwork ScanningforSignatures BehavioralAnalysisofBadCode ThePowerofReputation GlobalThreatCorrelation CombiningCountermeasures Endnotes Reference Chapter11.AcceptableUsePolicies TheInevitableEvolutionofAUPs GenX/GenYProblem NecessaryNoncompliance AUPsVersustheWilloftheEmployees Endnote References Chapter12.TheRealitiesofDataLoss OneBreach,MultipleShockwaves Insiders CompliancePitfall DLP:ChasingRainbows? Endnotes References
Chapter13.CollaborationWithoutConfidence SayingNoThankstotheCultureofNo OneWorkforce,DiverseNeeds SecureCollaboration:Anytime,Anywhere,fromAnyDevice CountervailingForces Endnotes References Chapter14.IdentityManagement:WeNeedtoKnowifYouAreaDog Identity:TheKeytotheSecurityKingdom EstablishingIdentity AFlexibleIdentityFabric Endnote References Chapter15.SecurityfortheBorderlessNetwork:MakingWeb2.0and3.0SafeforBusiness SecurityPoliciesfortheNewOpenNetworkedWorld TheBorderlessNetworkSecurityArchitecture SuperChargedScanners SecurityEverywhereintheNetwork CollaborationwithConfidence Endnote
Section2.2.CloudDeploymentModels Section2.3.ExpectedBenefits Section2.4.Summary Section2.5.Notes Chapter3.CloudComputingSoftwareSecurityFundamentals Section3.1.CloudInformationSecurityObjectives Section3.2.CloudSecurityServices Section3.3.RelevantCloudSecurityDesignPrinciples Section3.4.SecureCloudSoftwareRequirements Section3.5.SecureCloudSoftwareTesting Section3.6.CloudComputingandBusinessContinuityPlanning/DisasterRecovery Section3.7.Summary Section3.8.Notes Chapter4.CloudComputingRiskIssues Section4.1.TheCIATriad Section4.2.PrivacyandComplianceRisks Section4.3.ThreatstoInfrastructure,Data,andAccessControl Section4.4.CloudServiceProviderRisks Section4.5.Summary Section4.6.Notes Chapter5.CloudComputingSecurityChallenges Section5.1.SecurityPolicyImplementation Section5.2.VirtualizationSecurityManagement Section5.3.Summary Section5.4.Notes
Chapter6.CloudComputingSecurityArchitecture Section6.1.ArchitecturalConsiderations Section6.2.IdentityManagementandAccessControl Section6.3.AutonomicSecurity Section6.4.Summary Section6.5.Notes Chapter7.CloudComputingLifeCycleIssues Section7.1.Standards Section7.2.IncidentResponse Section7.3.EncryptionandKeyManagement Section7.4.Retirement Section7.5.Summary Section7.6.Notes Chapter8.UsefulNextStepsandApproaches Section8.1.GettingAnswers Section8.2.GettingHelp Section8.3.GettingStarted Section8.4.PartingWords Section8.5.Notes AppendixA.GlossaryofTermsandAcronyms
Web Services Security Development and Architecture: Theoretical and Practical Issues
By: Carlos Gutierrez; Eduardo Fernandez-Medina; Mario Piattini Publisher: IGI Global Pub. Date: January 1, 2010 Print ISBN-13: 978-1-60566-950-2 Pages in Print Edition: 424
Copyright EditorialAdvisoryBoard Foreword Preface Acknowledgment Section:1WebServicesSecurityEngineering Chapter1.IdentificationofVulnerabilitiesinWebServicesUsingModelBasedSecurity ABSTRACT INTRODUCTION DISCUSSION REFERENCES ENDNOTES Chapter2.SecurityAnalysisofServiceOrientedSystems:AMethodicalApproachandCaseStudy ABSTRACT INTRODUCTION BACKGROUND RELATEDWORK CONCLUSION
REFERENCES Section:2WebServicesSecurityArchitectures Chapter3.OntologyBasedAuthorizationModelforXMLDatainDistributedSystems ABSTRACT INTRODUCTION BACKGROUND RESEARCHPROBLEMDESCRIPTION RELATEDWORK SYSTEMARCHITECTURE TECHNICALCONTRIBUTIONOFSEMANTICAWAREAUTHORIZATIONMODEL FUTUREWORK CONCLUSION ACKNOWLEDGMENT REFERENCES Chapter4.SecureServiceRatinginFederatedSoftwareSystemsBasedonSOA ABSTRACT INTRODUCTION BACKGROUND DECENTRALIZEDREPUTATIONARCHITECTUREFORFEDERATEDSOABASEDSOFTWARESYSTEMS FUTURERESEARCHDIRECTIONS CONCLUSION REFERENCES Chapter5.ForensicsoverWebServices:TheFWS ABSTRACT INTRODUCTION
BACKGROUND WEBSERVICEATTACKS CHALLENGESINFORENSICSOFWEBSERVICES OVERVIEWOFFWS ACASESTUDY:THEXSSATTACK PROMISESOFFWS RELATEDWORK FUTURERESEARCHDIRECTIONS CONCLUSION REFERENCES ADDITIONALREADING Chapter6.PolicyBasedSecurityEngineeringofServiceOrientedSystems ABSTRACT INTRODUCTION BACKGROUND CONCLUSION REFERENCES Chapter7.SecurityPoliciesinWebServices ABSTRACT 1.INTRODUCTION 2.BACKGROUNDONPOLICIESINWEBSERVICES 3.SECURITYPOLICYINWEBSERVICES 4.SOAANDSOAGOVERNANCE 5.CONCLUSION REFERENCES
Section:3WebServicesSecurityStandards Chapter8.WebServicesSecurity:StandardsandIndustrialPractice ABSTRACT INTRODUCTION THECURRENTSTATUSOFWEBSERVICESSTANDARDS WEBSERVICESSECURITYPRODUCTS WEBSERVICESSECURITYFEATURES CONCLUSION ACKNOWLEDGMENT REFERENCES Chapter9.SecurityinServiceOrientedArchitectures:StandardsandChallenges ABSTRACT 1.INTRODUCTION 2.BACKGROUND 3.SOASECURITYSTANDARDS 4.SOASECURITY:CHALLENGESANDMITIGATIONSTRATEGIES 5.FUTURERESEARCHDIRECTIONSINSOASECURITY 6.CONCLUSION ACKNOWLEDGMENT REFERENCES ADDITIONALREADINGS Section:4WebServicesSecurityThreatsandCountermeasures Chapter10.ASurveyofAttacksintheWebServicesWorld ABSTRACT INTRODUCTION
BACKGROUNDOFNETWORKATTACKS ATTACKSONWEBSERVICES COUNTERMEASURES CONCLUSION FUTUREWORK REFERENCES Chapter11.ThreatModeling:SecuringWeb2.0BasedRichServiceConsumers ABSTRACT INTRODUCTION BACKGROUND RESEARCHPROBLEMDESCRIPTION RELATEDWORK EXISTINGATTACKSINWEB2.0 OURAPPROACHTOTHREATMODELINGFORWEB2.0APPLICATIONS BESTPRACTISES REFERENCES Section:5SelectedReadings Chapter12.ObtainingSecurityRequirementsforaMobileGridSystem ABSTRACT INTRODUCTION SECURITYREQUIREMENTSANDATTACKSONAMOBILEGRIDSYSTEM OVERVIEWOFOURMETHODOLOGY CASESTUDY CONCLUSION ACKNOWLEDGMENT
REFERENCES Chapter13.AnMDACompliantApproachforDesigningSecureDataWarehouses ABSTRACT INTRODUCTION RELATEDWORK ANMDAANDMDSCOMPLIANTAPPROACH CONCLUSION REFERENCES KEYTERMS Chapter14.IPSecOverheadinDualStackIPv4/IPv6TransitionMechanisms:AnAnalyticalStudy ABSTRACT INTRODUCTIONANDBACKGROUND EXPERIMENTALDETAILS APPLICATIONS/PROTOCOLSTESTED FRAMESTRUCTURE RESULTSANDDISCUSSION CONCLUSION REFERENCES Chapter15.AnApproachforIntentionalModelingofWebServicesSecurityRiskAssessment ABSTRACT INTRODUCTION BACKGROUND CORAS INTENTIONALMODELING CONCLUSIONANDFUTURETRENDS
Hacking Exposed Wireless: Wireless Security Secrets & Solutions, Second Edition
By: Johnny Cache; Joshua Wright; Vincent Liu Publisher: McGraw-Hill Pub. Date: August 05, 2010 Print ISBN-10: 0-07-166661-3 Print ISBN-13: 978-0-07-166661-9 Web ISBN-10: 0-07-166662-1 Web ISBN-13: 978-0-07-166662-6 Pages in Print Edition: 510
Copyright AbouttheAuthors AbouttheContributingAuthors AbouttheTechnicalEditors Foreword Acknowledgments Introduction Part1:Hacking802.11WirelessTechnology Chapter1.Introductionto802.11Hacking 802.11InaNutshell DiscoveryBasics HardwareandDrivers Summary Chapter2.ScanningandEnumerating802.11Networks ChoosinganOperatingSystem
WindowsDiscoveryTools WindowsSniffing/InjectionTools OSXDiscoveryTools LinuxDiscoveryTools MobileDiscoveryTools OnlineMappingServices(WIGLEandSkyhook) Summary Chapter3.Attacking802.11WirelessNetworks BasicTypesofAttacks SecurityThroughObscurity DefeatingWEP BringingitAllTogether:CrackingaHiddenMacFiltering,WEPEncryptedNetwork KeystreamRecoveryAttacksAgainstWEP AttackingtheAvailabilityofWirelessNetworks Summary Chapter4.AttackingWPAProtected802.11Networks BreakingAuthentication:WPAPSK BreakingAuthentication:WPAEnterprise BreakingEncryption:TKIP AttackingComponents Summary PartII:Hacking802.11Clients Chapter5.Attack802.11WirelessClients AttackingtheApplicationLayer AttackingClientsUsinganEvilDNSServer
EttercapSupportforContentModification DynamicallyGeneratingRogueAPsandEvilServerswithKarmetasploit DirectClientInjectionTechniques DeviceDriverVulnerabilities WebHackingandWiFi Summary Chapter6.TakingitalltheWay:BridgingtheAirgapfromOSX TheGamePlan MakingtheMostofUserLevelCodeExecution Summary Chapter7.TakingitalltheWay:BridgingtheAirgapfromWindows TheAttackScenario PreparingfortheAttack LocalWirelessReconnaissance RemoteWirelessReconnaissance TargetWirelessNetworkAttack Summary PartIII:HackingAdditionalWirelessTechnologies Chapter8.BluetoothScanningandReconnaissance BluetoothTechnicalOverview PreparingforanAttack Reconnaissance ServiceEnumeration Summary Chapter9.BluetoothEavesdropping
CommercialBluetoothSniffing OpenSourceBluetoothSniffing Summary Chapter10.AttackingandExploitingBluetooth PINAttacks IdentityManipulation AbusingBluetoothProfiles FutureOutlook Summary Chapter11.HackZigBee ZigBeeIntroduction ZigBeeSecurity ZigBeeAttacks AttackWalkthrough Summary Chapter12.HackDECT DECTIntroduction DECTSecurity DECTAttacks Summary AppendixA.ScopingandInformationGathering PreAssessment PuttingitAllTogether
Useracceptance ApplyingLeastPrivilegeSecuritythroughouttheenterprise Managingexpectations Maintainingflexibility Usereducation Summary Chapter3.SolvingLeastPrivilegeProblemswiththeApplicationCompatibilityToolkit QuickcompatibilityfixesusingtheProgramCompatibilityWizard Achievingapplicationcompatibilityinenterpriseenvironments Summary Chapter4.UserAccountControl UserAccountControlcomponents Theshieldicon UserAccountControlaccesstokenmodel Convenientlyelevatingtoadminprivileges Summary Chapter5.ToolsandTechniquesforSolvingLeastPrivilegeSecurityProblems Grantingtemporaryadministrativeprivileges Bypassinguseraccountcontrolforselectedoperations Configuringapplicationstorunwithelevatedprivilegesonthefly SolvingLUAproblemswithAvectoPrivilegeGuard SuppressingunwantedUserAccountControlprompts Settingpermissionsonfilesandregistrykeys FixingproblemswiththeHKeyClassesRootregistryhive Mapping.inifilestotheregistry
UsingLUABuglighttoidentifyfileandregistryaccessviolations Summary Chapter6.SoftwareDistributionusingGroupPolicy InstallingsoftwareusingGroupPolicy Summary Chapter7.ManagingInternetExplorerAddons ActiveXcontrols Managingaddons Summary Chapter8.SupportingUsersRunningwithLeastPrivilege Providingsupport Troubleshootingusingremoteaccess Enablingandusingcommandlineremoteaccesstools Enablingandusinggraphicalremoteaccesstools ConfiguringWindowsFirewalltoallowremoteaccess Summary Chapter9.DeployingSoftwareRestrictionPoliciesandAppLocker Controllingapplications ImplementingSoftwareRestrictionPolicy AppLocker Summary Chapter10.LeastPrivilegeinWindowsXP InstallingWindowsXPusingtheMicrosoftDeploymentToolkit WindowsXPsecuritymodel CDburning
ActiveXcontrols Changingthesystemtimeandtimezone Powermanagement Managingnetworkconfiguration IdentifyingLUAproblemsusingStandardUserAnalyzer Summary Chapter11.PreparingVistaandWindows7forLeastPrivilegeSecurity TheApplicationCompatibilityToolkit CreatingaDataCollectionPackage PrintersandLeastPrivilegeSecurity Logonscripts Whydoadesktoprefreshfromatechnicalperspective? DifferentmethodsofreinstallingWindows ReinstallVistaorWindows7withLeastPrivilegeSecurity Summary Chapter12.ProvisioningApplicationsonSecureDesktopswithRemoteDesktopServices IntroducingRemoteDesktopServices Summary Chapter13.BalancingFlexibilityandSecuritywithApplicationVirtualization MicrosoftApplicationVirtualization4.5SP1forWindowsdesktops VMwareThinApp Summary Chapter14.DeployingXPModeVMswithMEDV Solvingleastprivilegesecurityproblemsusingvirtualmachines MicrosoftEnterpriseDesktopVirtualization(MEDV)
Summary
Hacking Exposed Web Applications: Web Application Security Secrets and Solutions, Third Edition
By: Joel Scambray; Vincent Liu; Caleb Sima Publisher: McGraw-Hill Pub. Date: October 15, 2010 Print ISBN-10: 0-07-174064-3 Print ISBN-13: 978-0-07-174064-7 Web ISBN-10: 0-07-174042-2 Web ISBN-13: 978-0-07-174042-5 Pages in Print Edition: 477
Copyright AbouttheAuthors AbouttheContributingAuthors Foreword Acknowledgments Introduction Chapter1.HackingWebApps101 WhatIsWebApplicationHacking? WhyAttackWebApplications? Who,When,andWhere? HowAreWebAppsAttacked? Summary References&FurtherReading Chapter2.Profiling InfrastructureProfiling
ApplicationProfiling GeneralCountermeasures Summary References&FurtherReading Chapter3.HackingWebPlatforms PointandClickExploitationUsingMetasploit ManualExploitation EvadingDetection WebPlatformSecurityBestPractices Summary References&FurtherReading Chapter4.AttackingWebAuthentication WebAuthenticationThreats BypassingAuthentication SomeFinalThoughts:IdentityTheft Summary References&FurtherReading Chapter5.AttackingWebAuthorization FingerprintingAuthz AttackingACLs AttackingTokens AuthorizationAttackCaseStudies AuthorizationBestPractices Summary References&FurtherReading
Chapter6.InputInjectionAttacks ExpecttheUnexpected WheretoFindAttackVectors BypassClientSideValidationRoutines CommonInputInjectionAttacks CommonCountermeasures Summary References&FurtherReading Chapter7.AttackingXMLWebServices WhatIsaWebService? AttackingWebServices WebServiceSecurityBasics Summary References&FurtherReading Chapter8.AttackingWebApplicationManagement RemoteServerManagement WebContentManagement Misconfigurations Summary References&FurtherReading Chapter9.HackingWebClients Exploits Trickery GeneralCountermeasures Summary
References&FurtherReading Chapter10.TheEnterpriseWebApplicationSecurityProgram ThreatModeling CodeReview SecurityTestingofWebAppCode SecurityintheWebDevelopmentProcess Summary References&FurtherReading AppendixA.WebApplicationSecurityChecklist AppendixB.WebHackingToolsandTechniquesCribsheet
Applied Cryptography for Cyber Security and Defense: Information Encryption and Cyphering
By: Hamid R. Nemati; Li Yang Publisher: IGI Global Pub. Date: August 31, 2010 Print ISBN-13: 978-1-61520-783-1 Print ISBN-10: 1-61520-784-8 Pages in Print Edition: 407
Copyright Dedication ListofReviewers Preface Section:1CryptographyinNetworkingandCyberSpace Chapter1.NetworkSecurity ABSTRACT INTRODUCTION BACKGROUND SSL/TLS CONFIDENTIALITYANDINTEGRITY ONLINEANONYMITY AVAILABILITY KEYMANAGEMENT WIRELESSAVAILABILITYJAMRESISTANCE OPENPROBLEMS ACKNOWLEDGMENT
REFERENCES Chapter2.CryptographyBasedAuthenticationforProtectingCyberSystems ABSTRACT INTRODUCTION BACKGROUND CRYPTOGRAPHYINKNOWLEDGEBASEDAUTHENTICATION CRYPTOGRAPHYKEYBASEDTOKENAUTHENTICATIONANDAUTHENTICATEDKEYEXCHANGE FUZZYEXTRACTORSFORBIOMETRICAUTHENTICATION FUTURERESEARCHDIRECTIONS CONCLUSION REFERENCES APPENDIX Section:2CryptographyinEMailandWebServices Chapter3.EMail,WebServiceandCryptography ABSTRACT INTRODUCTION DEFINITIONANDHISTORY CRYPTOGRAPHY PRACTICALCRYPTOSYSTEMS OTHERALGORITHMS WEBSERVICES EMAILSYSTEM CONCLUSION REFERENCES ENDNOTE
Chapter4.CryptographyinEMailandWebServices ABSTRACT INTRODUCTION EMAILENCRYPTIONINTEGRATION GNUPRIVACYGUARD CHOOSINGANAPPROPRIATEENCRYPTIONALGORITHM(TRACY,JANSENANDBISKER2002) WEBBASEDEMAIL NEXTGENERATIONEMAILANDSECUREEMAIL CRYPTOGRAPHYINWEBSERVICES OASIS(OASIS,2009) SAML FUTUREOFWEBSERVICESECURITY CONCLUSION REFERENCES ENDNOTE Chapter5.AppliedCryptographyinEMailServicesandWebServices ABSTRACT INTRODUCTION COMMONLYUSEDCRYPTOGRAPHICCIPHERSANDSECURITYPROTOCOLS SECURITYSTANDARDS PUBLICKEYINFRASTRUCTURE(PKI) APPLIEDCRYPTOGRAPHYINEMAILSERVICES PRETTYGOODPRIVACY(PGP)ANDOPENPGP SECURE/MULTIPURPOSEINTERNETMAILEXTENSION(S/MIME) S/MIMEV3VS.OPENPGP
APPLIEDCRYPTOGRAPHYINWEBSERVICES SSL/TLS CONCLUSION REFERENCES Section:3CryptographyinWirelessCommunication Chapter6.AppliedCryptographyinWirelessSensorNetworks ABSTRACT INTRODUCTION KEYMANAGEMENT SECURITYPROTOCOLSFORSENSORNETWORKS(SPINS) LOCALIZEDENCRYPTIONAUTHENTICATIONPROTOCOL(LEAP) LINKLAYERSECURITYPROTOCOL:TINYSEC PATHKEYESTABLISHMENT AUTHENTICATION,INTEGRITY,CONFIDENTIALITYANDDATAFRESHNESS PUBLICKEYCRYPTOGRAPHYFORWIRELESSSENSORNETWORKS ECCIMPLEMENTATIONFORWIRELESSSENSORNETWORKS IDENTITYBASEDENCRYPTION FUTURERESEARCHDIRECTIONS CONCLUSION REFERENCES Chapter7.AppliedCryptographyinInfrastructureFreeWirelessNetworks ABSTRACT INTRODUCTION CRYPTOGRAPHICTOOLS APPLICATIONSOFTHRESHOLDCRYPTOGRAPHYINMANET
CHALLENGESANDSOLUTIONSINSECURINGWIRELESSSENSORNETWORKS CONCLUSION REFERENCES Section:4CryptographyinElectronicCommerce Chapter8.AppliedCryptographyinElectronicCommerce ABSTRACT INTRODUCTION BACKGROUND AUTHENTICATIONONTHEWEB SSL/TSL IDENTITYMANAGEMENT DIGITALRIGHTSMANAGEMENT FUTURETRENDSANDTHREATSINELECTRONICCOMMERCE CONCLUSION ACKNOWLEDGMENT REFERENCES ENDNOTES Chapter9.AnElectronicContractSigningProtocolUsingFingerprintBiometrics ABSTRACT INTRODUCTION FAIRELECTRONICEXCHANGE MICALI'SELECTRONICCONTRACTSIGNINGPROTOCOL BAO'SELECTRONICCONTRACTSIGNINGPROTOCOL OURSYSTEM ANALYSIS
CONCLUSION REFERENCES Section:5CryptographyinEmergingAreas Chapter10.SecureandPrivateServiceDiscoveryinPervasiveComputingEnvironments ABSTRACT INTRODUCTION BACKGROUND PRUDENTEXPOSURESERVICEDISCOVERY PROGRESSIVEANDPROBABILISTICEXPOSURE FUTURERESEARCHDIRECTIONS CONCLUSION REFERENCES Chapter11.MultimediaInformationSecurity:CryptographyandSteganography ABSTRACT INTRODUCTION IMAGEENCRYPTION JOINTCOMPRESSIONENCRYPTIONMETHODOLOGIES VIDEOENCRYPTION INTRODUCTIONTOIMAGE/VIDEOINFORMATIONHIDING LOWBITRATEINFORMATIONHIDINGALGORITHMS HIGHBITRATEINFORMATIONHIDINGALGORITHMS EMBEDDINGSTRATEGIESFORDIGITALVIDEOS CONCLUSION REFERENCES Chapter12.SecureElectronicVotingwithCryptography
ABSTRACT INTRODUCTION BACKGROUND SECURITYPROPERTIESOFCOMPUTERVOTING:ISSUESANDCHALLENGES BUILDINGBLOCKS CRYPTOGRAPHYBASEDEVOTINGSCHEME FUTURERESEARCHDIRECTIONS CONCLUSION ACKNOWLEDGMENT REFERENCES ADDITIONALREADING Chapter13.BiometricSecurityintheEWorld ABSTRACT INTRODUCTION SECURITYCHALLENGESINTHEEWORLD ICT,TRUST,PRIVACY&SECURITY USERAUTHENTICATIONMETHODS BIOMETRICS:CLARIFYINGENROLLMENT,VERIFICATIONANDIDENTIFICATION STAGESINTHEFUNCTIONINGOFABIOMETRICSYSTEM TYPESOFBIOMETRICSYSTEMS ADVANTAGESANDDRAWBACKSOFBIOMETRICTECHNIQUES PERFORMANCEMEASUREMENTINBIOMETRICS USABILITYANDACCESSIBILITYCONCERNSABOUTBIOMETRICS PUBLICMISCONCEPTIONSABOUTBIOMETRICS FUTUREDIRECTIONSINBIOMETRICSECURITY
SIMONONPROGRAMSOFDESIGN CONCLUSION REFERENCES ADDITIONALREADING ENDNOTES APPENDIX:DISCUSSIONQUESTIONS Chapter2.TowardWhatEnd?ThreeClassicalTheories ABSTRACT INTRODUCTION CONCLUSION REFERENCES ADDITIONALREADING ENDNOTES APPENDIX:DISCUSSIONQUESTIONS Chapter3.BalancingPolicies,Principles,andPhilosophyinInformationAssurance ABSTRACT INTRODUCTION BACKGROUND ANOVERVIEWOFPOLICYBASEDVS.PRINCIPLEBASEDETHICALSYSTEMS DEVELOPINGAFOCUSONPRINCIPLES REFERENCES ENDNOTE APPENDIX:DISCUSSIONQUESTIONS Section:2PrivateSector Section2.Introduction
Chapter4.InternationalEthicalAttitudesandBehaviors:ImplicationsforOrganizationalInformation SecurityPolicy ABSTRACT INTRODUCTION BACKGROUND RESEARCHQUESTIONS METHODSANDPROCEDURES RESULTS DISCUSSION FUTURERESEARCHDIRECTIONS CONCLUSION REFERENCES ADDITIONALREADING KEYTERMSANDDEFINITIONS ENDNOTES APPENDIX:SCENARIOQUESTIONS APPENDIX:DISCUSSIONQUESTIONS Chapter5.PeertoPeerNetworks:InterdisciplinaryChallengesforInterconnectedSystems ABSTRACT INTRODUCTION THEROOTOFTHEPROBLEM:CONFLICTINGINCENTIVES ABRIEFREVIEWOFLEGALISSUESANDREMEDIESINP2PNETWORKS CONCLUSION ACKNOWLEDGMENT REFERENCES ENDNOTES
APPENDIX:DISCUSSIONQUESTIONS Chapter6.ResponsibilityfortheHarmandRiskofSoftwareSecurityFlaws ABSTRACT INTRODUCTION BACKGROUND VULNERABILITYDISCLOSURE CONCLUSION ACKNOWLEDGMENT REFERENCES ADDITIONALREADING ENDNOTE APPENDIX:DISCUSSIONQUESTIONS Chapter7.Social/EthicalIssuesinPredictiveInsiderThreatMonitoring ABSTRACT INTRODUCTION BACKGROUND DATAMONITORINGCHALLENGES CONSIDERATIONSOFPRIVACYLAWANDETHICS PSYCHOSOCIALDATAUSEDINAPROTOTYPEPREDICTIVEMODEL CHALLENGESTOPREDICTIVEMODELINGOFINSIDERTHREAT CONCLUSIONSANDFUTURERESEARCHDIRECTIONS ACKNOWLEDGMENT REFERENCES KEYTERMSANDDEFINITIONS ENDNOTES
APPENDIX:DISCUSSIONQUESTIONS Chapter8.BehavioralAdvertisingEthics ABSTRACT INTRODUCTION BACKGROUND BEHAVIORALADVERTISINGETHICS FUTURERESEARCHDIRECTIONS CONCLUSION REFERENCES KEYTERMSANDDEFINITIONS ENDNOTES APPENDIX:DISCUSSIONQUESTIONS Section:3EmergingIssuesandthePublicSector Section3.Introduction REFERENCES Chapter9.Ethics,Privacy,andtheFutureofGeneticInformationinHealthcareInformationAssurance andSecurity ABSTRACT INTRODUCTION BACKGROUNDOFPHARMACOGENOMICS THEPROMISEOFPHARMACOGENOMICS ETHICSANDGENETICINFORMATION EXISTINGLAWS IMPLICATIONSFORINFORMATIONASSURANCEANDSECURITY CONCLUSION REFERENCES
ENDNOTES APPENDIX:DISCUSSIONQUESTIONS Chapter10.PrivacyandPublicAccessintheLightofEGovernment:TheCaseofSweden ABSTRACT INTRODUCTION BACKGROUND BENEFITSANDRISKSWITHESERVICES EGOVERNMENTANDLEGISLATIONINEUROPE APHILOSOPHICALPERSPECTIVEONPRIVACY PRIVACY,TRANSPARENCYANDPUBLICACCESSTOOFFICIALDOCUMENTS SIXSWEDISHGOVERNMENTALAGENCIES'VIEWONESERVICESANDPRIVACY FUTURERESEARCHDIRECTIONS CONCLUSION REFERENCES ENDNOTE APPENDIX:DISCUSSIONQUESTIONS Chapter11.DataBreachDisclosure:APolicyAnalysis ABSTRACT INTRODUCTION BACKGROUND POLICYANALYSIS CONCLUSIONANDFUTURERESEARCH REFERENCES ENDNOTES APPENDIX:DISCUSSIONQUESTIONS
Chapter2.ModelingAccessControlinHealthcareOrganizations ABSTRACT INTRODUCTION OVERVIEWOFACCESSCONTROL MODELINGACCESSCONTROL FUTURERESEARCHDIRECTIONS CONCLUSION ACKNOWLEDGMENT REFERENCES KEYTERMSANDDEFINITIONS Section:2IncreasingtheFlexibilityofAccessControlMechanisms Chapter3.AContextAwareAuthorizationModelforProcessOrientedPersonalHealthRecordSystems ABSTRACT INTRODUCTION BACKGROUND MOTIVATINGSCENARIO SYSTEMARCHITECTURE ACCESSCONTROLMODEL ACCESSCONTROLMECHANISM PROTOTYPEIMPLEMENTATION CONCLUDINGREMARKS FUTURERESEARCHDIRECTIONS REFERENCES ADDITIONALREADING KEYTERMSANDDEFINITIONS
Chapter4.ImprovingSecurityPolicyCoverageinHealthcare ABSTRACT INTRODUCTION BACKGROUND FORMALMODEL USECASESCENARIO FUTUREWORK CONCLUSION REFERENCES ADDITIONALREADING KEYTERMSANDDEFINITIONS ENDNOTE Chapter5.FlexibilityandSecurityofCareflowSystemsModeledbyPetriNets ABSTRACT INTRODUCTION BACKGROUND REQUIREMENTSFORPROCESSORIENTEDCLINICALINFORMATIONSYSTEMS IMPLEMENTINGWORKFLOWFLEXIBILITY ADAPTIVEWORKFLOWSWITHWORKLETSANDEXCEPTIONHANDLING CASEHANDLINGWORKFLOWSFORHEALTHCARE YAWLYETANOTHERWORKFLOWLANGUAGE CASESTUDY:CAREFLOWPROCESSFORCUTANEOUSMELANOMA INTERORGANIZATIONALCAREFLOWSYSTEMS MULTILEVELSECURITY MERGINGMULTILEVELSECURITYINTOINTERORGANIZATIONALWORKFLOWS
CORRECTNESSOFINTERORGANIZATIONALWORKFLOWS FUTURERESEARCHDIRECTIONS CONCLUSION REFERENCES ADDITIONALREADING KEYTERMSANDDEFINITIONS Section:3CertificationandEvaluationofSecurity Chapter6.InformationSecurityStandardsforHealthInformationSystems:TheImplementer'sApproach ABSTRACT INTRODUCTION BACKGROUNDONSTANDARDSANDCERTIFICATIONS ISO27000STANDARDSFORHEALTHCAREINFORMATIONSYSTEMS ISO/IEC27799:2008APRACTICALAPPROACH FUTURERESEARCHDIRECTIONS CONCLUSION REFERENCES KEYTERMSANDDEFINITIONS Chapter7.StatisticalModelsforEHRSecurityinWebHealthcareInformationSystems ABSTRACT INTRODUCTION BACKGROUNDONELECTRONICHEALTHRECORDS SECURITYINHEALTHCARE QUALITYOFHEALTHCARE SOFTWARERELIABILITY FUTURERESEARCHDIRECTIONS
CONCLUSION REFERENCES KEYTERMSANDDEFINITIONS Section:4TrustinHealthcareNetworks(andCommunities) Chapter8.IdentityManagementandAuditTrailSupportforPrivacyProtectioninEHealthNetworks ABSTRACT INTRODUCTION BACKGROUND TELEMEDICINESCENARIOINACIRCLEOFTRUSTARCHITECTURE PRIVACYPROTECTION FUTURERESEARCHDIRECTIONS CONCLUSIONS REFERENCES KEYTERMSANDDEFINITIONS Chapter9.CertificationandSecurityIssuesinBiomedicalGridPortals:TheGRISSOMCaseStudy ABSTRACT INTRODUCTION BACKGROUND SECURITYREQUIREMENTSFORBIOMEDICALGRIDPORTALS BASICGRIDSECURITYMECHANISMS THEGRISSOMPORTALINBRIEF SECURITYASPECTSOFTHEGRISSOMPORTAL SUMMARYANDCONCLUSIONS FUTUREWORKDIRECTIONS REFERENCES
KEYTERMSANDDEFINITIONS APPENDIXA APPENDIXB Chapter10.Health2.0andMedicine2.0:Safety,OwnershipandPrivacyIssues ABSTRACT INTRODUCTION BACKGROUND FUTURERESEARCHDIRECTIONS CONCLUSION REFERENCES ADDITIONALREADING KEYTERMSANDDEFINITIONS Section:5SecurityinWirelessandMobileHealthcareApplications Chapter11.SecuringandPrioritizingHealthInformationinTETRANetworks ABSTRACT INTRODUCTION BACKGROUND TETRANETWORKS EFFICIENTCOMMUNICATIONS SECURITYFUNCTIONS WIRELESSHEALTHMONITORING UTILIZATIONOFTETRANETWORKFORHEALTHINFORMATIONTRANSFER CONCLUSION REFERENCES WEBSITES
KEYTERMSANDDEFINITIONS Section:6LegalAspectsofSecurityinHealthcare Chapter12.OnlineAdvertisinginRelationtoMedicinalProductsandHealthRelatedServices:Data& ConsumerProtectionIssues ABSTRACT INTRODUCTION BACKGROUND:ONLINEADVERTISINGOFMEDICINALPRODUCTSANDSERVICES LEGALIMPLICATIONSFROMTHEELECTRONICPROMOTIONOFMEDICINALPRODUCTS CONSUMERPROTECTIONISSUES CONCLUSION REFERENCES KEYTERMSANDDEFINITIONS ENDNOTES Section:7CaseStudies:HowHealthcareProfessionalsandStudentsPerceiveSecurity Chapter13.PasswordSharingandHowtoReduceIt ABSTRACT INTRODUCTION BACKGROUND PASSWORDSHARING DISCUSSIONANDRECOMMENDATIONS CONCLUSION REFERENCES ADDITIONALREADING KEYTERMSANDDEFINITIONS Chapter14.BehavioralSecurity:InvestigatingtheAttitudeofNursingStudentsTowardSecurity ConceptsandPractices
ABSTRACT INTRODUCTION BACKGROUND METHODS RESULTS FUTURERESEARCH CONCLUSION ACKNOWLEDGMENT REFERENCES KEYTERMSANDDEFINITIONS CompilationofReferences
HEALTHCAREINDUSTRY HEALTHINFORMATIONTECHNOLOGYFORECONOMICANDCLINICALHEALTHACTORHITECHACT FINANCIALANDBANKINGINDUSTRY PERSONALPRIVACYPROTECTION PATRIOTACT CONCLUSION REFERENCES Chapter3.TheImpactofPrivacyLegislationonPatientCare:ACanadianPerspective ABSTRACT INTRODUCTION BACKGROUND METHODOLOGY RESULTS DISCUSSION CONCLUSIONANDRECOMMENDATIONS REFERENCES Chapter4.APrivacyProtectionModelforPatientDatawithMultipleSensitiveAttributes1 ABSTRACT INTRODUCTION RELATEDWORK PRIVACYMODELOVERMULTIPLESENSITIVEATTRIBUTES METHODTOIMPLEMENTTHEMODEL EXPERIMENTALEVALUATION CONCLUSION REFERENCES
ENDNOTE Chapter5.ProtectingPatientInformationinOutsourcedTelehealthServices:BoltingonSecurityWhenit CannotbeBakedin ABSTRACT INTRODUCTION CONCLUSION REFERENCES ENDNOTE Chapter6.ObtainingPatient'sInformationfromHospitalEmployeesthroughSocialEngineering Techniques:AnInvestigativeStudy ABSTRACT INTRODUCTION BACKGROUND RESEARCHMETHODOLOGY FUTURETRENDS CONCLUSION REFERENCES APPENDIXA Chapter7.EffectsofIndividualTrustinBroadcastMediaandtheInternetonPrivacyRiskingUsesofE Health:AnExpandedAnalysis ABSTRACT INTRODUCTION BACKGROUND RESEARCHDESIGN RESEARCHMETHOD RESULTS DISCUSSION
LIMITATIONS CONCLUSION REFERENCES APPENDIX Chapter8.SafeguardingthePrivacyofElectronicMedicalRecords ABSTRACT INTRODUCTION PATIENTPRIVACYINHEALTHCARE FEDERALMEDICALPRIVACYRULE PRIVACYPOLICIESFORSAFEGUARDINGTHEPRIVACYOFEMRS THEM.D.ANDERSONCASEOVERVIEWANDFINDINGS CONCLUSION REFERENCES Chapter9.UsingStatisticalTextureAnalysisforMedicalImageTamperProofing ABSTRACT INTRODUCTION CONCLUSION REFERENCES Chapter10.PrivacyInferenceDisclosureControlwithAccessUnrestrictedDataAnonymity1 ABSTRACT INTRODUCTION RELATEDWORK CONCEPTSANDNOTATIONS ANONYMITYPRINCIPLESANDRULES DATAANONYMITYANALYSIS
KNOWLEDGEBASEDPRIVACYINFERENCE DATAANONYMITYVS.PRIVACYINFERENCE CONCLUSION ACKNOWLEDGMENT REFERENCES ENDNOTE Chapter11.DesigningEfficientSecurityServicesInfrastructureforVirtualizationOrientedArchitectures * ABSTRACT INTRODUCTION PROPOSEDARCHITECTURE VIRTUALIZATION PLUGABILITY DESCRIPTIONOFTHEARCHITECTURE SECURITYBROKERING HOWVIPSECRESPONDSTHESECURITYREQUIREMENTS TRUSTESTABLISHMENT ASSESSMENTOFVIPSECFUNCTIONALITIES CONCLUSION REFERENCES ENDNOTE Chapter12.ArchitecturalSupportforEnhancingCriticalSecretsProtectioninChipMultiprocessors ABSTRACT INTRODUCTION RELATEDWORK ATTACKMODEL
SECURECHIPMULTIPROCESSORARCHITECTURE SECCMPSUPPORTEDCRITICALINFORMATIONACCESSANDSHARING SECURITYANDCOMPLEXITYANALYSIS PERFORMANCEANALYSIS CONCLUSION REFERENCES Chapter13.MemoryBasedAntiForensicToolsandTechniques ABSTRACT INTRODUCTION ACTINGANONYMOUSLY WIRELESSANTIFORENSICSMETHODS MEMORYBASEDBOOTABLEENVIRONMENTS CRITICALDISCUSSIONANDEVALUATIONOFTHEMEMORYBASEDANTIFORENSICTOOLSAND TECHNIQUES CONCLUSION REFERENCES Chapter14.LifeCyclePatternStudyofMaliciousCodes ABSTRACT INTRODUCTION METHODOLOGY FINDINGS DISCUSSIONSANDCONCLUSION REFERENCES APPENDIXA Chapter15.TrustBasedUsageControlinCollaborativeEnvironment ABSTRACT
INTRODUCTION AFRAMEWORKTOINTEGRATIONTRUSTINTOUSAGECONTROL ARCHITECTUREOFTRUSTBASEDUSAGECONTROLINFILESHARING PROTOTYPESIMULATION CONCLUSION REFERENCES Chapter16.WillitbeDisclosureorFabricationofPersonalInformation?:AnExaminationofPersuasion StrategiesonProspectiveEmployees ABSTRACT INTRODUCTION RESEARCHFRAMEWORK RESEARCHMETHOD DATAANALYSIS DISCUSSION REFERENCES APPENDIXA.SCENARIOSCRIPTS AppendixB.ManipulationCheckQuestionnaire AppendixC.ResearchConstructsandMeasures Chapter17.ComputerSecurityPracticesandPerceptionsoftheNextGenerationofCorporateComputer Users ABSTRACT INTRODUCTION RELATEDLITERATURE METHODOLOGY RESULTS DISCUSSIONANDNEEDEDFUTURERESEARCHDIRECTIONS
REFERENCES Chapter18.DesignandImplementationofaFrameworkforAssuredInformationSharingAcross OrganizationalBoundaries ABSTRACT INTRODUCTION ASSUREDINFORMATIONSHARING DESIGNANDIMPLEMENTATIONOFTHEFRAMEWORK SUMMARYANDDIRECTIONS ACKNOWLEDGMENT REFERENCES APPENDIX Chapter19.ASecureandTrustfuleOrderingArchitecture(TOES)forSmallandMediumSizeEnterprises (SMEs) ABSTRACT INTRODUCTION STATEOFTHEARTANDREQUIREMENTS TOES:ASECUREANDTRUSTFULEORDERINGSERVICE ASSESSMENT CONCLUSION,FUTUREWORKANDACKNOWLEDGMENT REFERENCES Chapter20.SEACON:AnIntegratedApproachtotheAnalysisandDesignofSecureEnterprise ArchitectureBasedComputerNetworks ABSTRACT INTRODUCTION CURRENTWORKONDEVELOPINGSECURECOMPUTERNETWORKS ANINTEGRATEDAPPROACHTOSECURENETWORKANALYSISANDDESIGN ANILLUSTRATIONOFTHESEACONMETHOD
CONCLUSIONANDLIMITATIONS REFERENCES Chapter21.SpamClassificationBasedonEMailPathAnalysis ABSTRACT INTRODUCTION RELATEDWORK SPAMCLASSIFICATIONMETHODOLOGY VALIDATIONOFTHECLASSIFICATIONARCHITECTURE CONCLUSIONANDFUTUREWORK REFERENCES ENDNOTES Chapter22.ADecentralizedSecurityFrameworkforWebBasedSocialNetworks ABSTRACT INTRODUCTION BACKGROUND CERTIFICATEPROTECTION SECURITYANALYSIS CONCLUSIONANDFUTUREWORK REFERENCES ENDNOTES APPENDIX:PROTOCOLS CompilationofReferences
Chapter2:HealthCareInformationSystemsAndTheRiskOfPrivacyIssuesForTheDisabled Abstract Introduction Background PrivacyAndDisabilityLegislation TheHighPotentialForSecurityBreaches IncreasedPrivacyExposureInTheNetworkForDisabilityCare GlobalPrivacyConsiderationsAndTheDisabled MedicalRecordsAccessAndPatientRights DevelopmentallyDisabledEmploymentPractices HealthCarePreEmploymentInformationRequestsAndPatientPrivacy DependentCare DevelopmentalEducationAndPrivacy AccurateAndSecureConversionOfPatientFiles SecuringOnlineAccessToMedicalRecords Conclusion Chapter3:HippocraticDatabaseAndActiveEnforcement Abstract Introduction HippocraticOath,ConfidentialityAndBeneficence HippocraticDatabaseAndActiveEnforcementOverview EuropeanUnionDataProtectionDirective OrganizationOfEconomicCooperationAndDevelopment HealthInsurancePortabilityAndAccountabilityAct HdbActiveEnforcement
Conclusion Chapter4:ImplementationIssuesOnANationalElectronicHealthRecordNetwork Abstract Introduction BackgroundOfRegulatoryControlsInHealthCare HealthInformationExchange ObstaclesToTheImplementationOfElectronicHealthRecords PhysicianConcerns PatientConcerns GlobalConcerns SensitiveDataConcerns SecurityConcerns LegalIssues EffectiveMeasuresToCounterObstacles Conclusion Chapter5:HealthKioskTechnologies Abstract Introduction AdministrativeAndInformationGathering Dispensing PersonalHealthServicesAndWellbeing AdoptionAndSpread Dedication Chapter6:EhealthGovernance,AKeyFactorForBetterHealthCare Abstract
Introduction Ict ItAndEhealthGovernance EhealthAndHealthServiceOrganisationStrategicAlignment PerceptionOfBusinessItAlignment ItGovernanceStandards,FrameworksAndTools TheStagesImplementingItGovernanceWithinTheHealthCareOrganisations Section2:SecurityInTheHealthcareIndustry Chapter7:BusinessContinuityAndDisasterRecoveryConsiderationsForHealthcareTechnology Abstract Introduction HealthcareTechnologyConsiderations AProjectApproachToHealthcareTechnologyBc/DrPlanning ManagingADrEnvironmentAndABcCultureInAHealthcareSetting Conclusion Chapter8:EDiscoveryAndHealthCareIt Abstract Introduction GetToKnowTheSystemBetter LawsRelatingToTheHealthcareIndustry ImplementationOfAPolicyToAddressTheNewEDiscoveryRules BestPracticesForMessageManagement CapabilityToEnforceALitigationHold LitigationResponsePlan Conclusion
Chapter9:TheNationwideHealthInformationNetwork Abstract Introduction Background SolutionsAndRecommendations FutureResearchDirections Conclusion Chapter10:AMedicalDataTrustworthinessAssessmentModel Abstract Introduction RelatedWork ATrustNotationForElectronicHealthRecords PreviousWork:ReputationSystems BetaReputationSystem DirichletReputationSystem SubjectiveLogic MedicalDataTrustworthinessNetworkStructure HealthcareAuthority ReputationCentre MedicalDataTrustworthinessAssessmentService MdtaProtocol MeasuringTheTrustworthinessOfMedicalData InternalAssessment ExternalAssessment CaseScenario
Implementation Conclusion Chapter11:UsingBiometricsToSecurePatientHealthInformation Abstract Introduction Background MainFocus Recommendations FutureResearchDirections Conclusion Section3:EthicalImplicationsOfSecurityMonitoringInHealthCare Chapter12:UbiquitousUseOfRfidInTheHealthIndustry Abstract WhatIsRfid? CategoriesOfTypicalRfidUseInHealthcare RfidUseToManagePatientsAndEmployees RfidUseToTrackMedicalAssets RfidUseToTrackMedicalRecords RfidUseToTrackMedicationAndMedicalSupplies RfidUseToImproveInfectionControl Conclusion Chapter13:CaughtInTheWeb Abstract Introduction TheConceptOfPrivacy
TheConceptOfConfidentiality Physical,Informational,AndDecisionalPrivacy PublicConcerns MisusesOfPatientHealthData FairInformationPractices EvolutionOfANationalHealthInformationNetwork ProtectingMedicalPrivacyAndConfidentiality Conclusion Chapter14:Nursing,Ethics,AndHealthcarePolicy Abstract Introduction Conclusion Chapter15:WhyDoesn'TInformationSystemsVisionExistInTheHealthcareSector? Abstract Introduction LookingForEvidence OrganizingVisionForItInitiatives WhyHaveInformationSystemsVisionForHealthcare? A`GoodForHealthcare'Label Conclusion CompilationOfReferences AboutTheContributors
InternationalInitiatives WhyDoWeNeedtoSecuretheSmartGrid? Summary Endnotes Chapter2.ThreatsandImpacts:Consumers ConsumerThreats NaturallyOccurringThreats IndividualandOrganizationalThreats ImpactsonConsumers ImpactsonAvailability FinancialImpacts LikelihoodofAttack Summary Endnotes Chapter3.ThreatsandImpacts:UtilityCompaniesandBeyond Confidentiality Integrity Availability Summary Endnotes Chapter4.FederalEfforttoSecureSmartGrids U.S.FederalGovernment DOE FERC NIST
DHSNIPP OtherApplicableLaws SponsoringSecurity BureaucracyandPoliticsinSmartGridSecurity Summary Endnotes Chapter5.StateandLocalSecurityInitiatives StateGovernment StateRegulatoryBodies StateCourts PromotingSecurityEducation PoliticsandtheSmartGrid Summary Endnotes Chapter6.PublicandPrivateCompanies IndustryPlansforSelfPolicing ComplianceVersusSecurity HowTechnologyVendorsCanFilltheGaps HowUtilityCompaniesCanFilltheGaps Summary Endnotes Chapter7.AttackingtheUtilityCompanies Motivation NetworkAttacks SystemAttacks
ApplicationAttacks WirelessAttacks SocialEngineeringAttacks PhysicalAttacks PuttingItAllTogether Summary Endnotes Chapter8.SecuringtheUtilityCompanies SmartGridSecurityProgram Top12TechnicalPracticestoSecuretheSmartGrid Summary Endnotes Chapter9.ThirdPartyServices ServiceProviders AttackingConsumers AttackingServiceProviders SecuringThirdPartyAccesstotheSmartGrid Summary Endnotes Chapter10.MobileApplicationsandDevices WhyMobileApplications? Platforms Trust Attacks SecuringMobileDevices
SecureMobileApplications Summary Endnotes Chapter11.SocialNetworkingandtheSmartGrid TheSmartGridGetsSocial SocialNetworkingThreats SmartGridSocialNetworkingSecurityChecklist Summary Endnotes Chapter12.AttackingSmartMeters OpenSourceSecurityTestingMethodologyManual(OSSTMM) NISTSpecialPublication80042:GuidelineonNetworkSecurityTesting Summary Endnotes Chapter13.AttackingSmartDevices SelectingaTargetSmartDevice AttackingaSmartDevice Summary Endnotes Chapter14.What'sNext? Timeline WhatShouldConsumersExpect? WhatShouldSmartGridTechnologyVendorsExpect? WhatShouldUtilityCompaniesExpect? WhatShouldSecurityProfessionalsExpectandWhatDoTheyPredict?
Privacy Means Profit: Prevent Identity Theft and Secure You and Your Bottom Line
By: John Sileo Publisher: John Wiley & Sons Pub. Date: August 09, 2010 Print ISBN: 978-0-470-58389-0 Web ISBN: 0-470583-89-4 Pages in Print Edition: 256
Copyright Dedication Acknowledgments Part1:BootCamp:PrivacyMeansProfit Chapter1.MotivatetheTroops Section1.1.LetMyFailureMotivateYourChange Section1.2.TheThreeEnemiesofPrivacy:Apathy,Ignorance,andInaction Section1.3.InactionDestroyedMyBusiness Section1.4.HowtoGettheMostOutofThisBook Chapter2.DefinetheProblem Section2.1.WhatIsIdentity? Section2.2.CommonSourcesofIdentity Section2.3.HowIndividuals'IdentitiesAreStolen(It'sNotAllCybercrime) Section2.4.DefiningCommonMethodsofTheft Section2.5.TheFiveMainTypesofIdentityTheft Section2.6.FailuretoDefine Chapter3.EngagetheBrain
Section3.1.ThinkLikeaSpy Section3.2.TheSevenMindSetsofaSpy Section3.3.FieldCombat:TargettheEnemy Part2:BasicTraining:ThinkLikeaSpy Chapter4.TheFirstMindSet:EliminatetheSource Section4.1.EliminateMindSet Section4.2.EliminatetheSource Chapter5.TheSecondMindSet:DestroytheData Section5.1.DestroyMindSet Section5.2.DestroyPhysicalInformation:Files,Documents,CreditCards Section5.3.DestroyPhysicalInformation Section5.4.DestroyDigitalInformation:Disks,Emails,CDs Chapter6.TheThirdMindSet:SecuretheSystems Section6.1.SecureMindSet Section6.2.SecureYourComputer Section6.3.HireaProfessional Section6.4.FifteenWaystoProtectYourComputer Section6.5.UseYourComputertoHelpPreventIdentityTheft Chapter7.TheFourthMindSet:LocktheDocs Section7.1.LockMindSet Section7.2.CreateaSafeHouse Section7.3.EssentialIdentityDocumentsandHowtoLockThem Section7.4.LockYourVitalPhysicalDocuments Section7.5.SecuringYourMail Chapter8.TheFifthMindSet:EvaluatetheRisk
Section8.1.EvaluateMindSet Section8.2.SocialEngineersExploitOurDistractedMinds Section8.3.ThePrivacyReflex:Trigger,Reflex,andResponse Chapter9.TheSixthMindSet:InterrogatetheEnemy Section9.1.InterrogateMindSet Section9.2.TheFourPhasesofInterrogation:ConJOB Section9.3.RiskScenarios:PracticeInterrogatingtheEnemy Chapter10.TheSeventhMindSet:MonitortheSigns Section10.1.MonitorMindSet Section10.2.CreateaDossier Section10.3.MonitorYourCreditReportConsistently Section10.4.MonitorYourFinancialTransactionsEffortlessly Section10.5.MonitorYourAnnualSocialSecurityStatement Section10.6.MakePhotocopiesandLogs Part3:FieldCombat:TargettheEnemy Chapter11.DeployTargetingStrategies:Accumulate,Prioritize,andAdapt Section11.1.Victory#1:BuildingaCultureofPrivacyfromtheAshesofFailure Section11.2.TargettheEnemy:ThreePrinciples Chapter12.DefendOnlineIdentity:SocialNetworkingandtheCloud Section12.1.DefendMindset Section12.2.SocialNetworking'sSecretWeapon:Trust Section12.3.ThirteenHazardsofSocialNetworking Section12.4.TenStepstoSaferFacebooking Section12.5.Email Section12.6.Google
Chapter13.ProtectMobileData:LaptopResponsibility Section13.1.MobileDataDeviceResponsibilitiesandBestPractices Chapter14.TravelwithCare:BusinessTripsandVacations Section14.1.BeforeYouLeaveHome Section14.2.DuringTravel Section14.3.UponReturningHome Chapter15.RecoverYourIdentity:WhenAllElseFails Section15.1.ActionItemsChecklist:TakeActionNow Chapter16.PrioritizeYourAttack:ThePrivacyCalendar Resources
Section3.3.Hardwareusedinthisbook Section3.4.PreparinganAIXoperatingsystem Section3.5.PreparingtheOracledatabaseforaWebSphereinstallation Section3.6.Creatingasoftwarerepository Chapter4.WebSphereProcessServer:RemoteMessagingandRemoteSupporttopology Section4.1.Topologysummary Section4.2.InstallingWebSphereProcessServerbinaries Section4.3.ConfiguringWebSphereProcessServerprofiles Chapter5.WebSphereBusinessMonitor:Crosscellconfiguration Section5.1.Topologysummary Section5.2.Prerequisitesandsummary Section5.3.InstallingWebSphereBusinessMonitorbinaries Section5.4.ConfiguringWebSphereBusinessMonitorprofiles Chapter6.WebSphereBusinessServicesFabric:RemoteMessagingandRemoteSupporttopology Section6.1.Topologysummary Section6.2.InstallingWebSphereBusinessServicesFabricbinaries Section6.3.ConfiguringWebSphereBusinessServicesFabricprofiles Chapter7.ConfiguringanHTTPserverforloadbalancing Section7.1.Introduction Section7.2.InstallingIBMHTTPServer Section7.3.AddingtheIBMHTTPservertothecell Section7.4.EnablingSSLontheHTTPserver Chapter8.Verifyinginstallationsusingsampleapplications Section8.1.InstallingandexecutingaWebSphereProcessServer/WebSphereBusinessMonitormodule Section8.2.InstallingandexecutingWebSphereBusinessServicesFabricModule
Controller-Based Wireless LAN Fundamentals: An end-to-end reference guide to design, deploy, manage, and secure 802.11 wireless networks
By: Jeff Smith; Jake Woodhams; Robert Marg Publisher: Cisco Press Pub. Date: October 29, 2010 Print ISBN-10: 1-58705-825-1 Print ISBN-13: 978-1-58705-825-7 Web ISBN-10: 1-58714-049-7 Web ISBN-13: 978-1-58714-049-5 Pages in Print Edition: 300
Copyright AbouttheAuthors AbouttheTechnicalReviewers Acknowledgments IconsUsedinThisBook CommandSyntaxConventions Introduction Chapter1.TheNeedforControllerBasedWirelessNetworks WhyWirelessLANControllersWereCreated WhyYouNeedtoUseaWirelessLANController ControllerBasedWLANFunctionalandElementalArchitecture AutonomousAPIssuesandtheWLCRemedy MobilityApplicationsEnabledbyControllerBasedWLANs WLANsDoNotProvidethePerformanceandRobustnessNeededforUseasaPrimaryAccessNetwork Summary
Chapter2.WirelessLANProtocols UnderstandingtheRelevantStandards ThePhysicalLayer CAPWAP PacketFlowintheCiscoUnifiedWirelessNetwork Summary References Chapter3.802.11n IEEE802.11nStandard AntennaArrays MultipleInput,MultipleOutput(MIMO) Coding HTPHYandOperation ChannelBonding/40MHzWideChannels PowerManagement PacketAggregation ReverseDirectionProtocol(RDP) ModulationandCodingSchemes(MCS) ConfigurationRequirementstoObtainHTRates Predicting802.11LinkPerformance Summary Chapter4.CiscoUnifiedWirelessLANSecurityFundamentals UnderstandingWLANSecurityChallenges AddressingtheWLANSecurityChallenges Summary
References Chapter5.DesignConsiderations 100PercentWirelessAccessLayer IncreasedandDifficultWLANCoverageRequirements ContinuousAvailabilityandOutagePlanning PowerConservation Flexibility WLANCapacity Summary Chapter6.CiscoUnifiedWirelessLANArchitectures CiscoUnifiedWirelessLANArchitectureReview ArchitecturalFlexibility,Scalability,andResiliency CampusArchitectures BranchArchitectures Summary Chapter7.Troubleshooting ToolsforTroubleshooting802.11WirelessNetworks IsolatingIssuesontheCiscoUnifiedWirelessNetwork TheWirelessMedium:TroubleshootingPerformanceRelatedIssues TroubleshootingAdvancedWirelessLANServices Summary Chapter8.IntroductiontoWCS DesigningWirelessNetworkswithWCS AdditionalBenefitsofWCS:PlanningandCalibrationTools Summary
Chapter13.WhyMostPeopleShouldn'tRunIntrusionPreventionSystems Chapter14.ProblemswithHostIntrusionPrevention Chapter15.PlentyofPhishintheSea Chapter16.TheCultofSchneier Chapter17.HelpingOthersStaySafeontheInternet Chapter18.SnakeOil:LegitimateVendorsSellIt,Too Chapter19.LivinginFear? Chapter20.IsAppleReallyMoreSecure? Chapter21.OK,YourMobilePhoneIsInsecure;ShouldYouCare? Chapter22.DoAVVendorsWriteTheirOwnViruses? Chapter23.OneSimpleFixfortheAVIndustry Chapter24.OpenSourceSecurity:ARedHerring Chapter25.WhySiteAdvisorWasSuchaGoodIdea Chapter26.IsThereAnythingWeCanDoAboutIdentityTheft? Chapter27.Virtualization:HostSecurity'sSilverBullet? Chapter28.WhenWillWeGetRidofAlltheSecurityVulnerabilities? Chapter29.ApplicationSecurityonaBudget Chapter30."ResponsibleDisclosure"Isn'tResponsible Chapter31.AreManintheMiddleAttacksaMyth? Chapter32.AnAttackonPKI Chapter33.HTTPSSucks;Let'sKillIt! Chapter34.CrAPTCHAandtheUsability/SecurityTradeoff Chapter35.NoDeathforthePassword Chapter36.SpamIsDead Chapter37.ImprovingAuthentication
Chapter38.CloudInsecurity? Chapter39.WhatAVCompaniesShouldBeDoing(AV2.0) Chapter40.VPNsUsuallyDecreaseSecurity Chapter41.UsabilityandSecurity Chapter42.Privacy Chapter43.Anonymity Chapter44.ImprovingPatchManagement Chapter45.AnOpenSecurityIndustry Chapter46.Academics Chapter47.Locksmithing Chapter48.CriticalInfrastructure AppendixA.Epilogue Colophon
Section2.6.KeyDriverstoAdoptingtheCloud Section2.7.TheImpactofCloudComputingonUsers Section2.8.GovernanceintheCloud Section2.9.BarrierstoCloudComputingAdoptionintheEnterprise Section2.10.Summary Chapter3.InfrastructureSecurity Section3.1.InfrastructureSecurity:TheNetworkLevel Section3.2.InfrastructureSecurity:TheHostLevel Section3.3.InfrastructureSecurity:TheApplicationLevel Section3.4.Summary Chapter4.DataSecurityandStorage Section4.1.AspectsofDataSecurity Section4.2.DataSecurityMitigation Section4.3.ProviderDataandItsSecurity Section4.4.Summary Chapter5.IdentityandAccessManagement Section5.1.TrustBoundariesandIAM Section5.2.WhyIAM? Section5.3.IAMChallenges Section5.4.IAMDefinitions Section5.5.IAMArchitectureandPractice Section5.6.GettingReadyfortheCloud Section5.7.RelevantIAMStandardsandProtocolsforCloudServices Section5.8.IAMPracticesintheCloud Section5.9.CloudAuthorizationManagement
Section5.10.CloudServiceProviderIAMPractice Section5.11.Guidance Section5.12.Summary Chapter6.SecurityManagementintheCloud Section6.1.SecurityManagementStandards Section6.2.SecurityManagementintheCloud Section6.3.AvailabilityManagement Section6.4.SaaSAvailabilityManagement Section6.5.PaaSAvailabilityManagement Section6.6.IaaSAvailabilityManagement Section6.7.AccessControl Section6.8.SecurityVulnerability,Patch,andConfigurationManagement Section6.9.Summary Chapter7.Privacy Section7.1.WhatIsPrivacy? Section7.2.WhatIstheDataLifeCycle? Section7.3.WhatAretheKeyPrivacyConcernsintheCloud? Section7.4.WhoIsResponsibleforProtectingPrivacy? Section7.5.ChangestoPrivacyRiskManagementandComplianceinRelationtoCloudComputing Section7.6.LegalandRegulatoryImplications Section7.7.U.S.LawsandRegulations Section7.8.InternationalLawsandRegulations Section7.9.Summary Chapter8.AuditandCompliance Section8.1.InternalPolicyCompliance
Section8.2.Governance,Risk,andCompliance(GRC) Section8.3.IllustrativeControlObjectivesforCloudComputing Section8.4.IncrementalCSPSpecificControlObjectives Section8.5.AdditionalKeyManagementControlObjectives Section8.6.ControlConsiderationsforCSPUsers Section8.7.Regulatory/ExternalCompliance Section8.8.OtherRequirements Section8.9.CloudSecurityAlliance Section8.10.AuditingtheCloudforCompliance Section8.11.Summary Chapter9.ExamplesofCloudServiceProviders Section9.1.AmazonWebServices(IaaS) Section9.2.Google(SaaS,PaaS) Section9.3.MicrosoftAzureServicesPlatform(PaaS) Section9.4.Proofpoint(SaaS,IaaS) Section9.5.RightScale(IaaS) Section9.6.Salesforce.com(SaaS,PaaS) Section9.7.SunOpenCloudPlatform Section9.8.Workday(SaaS) Section9.9.Summary Chapter10.SecurityAsa[Cloud]Service Section10.1.Origins Section10.2.TodaysOfferings Section10.3.Summary Chapter11.TheImpactofCloudComputingontheRoleofCorporateIT
Section11.1.WhyCloudComputingWillBePopularwithBusinessUnits Section11.2.PotentialThreatsofUsingCSPs Section11.3.ACaseStudyIllustratingPotentialChangesintheITProfessionCausedbyCloudComputing Section11.4.GovernanceFactorstoConsiderWhenUsingCloudComputing Section11.5.Summary Chapter12.Conclusion,andtheFutureoftheCloud Section12.1.AnalystPredictions Section12.2.SurveySays? Section12.3.SecurityinCloudComputing Section12.4.ProgramGuidanceforCSPCustomers Section12.5.TheFutureofSecurityinCloudComputing Section12.6.Summary AppendixA.SAS70ReportContentExample SectionA.1.SectionI:ServiceAuditorsOpinion SectionA.2.SectionII:DescriptionofControls SectionA.3.SectionIII:ControlObjectives,RelatedControls,andTestsofOperatingEffectiveness SectionA.4.SectionIV:AdditionalInformationProvidedbytheServiceOrganization AppendixB.SysTrustReportContentExample SectionB.1.SysTrustAuditorsOpinion SectionB.2.SysTrustManagementAssertion SectionB.3.SysTrustSystemDescription SectionB.4.SysTrustScheduleofControls AppendixC.OpenSecurityArchitectureforCloudComputing SectionC.1.Legend SectionC.2.Description
SectionC.3.KeyControlAreas SectionC.4.Examples SectionC.5.Assumptions SectionC.6.TypicalChallenges SectionC.7.Indications SectionC.8.Contraindications SectionC.9.ResistanceAgainstThreats SectionC.10.References SectionC.11.ControlDetails Glossary Colophon
Section5.TheComputerAge Chapter3.PreventingSystemIntrusions Section1.So,WhatisanIntrusion? Section2.SoberingNumbers Section3.KnowYourEnemy:HackersVersusCrackers Section4.Motives Section5.ToolsoftheTrade Section6.Bots Section7.SymptomsofIntrusions Section8.WhatCanyouDo? Section9.SecurityPolicies Section10.RiskAnalysis Section11.ToolsofYourTrade Section12.ControllingUserAccess Section13.Conclusion Chapter4.GuardingAgainstNetworkIntrusions Section1.TraditionalReconnaissanceandAttacks Section2.MaliciousSoftware Section3.DefenseinDepth Section4.PreventiveMeasures Section5.IntrusionMonitoringandDetection Section6.ReactiveMeasures Section7.Conclusions Chapter5.UnixandLinuxSecurity Section1.UnixandSecurity
Section2.BasicUnixSecurity Section4.ProtectingUserAccountsandStrengtheningAuthentication Section5.ReducingExposuretoThreatsbyLimitingSuperuserPrivileges Section6.SafeguardingVitalDatabySecuringLocalandNetworkFileSystems Chapter6.EliminatingtheSecurityWeaknessofLinuxandUNIXOperatingSystems Section1.IntroductiontoLinuxandUnix Section2.HardeningLinuxandUnix Section3.ProactiveDefenseforLinuxandUnix Chapter7.InternetSecurity Section1.InternetProtocolArchitecture Section2.AnInternetThreatModel Section3.DefendingAgainstAttacksontheInternet Section4.Conclusion Chapter8.TheBotnetProblem Section1.Introduction Section2.BotnetOverview Section3.TypicalBotLifeCycle Section4.TheBotnetBusinessModel Section5.BotnetDefense Section6.BotmasterTraceback Section7.Summary Chapter9.IntranetSecurity Section1.PluggingtheGaps:NACandAccessControl Section2.MeasuringRisk:Audits Section3.GuardianattheGate:AuthenticationandEncryption
Section4.WirelessNetworkSecurity Section5.ShieldingtheWire:NetworkProtection Section6.WeakestLinkinSecurity:UserTraining Section7.DocumentingtheNetwork:ChangeManagement Section8.RehearsetheInevitable:DisasterRecovery Section9.ControllingHazards:PhysicalandEnvironmentalProtection Section10.KnowYourUsers:PersonnelSecurity Section11.ProtectingDataFlow:InformationandSystemIntegrity Section12.SecurityAssessments Section13.RiskAssessments Section14.Conclusion Chapter10.LocalAreaNetworkSecurity Section1.IdentifyNetworkThreats Section2.EstablishNetworkAccessControls Section3.RiskAssessment Section4.ListingNetworkResources Section5.Threats Section6.SecurityPolicies Section7.TheIncidentHandlingProcess Section8.SecureDesignThroughNetworkAccessControls Section9.IDSDefined Section10.NIDS:ScopeandLimitations Section11.APracticalIllustrationofNIDS Section12.Firewalls Section13.DynamicNATConfiguration
Section14.ThePerimeter Section15.AccessListDetails Section16.TypesofFirewalls Section17.PacketFiltering:IPFilteringRouters Section18.ApplicationlayerFirewalls:ProxyServers Section19.StatefulInspectionFirewalls Section20.NIDSComplementsFirewalls Section21.MonitorandAnalyzeSystemActivities Section22.SignatureAnalysis Section23.StatisticalAnalysis Section24.SignatureAlgorithms Chapter11.WirelessNetworkSecurity Section1.CellularNetworks Section2.WirelessAdHocNetworks Section3.SecurityProtocols Section4.SecureRouting Section5.KeyEstablishment References Chapter12.CellularNetworkSecurity Section1.Introduction Section2.OverviewofCellularNetworks Section3.TheStateoftheArtofCellularNetworkSecurity Section4.CellularNetworkAttackTaxonomy Section5.CellularNetworkVulnerabilityAnalysis Section6.Discussion
References Chapter13.RFIDSecurity Section1.RFIDIntroduction Section2.RFIDChallenges Section3.RFIDProtections References PartII:ManagingInformationSecurity Chapter14.InformationSecurityEssentialsforITManagers:ProtectingMissionCriticalSystems Section1.InformationSecurityEssentialsforITManagers,Overview Section2.ProtectingMissionCriticalSystems Section3.InformationSecurityfromtheGroundUp Section4.SecurityMonitoringandEffectiveness References Chapter15.SecurityManagementSystems Section1.SecurityManagementSystemStandards Section2.TrainingRequirements Section3.PrinciplesofInformationSecurity Section4.RolesandResponsibilitiesofPersonnel Section5.SecurityPolicies Section6.SecurityControls Section7.NetworkAccess Section8.RiskAssessment Section9.IncidentResponse Section10.Summary Chapter16.InformationTechnologySecurityManagement
Section1.InformationSecurityManagementStandards Section2.InformationTechnologySecurityAspects Section3.Conclusion Chapter17.IdentityManagement Section1.Introduction Section2.EvolutionofIdentityManagementRequirements Section3.TheRequirementsFulfilledbyCurrentIdentityManagementTechnologies Section4.Identity2.0forMobileUsers Section5.Conclusion Chapter18.IntrusionPreventionandDetectionSystems Section1.WhatisanIntrusion,Anyway? Section2.UnauthorizedAccessbyanOutsider Section3.MalwareInfection Section4.TheRoleofthe0Day Section5.TheRoguesGallery:AttackersandMotives Section6.ABriefIntroductiontoTCP/IP Section7.TheTCP/IPDataArchitectureandDataEncapsulation Section8.SurveyofIntrusionDetectionandPreventionTechnologies Section9.AntiMalwareSoftware Section10.NetworkBasedIntrusionDetectionSystems Section11.NetworkBasedIntrusionPreventionSystems Section12.HostBasedIntrusionPreventionSystems Section13.SecurityInformationManagementSystems Section14.NetworkSessionAnalysis Section15.DigitalForensics
Section16.SystemIntegrityValidation Section17.PuttingitallTogether Chapter19.ComputerForensics Section1.WhatisComputerForensics? Section2.AnalysisofData Section3.ComputerForensicsintheCourtSystem Section4.UnderstandingInternetHistory Section5.TemporaryRestrainingOrdersandLaborDisputes Section5.FirstPrinciples Section6.HackingaWindowsXPPassword Section7.NetworkAnalysis Section8.ComputerForensicsApplied Section9.TestifyingasanExpert Section10.BeginningtoEndinCourt Chapter20.NetworkForensics Section1.ScientificOverview Section2.ThePrinciplesofNetworkForensics Section3.AttackTracebackandAttribution Section4.CriticalNeedsAnalysis Section5.ResearchDirections Chapter21.Firewalls Section1.NetworkFirewalls Section2.FirewallSecurityPolicies Section3.ASimpleMathematicalModelforPolicies,Rules,andPackets Section4.FirstmatchFirewallPolicyAnomalies
Section5.PolicyOptimization Section6.FirewallTypes Section7.HostandNetworkFirewalls Section8.SoftwareandHardwareFirewallImplementations Section9.ChoosingtheCorrectFirewall Section10.FirewallPlacementandNetworkTopology Section11.FirewallInstallationandConfiguration Section12.SupportingOutgoingServicesThroughFirewallConfiguration Section13.SecureExternalServicesProvisioning Section14.NetworkFirewallsforVoiceandVideoApplications Section15.FirewallsandImportantAdministrativeServiceProtocols Section16.InternalIPServicesProtection Section17.FirewallRemoteAccessConfiguration Section18.LoadBalancingandFirewallArrays Section19.HighlyAvailableFirewalls Section20.FirewallManagement Section21.Conclusion Chapter22.PenetrationTesting Section1.WhatisPenetrationTesting? Section2.HowdoesPenetrationTestingDifferfromanActualHack? Section3.TypesofPenetrationTesting Section4.PhasesofPenetrationTesting Section5.DefiningWhatsExpected Section6.TheNeedforaMethodology Section7.PenetrationTestingMethodologies
Section8.MethodologyinAction Section9.PenetrationTestingRisks Section10.LiabilityIssues Section11.LegalConsequences Section12.GetOutofJailFreeCard Section13.PenetrationTestingConsultants Section14.RequiredSkillSets Section15.Accomplishments Section16.HiringaPenetrationTester Section17.WhyShouldaCompanyHireYou? Section18.AllsWellthatEndsWell Chapter23.WhatIsVulnerabilityAssessment? Section1.Reporting Section2.TheItWontHappentoUsFactor Section3.WhyVulnerabilityAssessment? Section4.PenetrationTestingVersusVulnerabilityAssessment Section5.VulnerabilityAssessmentGoal Section6.MappingtheNetwork Section7.SelectingtheRightScanners Section8.CentralScansVersusLocalScans Section9.DefenseinDepthStrategy Section10.VulnerabilityAssessmentTools Section11.ScannerPerformance Section12.ScanVerification Section13.ScanningCornerstones
Section14.NetworkScanningCountermeasures Section15.VulnerabilityDisclosureDate Section16.ProactiveSecurityVersusReactiveSecurity Section17.VulnerabilityCauses Section18.DIYVulnerabilityAssessment Section19.Conclusion PartIII:EncryptionTechnology Chapter24.DataEncryption Section1.NeedforCryptography Section2.MathematicalPreludetoCryptography Section3.ClassicalCryptography Section4.ModernSymmetricCiphers Section5.AlgebraicStructure Section6.TheInternalFunctionsofRijndaelinAESImplementation Section7.UseofModernBlockCiphers Section8.PublickeyCryptography Section9.CryptanalysisofRSA Section10.DiffieHellmanAlgorithm Section11.EllipticCurveCryptosystems Section12.MessageIntegrityandAuthentication Section13.Summary References Chapter25.SatelliteEncryption Section1.TheNeedforSatelliteEncryption Section2.SatelliteEncryptionPolicy
Section3.ImplementingSatelliteEncryption Section4.TheFutureofSatelliteEncryption Chapter26.PublicKeyInfrastructure Section1.CryptographicBackground Section2.OverviewofPKI Section3.TheX.509Model Section4.X.509ImplementationArchitectures Section5.X.509CertificateValidation Section6.X.509CertificateRevocation Section7.ServerBasedCertificateValidityProtocol Section8.X.509BridgeCertificationSystems Section9.X.509CertificateFormat Section10.PKIPolicyDescription Section11.PKIStandardsOrganizations Section12.PGPCertificateFormats Section13.PGPPKIImplementations Section14.W3C Section15.AlternativePKIArchitectures Section16.ModifiedX.509Architectures Section17.AlternativeKeyManagementModels Chapter27.InstantMessagingSecurity Section1.WhyShouldICareAboutInstantMessaging? Section2.WhatisInstantMessaging? Section3.TheEvolutionofNetworkingTechnologies Section4.GameTheoryandInstantMessaging
Section5.TheNatureoftheThreat Section6.CommonIMApplications Section7.DefensiveStrategies Section8.InstantMessagingSecurityMaturityandSolutions Section9.Processes Section10.Conclusion PartIV:PrivacyandAccessManagement Chapter28.NETPrivacy Section1.PrivacyintheDigitalSociety Section2.TheEconomicsofPrivacy Section3.PrivacyEnhancingTechnologies Section4.NetworkAnonymity Section5.Conclusion Chapter29.PersonalPrivacyPolicies Section1.Introduction Section2.ContentofPersonalPrivacyPolicies Section3.SemiautomatedDerivationofPersonalPrivacyPolicies Section4.SpecifyingWellFormedPersonalPrivacyPolicies Section5.PreventingUnexpectedNegativeOutcomes Section6.ThePrivacyManagementModel Section7.DiscussionandRelatedWork Section8.ConclusionsandFutureWork Chapter30.VirtualPrivateNetworks Section1.History Section2.WhoisinCharge?
Section3.VPNTypes Section4.AuthenticationMethods Section5.SymmetricEncryption Section6.AsymmetricCryptography Section7.EdgeDevices Section8.Passwords Section9.HackersandCrackers Chapter31.IdentityTheft Section1.ExperimentalDesign Section2.ResultsandAnalysis Section3.ImplicationsforCrimeware Section4.Conclusion Chapter32.VoIPSecurity Section1.Introduction Section2.OverviewofThreats Section3.SecurityinVoIP Section4.FutureTrends Section5.Conclusion PartV:StorageSecurity Chapter33.SANSecurity Section1.OrganizationalStructure Section2.AccessControlLists(ACL)andPolicies Section3.PhysicalAccess Section4.ChangeManagement Section5.PasswordPolicies
Section6.DefenseinDepth Section7.VendorSecurityReview Section8.DataClassification Section9.SecurityManagement Section10.Auditing Section11.ManagementAccess:SeparationofFunctions Section12.HostAccess:Partitioning Section13.DataProtection:Replicas Section15.EncryptioninStorage Section16.ApplicationofEncryption Section17.Conclusion References Chapter34.StorageAreaNetworkingSecurityDevices Section1.WhatisaSAN? Section2.SANDeploymentJustifications Section3.TheCriticalReasonsforSANSecurity Section4.SANArchitectureandComponents Section5.SANGeneralThreatsandIssues Section6.Conclusion Chapter35.RiskManagement Section1.TheConceptofRisk Section2.ExpressingandMeasuringRisk Section3.TheRiskManagementMethodology Section4.RiskManagementLawsandRegulations Section5.RiskManagementStandards
Section6.Summary PartVI:PhysicalSecurity Chapter36.PhysicalSecurityEssentials Section1.Overview Section2.PhysicalSecurityThreats Section3.PhysicalSecurityPreventionandMitigationMeasures Section4.RecoveryfromPhysicalSecurityBreaches Section5.ThreatAssessment,Planning,andPlanImplementation Section6.Example:ACorporatePhysicalSecurityPolicy Section7.IntegrationofPhysicalandLogicalSecurity References Chapter37.Biometrics Section1.RelevantStandards Section2.BiometricSystemArchitecture Section3.UsingBiometricSystems Section4.SecurityConsiderations Section5.Conclusion Chapter38.HomelandSecurity Section1.StatutoryAuthorities Section2.HomelandSecurityPresidentialDirectives Section3.OrganizationalActions Section4.Conclusion Chapter39.InformationWarfare Section1.InformationWarfareModel Section2.InformationWarfareDefined
Section3.IW:MythorReality? Section4.InformationWarfare:MakingIWPossible Section5.PreventativeStrategies Section6.LegalAspectsofIW Section7.HolisticViewofInformationWarfare Section8.Conclusion PartVII:AdvancedSecurity Chapter40.SecurityThroughDiversity Section1.Ubiquity Section2.ExampleAttacksAgainstUniformity Section3.AttackingUbiquitywithAntivirusTools Section4.TheThreatofWorms Section5.AutomatedNetworkDefense Section6.DiversityandtheBrowser Section7.SandboxingandVirtualization Section8.DNSExampleofDiversitythroughSecurity Section9.RecoveryfromDisasterisSurvival Section10.Conclusion Chapter41.ReputationManagement Section1.TheHumanNotionofReputation Section2.ReputationAppliedtotheComputingWorld Section3.StateoftheArtofAttackResistantReputationComputation Section4.OverviewofCurrentOnlineReputationService Section5.Conclusion Chapter42.ContentFiltering
Section1.TheProblemwithContentFiltering Section2.UserCategories,Motivations,andJustifications Section3.ContentBlockingMethods Section4.TechnologyandTechniquesforContentFilteringControl Section5.Categories Section6.LegalIssues Section7.IssuesandProblemswithContentFiltering Section9.RelatedProducts Section10.Conclusion Chapter43.DataLossProtection Section1.PrecursorsofDLP Section2.WhatisDLP? Section3.WheretoBegin? Section4.DataisLikeWater Section5.YouDontKnowWhatYouDontKnow Section6.HowDoDLPApplicationsWork? Section7.EatYourVegetables Section8.ItsaFamilyAffair,NotJustitSecuritysProblem Section9.Vendors,VendorsEverywhere!WhoDoYouBelieve? Section10.Conclusion PartVIII:Appendices AppendixA.ConfiguringAuthenticationServiceonMicrosoftWindowsVista Section1.BackupandRestoreofStoredUsernamesandPasswords Section2.CredentialSecurityServiceProviderandSSOforTerminalServicesLogon Section3.TLS/SSLCryptographicEnhancements
Section4.KerberosEnhancements Section5.SmartCardAuthenticationChanges Section6.PreviousLogonInformation AppendixB.SecurityManagementandResiliency AppendixC.ListofTopSecurityImplementationandDeploymentCompanies ListofSANImplementationandDeploymentCompanies SANSecurityImplementationandDeploymentCompanies: AppendixD.ListofSecurityProducts SecuritySoftware AppendixE.ListofSecurityStandards AppendixF.ListofMiscellaneousSecurityResources Conferences ConsumerInformation Directories HelpandTutorials MailingLists NewsandMedia Organizations ProductsandTools Research ContentFilteringLinks OtherLoggingResources AppendixG.EnsuringBuiltinFrequencyHoppingSpreadSpectrumWirelessNetworkSecurity Accomplishment Background
AdditionalInformation AppendixH.ConfiguringWirelessInternetSecurityRemoteAccess AddingtheAccessPointsasRADIUSClientstoIAS AddingAccessPointstotheFirstIASServer ScriptingtheAdditionofAccessPointstoIASServer(AlternativeProcedure) ConfiguringtheWirelessAccessPoints EnablingSecureWLANAuthenticationonAccessPoints AdditionalSettingstoSecureWirelessAccessPoints ReplicatingRADIUSClientConfigurationtoOtherIASServers AppendixI.FrequentlyAskedQuestions AppendixJ.Glossary
Section3.2.KeyQuestionstoManageRisk Section3.3.Summary PartII:SecurityPrinciplesandPractices Chapter4.InformationSystemSecurityPrinciples Section4.1.KeyPrinciplesofNetworkSecurity Section4.2.FormalProcesses Section4.3.RiskManagement Section4.4.CalculatingandManagingRisk Section4.5.Summary Chapter5.InformationSystemSecurityManagement Section5.1.SecurityPolicies Section5.2.SecurityAwareness Section5.3.ManagingtheTechnicalEffort Section5.4.ConfigurationManagement Section5.5.BusinessContinuityandDisasterRecoveryPlanning Section5.6.PhysicalSecurity Section5.7.LegalandLiabilityIssues Section5.8.Summary Chapter6.AccessControl Section6.1.ControlModels Section6.2.TypesofAccessControlImplementations Section6.3.IdentificationandAuthentication Section6.4.Databases Section6.5.RemoteAccess Section6.6.Summary
Chapter7.AttacksandThreats Section7.1.MaliciousCode Section7.2.ReviewofCommonAttacks Section7.3.ExternalAttackMethodologiesOverview Section7.4.InternalThreatOverview Section7.5.Summary PartIII:OperatingSystemsandApplications Chapter8.WindowsSecurity Section8.1.WindowsSecurityattheHeartoftheDefense Section8.2.OutoftheBoxOperatingSystemHardening Section8.3.InstallingApplications Section8.4.PuttingtheWorkstationontheNetwork Section8.5.OperatingWindowsSafely Section8.6.UpgradesandPatches Section8.7.MaintainandTesttheSecurity Section8.8.AttacksAgainsttheWindowsWorkstation Section8.9.Summary Chapter9.UNIXandLinuxSecurity Section9.1.TheFocusofUNIX/LinuxSecurity Section9.2.PhysicalSecurity Section9.3.ControllingtheConfiguration Section9.4.OperatingUNIXSafely Section9.5.HardeningUNIX Section9.6.Summary Chapter10.WebBrowserandClientSecurity
Section10.1.WebBrowserandClientRisk Section10.2.HowaWebBrowserWorks Section10.3.WebBrowserAttacks Section10.4.OperatingSafely Section10.5.WebBrowserConfigurations Section10.6.Summary Chapter11.WebSecurity Section11.1.WhatIsHTTP? Section11.2.HowDoesHTTPWork? Section11.3.ServerContent Section11.4.ClientContent Section11.5.State Section11.6.AttackingWebServers Section11.7.WebServices Section11.8.Summary Chapter12.Electronicmail(Email)Security Section12.1.TheEmailRisk Section12.2.TheEmailProtocols Section12.3.EmailAuthentication Section12.4.OperatingSafelyWhenUsingEmail Section12.5.Summary Chapter13.DomainNameSystem Section13.1.DNSBasics Section13.2.PurposeofDNS Section13.3.SettingUpDNS
Section13.4.SecurityIssueswithDNS Section13.5.DNSAttacks Section13.6.DesigningDNS Section13.7.MasterSlaveDNS Section13.8.DetailedDNSArchitecture Section13.9.DNSSEC Section13.10.Summary Chapter14.ServerSecurity Section14.1.GeneralServerRisks Section14.2.SecuritybyDesign Section14.3.OperatingServersSafely Section14.4.ServerApplications Section14.5.MultiLevelSecurityandDigitalRightsManagement Section14.6.Summary PartIV:NetworkSecurityFundamentals Chapter15.NetworkProtocols Section15.1.Protocols Section15.2.TheOpenSystemsInterconnectModel Section15.3.TheOSILayers Section15.4.TheTCP/IPModel Section15.5.TCP/IPModelLayers Section15.6.InternetProtocol Section15.7.VoIP Section15.8.Summary Chapter16.WirelessSecurity
Section16.1.ElectromagneticSpectrum Section16.2.TheCellularPhoneNetwork Section16.3.PlacingaCellularTelephoneCall Section16.4.WirelessTransmissionSystems Section16.5.PervasiveWirelessDataNetworkTechnologies Section16.6.IEEEWirelessLANSpecifications Section16.7.IEEE802.11 Section16.8.IEEE802.11WirelessSecurity Section16.9.Bluetooth Section16.10.WirelessApplicationProtocol Section16.11.FutureofWireless Section16.12.Summary Chapter17.NetworkArchitectureFundamentals Section17.1.NetworkSegments Section17.2.PerimeterDefense Section17.3.NetworkAddressTranslation Section17.4.BasicArchitectureIssues Section17.5.Subnetting,Switching,andVLANs Section17.6.AddressResolutionProtocolandMediaAccessControl Section17.7.DynamicHostConfigurationProtocolandAddressingControl Section17.8.ZeroConfigurationNetworks Section17.9.SystemDesignandArchitectureAgainstInsiderThreats Section17.10.CommonAttacks Section17.11.Summary Chapter18.Firewalls
Section18.1.Firewalls Section18.2.Firewallrules Section18.3.TheUseofPersonalFirewalls Section18.4.Summary Chapter19.IntrusionDetection/Prevention Section19.1.IntrusionDetectionSystems Section19.2.ResponsestoIntrusionDetection Section19.3.EmergingTechnologiesinIntrusionDetectionSystems Section19.4.Summary PartV:Communication Chapter20.SecretCommunication Section20.1.WhatisCryptography? Section20.2.GeneralTerms Section20.3.PrinciplesofCryptography Section20.4.HistoricCryptography Section20.5.TheFourCryptographicPrimitives Section20.6.PuttingThesePrimitivesTogethertoAchieveCIA Section20.7.TheDifferenceBetweenAlgorithmandImplementation Section20.8.ProprietaryVersusOpenSourceAlgorithms Section20.9.AttacksonHashFunctions Section20.10.QuantumCryptography Section20.11.Summary Chapter21.CovertCommunication Section21.1.WhereHiddenDataHides Section21.2.WhereDidItComeFrom?
Section21.3.WhereIsItGoing? Section21.4.OverviewofSteganography Section21.5.HistoryofSteganography Section21.6.CoreAreasofNetworkSecurityandTheirRelationtoSteganography Section21.7.PrinciplesofSteganography Section21.8.SteganographyComparedtoCryptography Section21.9.TypesofSteganography Section21.10.ProductsThatImplementSteganography Section21.11.SteganographyVersusDigitalWatermarking Section21.12.TypesofDigitalWatermarking Section21.13.GoalsofDigitalWatermarking Section21.14.DigitalWatermarkingandStego Section21.15.Summary Chapter22.ApplicationsofSecure/CovertCommunication Section22.1.Email Section22.2.AuthenticationServers Section22.3.WorkingModel Section22.4.PublicKeyInfrastructure Section22.5.VirtualPrivateNetworks Section22.6.SecureSocketsLayer/TransportLayerSecurity Section22.7.SSLHandshake Section22.8.Summary PartVI:TheSecurityThreatandResponse Chapter23.IntrusionDetectionandResponse Section23.1.IntrusionDetectionMechanisms
Section23.2.Honeypots Section23.3.IncidentHandling Section23.4.Summary Chapter24.DigitalForensics Section24.1.ComputerForensicsDefined Section24.2.TraditionalComputerForensics Section24.3.ProactiveForensics Section24.4.FutureResearchAreas Section24.5.TheForensicLifeCycle Section24.6.Summary Chapter25.SecurityAssessments,Testing,andEvaluation Section25.1.InformationAssuranceApproachesandMethodologies Section25.2.CertificationandAccreditation Section25.3.DIACAP Section25.4.FederalInformationProcessingStandard102 Section25.5.OMBCircularA130 Section25.6.TheNationalInstituteofStandardsandTechnologyAssessmentGuidelines Section25.7.PenetrationTesting Section25.8.AuditingandMonitoring Section25.9.Summary PartVII:IntegratedCyberSecurity Chapter26.ValidatingYourSecurity Section26.1.Overview Section26.2.CurrentStateofPenetrationTesting Section26.3.FormalPenetrationTestingMethodology
Section26.4.StepstoExploitingaSystem Section26.5.Summary Chapter27.DataProtection Section27.1. Section27.2.EndpointSecurity Section27.3.InsiderThreatsandDataProtection Section27.4.Summary Chapter28.PuttingEverythingTogether Section28.1.CriticalProblemsFacingOrganizations Section28.2.GeneralTipsforProtectingaSite Section28.3.SecurityBestPractices Section28.4.Summary Chapter29.TheFuture Section29.1.ApproachingtheProblem Section29.2.MissionResilience Section29.3.LimitingFailurePoints Section29.4.Summary
KEYTERMS SECURITYREVIEWQUESTIONS RESEARCHACTIVITIES Chapter2.Attacks,Threats,andVulnerabilities CHAPTERCONTENTS INTRODUCTION THREATS THREATTARGETS ATTACKS VIRUSTHREATS COUNTERINGTHEVIRUSTHREAT VULNERABILITIES MALICIOUSATTACKS OTHERSECURITYBREACHES ADDITIONALSECURITYCHALLENGES RESPONDINGTOINTERNETANDNETWORKATTACKS NETWORKINTRUDERS MALICIOUSTOOLS CHAPTERSUMMARY KEYTERMS SECURITYREVIEWQUESTIONS RESEARCHACTIVITIES Chapter3.Scams,IdentityTheft,andFraud CHAPTERCONTENTS INTRODUCTION
SCAMSANDSCAMARTISTS PROTECTINGPERSONALINFORMATION IDENTITYTHEFT INTERNETFRAUD COMBATINGIDENTITYTHEFTANDFRAUD AWARENESSANDEDUCATION LAWS CHAPTERSUMMARY KEYTERMS SECURITYREVIEWQUESTIONS RESEARCHACTIVITIES Chapter4.ComputerandDigitalAssetsSecurity CHAPTERCONTENTS INTRODUCTION PROPERTYTHEFTAWARENESS EDUCATIONALSITECOMPUTERSECURITY SECURITYANDINTEGRITYFORINTERNETUSERS PHYSICALPROPERTYSECURITY PREVENTINGDAMAGETOPHYSICALASSETS PHYSICALSECURITYCONTROLS CHAPTERSUMMARY KEYTERMS SECURITYREVIEWQUESTIONS RESEARCHACTIVITIES PartTWO:COMPUTERSYSTEMSANDNETWORKS
Chapter5.TheInternetandWebNetworkEnvironment CHAPTERCONTENTS INTRODUCTION THEINTERNET NETWORKACCESSCOMMUNICATIONDEVICES WORLDWIDEWEB(WWW),AKATHEWEB INTRANETANDEXTRANETNETWORKS VIRTUALPRIVATENETWORKS SECURITYISSUESINVIRTUALNETWORKS NETWORK,HARDWARE,ANDSOFTWARECOMPONENTS NETWORKRESOURCEACCESS INTERNETSEARCHTOOLS SOFTWARE SECURITYINTHENETWORK CHAPTERSUMMARY KEYTERMS SECURITYREVIEWQUESTIONS RESEARCHACTIVITIES Chapter6.WiredandWirelessLocalAreaNetworks CHAPTERCONTENTS INTRODUCTION LOCALAREANETWORK WIREDLANCONNECTIVITY WIRELESSLAN LANNETWORKCOMPONENTS
EXTRANETANDINTRANETLANISSUES SECUREPROTOCOLS BIOMETRICSYSTEMS WIREDLANSECURITY LANNETWORKMANAGEMENT CHAPTERSUMMARY KEYTERMS SECURITYREVIEWQUESTIONS RESEARCHACTIVITIES Chapter7.Computer,Server,andDatabaseSecurityIssues CHAPTERCONTENTS INTRODUCTION COMPUTERSYSTEMS CLIENT/SERVERSYSTEMS PORTABLECOMPUTERANDELECTRONICDEVICES DATABASEMANAGEMENTSYSTEM DATAANDDATABASEATTACKS PROTECTINGTHEDATAANDDATABASEASSET VOICECOMMUNICATIONSYSTEMS PHYSICALASSETPROTECTION CHAPTERSUMMARY KEYTERMS SECURITYREVIEWQUESTIONS RESEARCHACTIVITIES Chapter8.ECommerceSecurityMechanisms
CHAPTERCONTENTS INTRODUCTION ECOMMERCEENVIRONMENT ELECTRONICCOMMERCEANDTRANSACTIONS SECURINGNETWORKTRANSACTIONS DATASECURITYANDENCRYPTION ECOMMERCESECURITYANDDISTRIBUTEDCOMPUTING FINANCIALTRANSACTIONS WIRELESSLAN WIRELESSLANSECURITY SECURITYPROTOCOLS ECOMMERCESYSTEMDESIGNCONCERNS DISTRIBUTEDSECURITYANDPRIVACYISSUES IMPLEMENTATIONISSUES CHAPTERSUMMARY KEYTERMS SECURITYREVIEWQUESTIONS RESEARCHACTIVITIES PartTHREE:SECURITYANDOPERATIONSADMINISTRATION Chapter9.BusinessContinuityandDisasterRecoveryPlanning CHAPTERCONTENTS INTRODUCTION SECURITYGOALSANDOBJECTIVES PROTECTINGASSETSANDRESOURCES INFRASTRUCTURESECURITYANDCONTROL
PHYSICALSECURITY ACCESSSECURITYOFCOMPUTERANDNETWORKRESOURCES THEFTPREVENTIONTECHNIQUES SECURITYCOSTJUSTIFICATION SECURITYSYSTEMSDESIGN SECURITYEVALUATION ADMINISTRATION CORPORATEPLANNING SECURITYREQUIREMENTSASSESSMENT MAINTAININGNETWORKINTEGRITY AUTHENTICATIONTECHNIQUES DATAMANAGEMENT PROTECTIONAGAINSTINTRUDERS DOCUMENTATION THREATASSESSMENT GAPANALYSIS AUDITING SECURITYPOLICY CONTINGENCYPLANNING/DISASTERRECOVERY DISASTERRECOVERY CHAPTERSUMMARY KEYTERMS SECURITYREVIEWQUESTIONS RESEARCHACTIVITIES Chapter10.IntrusionDetectionandPrevention
CHAPTERCONTENTS INTRODUCTION COMPUTINGSECURITYISSUES INTRUSIONDETECTION INTRUSIONDETECTIONSYSTEM INTRUSIONDETECTIONSYSTEMCONFIGURATIONS NETWORKBASEDINTRUSIONDETECTIONSYSTEM HOSTBASEDINTRUSIONDETECTIONSYSTEM BENEFITSOFANINTRUSIONDETECTIONSYSTEM INTRUSIONDETECTIONSYSTEMSANDVENDORS INTRUSIONDETECTIONDECISIONS INTRUSIONPREVENTION INTRUSIONPREVENTIONSYSTEMS SYSTEMPROCESSES INTRUSIONPREVENTIONSYSTEMTYPES IMPLEMENTATIONCHALLENGES REQUIREMENTSFOREFFECTIVEPREVENTION MANAGEMENTANDADMINISTRATIONCONSIDERATIONS ORGANIZATIONSANDSTANDARDS CHAPTERSUMMARY KEYTERMS SECURITYREVIEWQUESTIONS RESEARCHACTIVITIES Chapter11.ProblemSolvingandSecurityAdministration CHAPTERCONTENTS
INTRODUCTION THENEEDFORPROBLEMSOLVING THESECURITYAUDIT BASELINE SECURITYINVESTIGATIONS NETWORKPROBLEMSOLVING NETWORKTESTINGSUPPORTANDRESOURCES SECURITYTOOLS MANAGINGTHENETWORK NETWORKMANAGEMENTANDCONTROL COMMONMANAGEMENTINFORMATIONPROTOCOL NETWORKMANAGEMENTSTANDARDSORGANIZATIONS CHAPTERSUMMARY KEYTERMS SECURITYREVIEWQUESTIONS RESEARCHACTIVITIES PartFOUR:SECURITYRESOURCES,EDUCATION,ANDSTANDARDS Chapter12.SecuritySolutionsforDigitalResources CHAPTERCONTENTS INTRODUCTION UNDERSTANDINGTHEISSUES SECURITYSOLUTIONCATEGORIES COMPANIESPROVIDINGSECURITYSOLUTIONS SECURITYSYSTEMPROCUREMENT PROCUREMENTCHECKLISTFORSECURITYSYSTEMS
SECURITYSYSTEMPROJECTMANAGEMENT SOFTWARESECURITYSOLUTIONS SECURITYPRODUCTSANDVENDORS QUALITYCONTROLISSUES SYSTEMEVALUATIONCRITERIA DEVELOPINHOUSEOROUTSOURCE CHAPTERSUMMARY KEYTERMS SECURITYREVIEWQUESTIONS RESEARCHACTIVITIES Chapter13.Standards,Specifications,andProtocols CHAPTERCONTENTS INTRODUCTION STANDARDS PROTOCOLS SPECIFICATIONS LAWSANDREGULATIONS CHAPTERSUMMARY KEYTERMS SECURITYREVIEWQUESTIONS RESEARCHACTIVITIES Chapter14.Training,Certifications,andCareers CHAPTERCONTENTS INTRODUCTION SECURITYCERTIFICATIONS
TRAINING SECURITYORGANIZATIONS CERTIFICATES COMPUTERSECURITYCAREERS CAREERANDCERTIFICATIONTIPS TOP10BENEFITSOFASECURITYCERTIFICATION CHAPTERSUMMARY KEYTERMS SECURITYREVIEWQUESTIONS RESEARCHACTIVITIES APPENDICES AppendixA.ComputerandInformationSystemsSecurityReview COMPUTERSYSTEMSECURITYREVIEW AppendixB.InformationSecurity(InfoSec)AcceptableUsePolicy 1.0OVERVIEW 2.0PURPOSE 3.0SCOPE 4.0POLICY 5.0ENFORCEMENT 6.0DEFINITIONS 7.0REVISIONHISTORY AppendixC.AnswerstoChapterSecurityReviewQuestions CHAPTER1 CHAPTER2 CHAPTER3
CHAPTER4 CHAPTER5 CHAPTER6 CHAPTER7 CHAPTER8 CHAPTER9 CHAPTER10 CHAPTER11 CHAPTER12 CHAPTER13 CHAPTER14 AppendixD.ComputerSecurityAcronyms AppendixE.InternetProtocolAddresses IPV4ADDRESSINGNOTATION IPV6ADDRESSINGNOTATION AppendixF.SecurityApplicationsandSolutions NETWORKATTACKSPROTECTION COMPREHENSIVESECURITYSYSTEMS CONFIGURATIONAUDITANDCONTROLSYSTEMS DATALEAKPREVENTIONORCONTENTMONITORINGANDFILTERING EMAILENCRYPTION DATABASEACTIVITYDETECTIONANDMONITORING INTRUSIONDETECTIONANDPREVENTIONSYSTEMS(IDS/IPS)SYSTEMS UNIFIEDNETWORKMANAGEMENT NETWORKTAPS
Section4.5.EncryptAllDatawithaVPN Chapter5.ProtectYourSystems Section5.1.GetParanoid Section5.2.InstallAntivirusSoftware Section5.3.AssignPrivateAddressesforPassiveProtection Section5.4.EnableanActiveFirewall Chapter6.SecureSmallOfficeWiFi Section6.1.ThreeSecurityOptions Section6.2.UseaSharedKey Section6.3.UseWPA2EnterpriseLogins Section6.4.UseaVPN Glossary AppendixA.PasswordAdvice SectionA.1.GenerateThreePasswords SectionA.2.LearntoCreateaHighlySecurePassword AppendixB.AboutThisBook SectionB.1.EbookExtras SectionB.2.AboutGlenn SectionB.3.AboutAdam SectionB.4.AuthorsAcknowledgments SectionB.5.ShamelessPlugs SectionB.6.Aboutthepublisher SectionB.7.ProductionCredits
2.1.1.Securitypolicy 2.1.2.Baselines 2.1.3.Standards 2.1.4.Guidelines 2.1.5.Procedures 2.2.Securityprocessmodel 2.2.1.Identifyinganddocumentingthesecurityrequirements 2.2.2.Planningandwritingasecuritypolicy 2.2.3.Implementingthesecuritypolicy 2.2.4.Monitoringforimplementationaccuracy 2.2.5.Monitoringforcompliancewiththesecuritypolicy 2.2.6.Independentsecuritypolicyandimplementationreview 2.3.Securitypolicycontents 2.3.1.Considerationsforsecuritypolicycontent 2.3.2.Processes 2.3.3.Securitycontrols 2.4.Moreinformation Chapter3.IBMisecurityoverview 3.1.IBMiarchitecture 3.2.WhattheSystemioffers 3.2.1.Securityatthesystemlayer 3.2.2.Securityatthenetworklayer 3.2.3.Securityattheapplicationlayer Part2.ThebasicsofIBMisecurity Chapter4.IBMisecurityfundamentals
4.1.Globalsettings 4.1.1.Securitysystemvalues 4.1.2.CommonCriteria 4.1.3.Lockingsystemvalues 4.1.4.Networkattributes 4.1.5.Workmanagementelements 4.1.6.Communicationconfiguration 4.2.Userprofilesandgroupprofiles 4.2.1.Individualuserprofiles 4.2.2.Groupprofiles 4.2.3.IBMsupplieduserprofiles 4.3.Resourceprotection 4.3.1.Informationaccess 4.3.2.Authorityfornewobjectsinalibrary 4.3.3.Objectownership 4.3.4.Publicauthority 4.3.5.Protectionstrategies 4.3.6.Authorizationsearchsequence 4.3.7.Outputdistribution 4.3.8.Saveandrestoreconsiderations 4.3.9.Securingcommands 4.4.Authorizationlists 4.4.1.Creatinganauthorizationlist 4.4.2.Authorizationlistdetails 4.5.Registeredexitpoints
4.5.1.Benefitsofexitprograms 4.5.2.Registrationfacility 4.5.3.Exitprograms 4.6.Limitingaccesstoprogramfunctions 4.7.Backupandrecoveryforsecurityinformation Chapter5.Securitytools 5.1.SecurityWizard 5.1.1.RunningtheSecurityWizard 5.1.2.Securitywizardreports 5.2.Securityauditingtools 5.2.1.SecurityToolsmenu 5.2.2.Customizingyoursecurity 5.3.Javapolicytool Chapter6.Securityauditjournal 6.1.Auditjournal 6.2.Planningforsecurityauditing 6.3.Creatingthesecurityauditjournal 6.3.1.Creatingajournalreceiver 6.3.2.Creatingasecurityauditjournal 6.4.Systemvaluesthatcontrolsecurityauditing 6.5.Usingthesecurityauditjournalforreports 6.5.1.Securityauditjournal 6.5.2.Auditjournalflow 6.5.3.Journalentrytypes 6.5.4.Convertingsecurityauditjournalentries
6.6.Userandobjectauditing 6.6.1.Userauditing 6.6.2.Objectauditing 6.6.3.Actionauditing 6.7.Thirdpartytools Chapter7.Confidentialityandintegrity 7.1.Dataconfidentialityandintegrity 7.2.Objectsigning 7.2.1.Objectsthatcanbesigned 7.2.2.Advantagesofdigitalobjectsigning 7.2.3.Signaturecommands 7.2.4.Considerations 7.2.5.Prerequisites 7.3.Virusscanning 7.3.1.Exitpoints 7.3.2.Systemvalues 7.3.3.Settingsecuritypolicypropertiesforvirusscanning 7.4.Dataencryption 7.4.1.DataencryptioninDB2UniversalDatabase 7.4.2.EncryptionanddecryptionAPIs Chapter8.Diskandtapedataencryption 8.1.DiskdatainanASPencryption 8.1.1.Creatinganencryptedauxiliarystoragepool 8.1.2.Backingupencryptedauxiliarystoragepool 8.1.3.Restoringencryptedauxiliarystoragepools
8.1.4.Considerationinaclusteringenvironment 8.2.Backupencryption 8.2.1.Hardwarebasedtapeencryption 8.2.2.Softwarebasedencryption 8.2.3.Considerationsforencryptingbackupdata 8.2.4.Decryptingyourdata 8.2.5.Moreinformation Part3.Networksecurity Chapter9.TCP/IPsecurity 9.1.TheTCP/IPmodel 9.2.ControllingwhichTCP/IPserversstartautomatically 9.2.1.ConfiguringtheautostartvalueforaTCP/IPserver 9.2.2.Moreinformation 9.3.ControllingthestartofTCP/IPinterfaces 9.4.ControllingthestartofPointtoPointProfiles 9.5.Portrestrictions 9.5.1.Configuringportrestrictions 9.5.2.Moreinformation 9.6.Exitprograms 9.6.1.FTPexitprogramexample 9.6.2.Configuringexitprograms 9.6.3.Moreinformation 9.7.IPpacketfiltering 9.7.1.ActivatingIPpacketfilteringrules 9.7.2.NetworkAddressTranslation
9.7.3.ConfiguringNAT 9.7.4.Moreinformation 9.8.Intrusiondetectionsystem 9.8.1.IBMi5.4and6.1intrusiondetectionandpreventioncapabilities 9.8.2.Overview:IBMiintrusiondetectionsystemimplementation 9.8.3.Policymanagement 9.8.4.Intrusiondetectionsystemsetupandstart 9.8.5.Analyzingintrusionattempts 9.8.6.Moreinformation 9.9.PointtoPointProtocol 9.9.1.SecurityconsiderationsforPointtoPointProtocol 9.9.2.ConfiguringPointtoPointProtocolprofiles 9.9.3.Moreinformation 9.10.RADIUS 9.10.1.EnablingRADIUSsupport 9.10.2.Moreinformation 9.11.HTTPproxyserver 9.11.1.Reverseproxyserver 9.11.2.ConfiguringtheHTTPserverasaproxyserver 9.11.3.Moreinformation 9.12.SOCKS 9.12.1.ClientSOCKSsupportontheSystemiplatform 9.12.2.ConfiguringclientSOCKSsupport 9.12.3.Moreinformation 9.13.OpenSSHandOpenSSL
9.13.1.PortableUtilitiesfori5/OS 9.13.2.OpenSSH 9.13.3.OpenSSL 9.13.4.Moreinformation 9.14.SecuresocketAPIs 9.15.Securityconsiderationsforemail 9.15.1.Controllingemailaccess 9.15.2.Preventingemailaccess 9.15.3.Securingemail 9.15.4.Moreinformation 9.16.SecurityconsiderationsforFTP Chapter10.Cryptographicsupport 10.1.Encryptionversushashing 10.2.Encryptionmethods 10.2.1.Symmetrickeys 10.2.2.Asymmetrickeys 10.3.Digitalsignature 10.4.Digitalcertificate 10.5.DigitalCertificateManager 10.5.1.Issuingcertificates 10.5.2.UsingDCM 10.5.3.Prerequisites 10.5.4.AccessingDCMcomponents 10.5.5.Moreinformation 10.6.SecureSocketsLayer
10.6.1.SecuringapplicationswithSSL 10.6.2.OpenSSL 10.6.3.SupportedSSLandTLSprotocols 10.6.4.UsingcertificateswithintheSSLprotocol 10.6.5.SSLhandshake 10.6.6.EnablingSSLonIBMistandardserverapplications 10.6.7.Moreinformation 10.7.Hardwarecryptographicsupport 10.7.1.Softwarerequirements 10.7.2.Examplesofusingthehardwarecryptographicproducts 10.7.3.ConfiguringthehardwareCryptographicCoprocessor 10.7.4.Moreinformation 10.8.Dataencryptionandkeymanagement 10.8.1.IBMi6.1encryptionkeymanagementenhancements 10.8.2.Keymanagement 10.8.3.Masterkey 10.8.4.DB2fori5/OSbuiltinSQLencryption 10.8.5.CryptographicServicesAPIs 10.8.6.CommonCryptographicArchitecture(CCA)APIs 10.8.7.SummarizationofIBMicryptographicsupport 10.8.8.Moreinformation Chapter11.Virtualprivatenetwork 11.1.IntroductiontoVPN 11.2.VPNprotocols 11.3.Layer2TunnelProtocol
11.3.1.L2TPtunnelmodes:Compulsoryandvoluntary 11.3.2.Multihopconnection 11.4.L2TPandIPSec 11.5.ComparisonofIPSec,SSL,andOpenSSH 11.6.VPNontheSystemiplatform 11.6.1.VPNprerequisites 11.6.2.ConfiguringVPN 11.7.ConfiguringL2TP 11.7.1.ProtectinganL2TPtunnelwithIPSec 11.7.2.Moreinformation Chapter12.Firewalls 12.1.Introductiontofirewalls 12.2.Externalfirewallconcepts 12.3.SupportfornativeLinuxonSystemi 12.3.1.HostedandnonhostedpartitionsrunningLinux 12.3.2.Securityconsiderationsforpartitions 12.3.3.tMoreinformation 12.4.InternalfirewallontheSystemiplatformusingLinux 12.4.1.NativeLANadapterrequirements 12.4.2.Scenario1:DMZforLPARsandtwofirewalls 12.4.3.Scenario2:DMZforotherhostsandtwofirewalls 12.4.4.Scenario3:i5/OSpartitionsundercontroloftwofirewalls 12.4.5.Scenario4:i5/OSpartitionundercontrolofonefirewall 12.4.6.BasicscenarioswithoutDMZ 12.5.Hostedandnonhostedpartitionsforafirewall
12.6.StoneGatefirewallsolutionfortheSystemiplatform 12.6.1.Hardwareandsoftwarerequirements 12.6.2.ImplementationoftheStoneGatefirewall Part4.Authentication Chapter13.IBMiauthenticationmethods 13.1.Authenticationconcepts 13.2.Passwords 13.3.Digitalcertificates 13.4.Kerberos 13.4.1.KerberosontheSystemiplatform 13.4.2.Moreinformation 13.5.Exitprogramsforauthentication 13.6.Validationlists 13.7.LightweightDirectoryAccessProtocol 13.8.Centralizedaccesscontroladministration 13.8.1.RemoteAuthenticationDialInUserService 13.8.2.TerminalAccessControllerAccessControlSystem 13.8.3.Diameter 13.8.4.CommonOpenPolicyService 13.9.Otherprotocolsandauthenticationtopics 13.9.1.LightweightThirdPartyAuthentication 13.9.2.PasswordAuthenticationProtocol(PAP) 13.9.3.ChallengeHandshakeAuthenticationProtocol(CHAP) 13.9.4.ExtensibleAuthenticationProtocol 13.9.5.MicrosoftChallengeHandshakeAuthenticationProtocol
13.9.6.SecureEuropeanSystemforApplicationinaMultivendorEnvironment Chapter14.Singlesignon 14.1.Understandingsinglesignon 14.1.1.SSOtechniques 14.1.2.VerticalandhorizontalSSO 14.2.SSOusingEnterpriseIdentityMapping 14.2.1.EIMandKerberos 14.2.2.AdvantagesofusingEIM 14.2.3.Moreinformation 14.3.SSOusingaWindowsuserIDandpassword 14.4.SSOwithuserandpasswordsynchronization 14.5.SSOwithWebSphere 14.6.UsingLDAPasashareduserregistry Part5.Securitymanagement Chapter15.Regulationsandstandards 15.1.TheSarbanesOxleyActof2002 15.1.1.SOXtextandkeymessages 15.1.2.HowSOXappliestocompaniesoutsidetheUnitedStates 15.1.3.COBIT 15.1.4.PublicCompanyAccountingOversightBoard 15.1.5.SOXandtheSystemiplatform 15.1.6.References 15.2.ISO/IEC177992005ITsecuritytechniques:Codeofpracticeforinformationsecuritymanagement 15.3.Otherregulationsandstandards 15.3.1.AmericanExpressdatasecurityrequirements
15.3.2.Australia/NewZealand4360RiskManagement 15.3.3.BaselII 15.3.4.GrammLeachBlileyAct 15.3.5.HealthInsurancePortabilityandAccountabilityAct 15.3.6.PersonalInformationProtectionandElectronicDocumentsAct 15.3.7.StatementonAuditingStandardsNo.70,ServiceOrganizations 15.3.8.SystemsSecurityEngineeringCapabilityMaturityModel 15.3.9.PaymentCardIndustryDataSecurityStandard 15.3.10.VisaCardholderInformationSecurityProgram Chapter16.Securitymonitoring 16.1.Securityauditingenvironment 16.1.1.Securityauditing 16.1.2.Securityreviews 16.1.3.Securitymonitoring 16.2.Techniquesformonitoringsecurity 16.2.1.Securityauditjournal 16.2.2.Exitpoints 16.2.3.Securitymessages 16.2.4.Reportsandbaselines 16.3.Securityeventandstatemonitoring 16.3.1.Generalsystemsecurity 16.3.2.Auditing 16.3.3.Systemvalues 16.3.4.Userprofiles 16.3.5.Passwordcontrol
16.3.6.Authorizationcontrol 16.3.7.Unauthorizedaccess 16.3.8.Unauthorizedprograms 16.3.9.Databasetriggers 16.3.10.Exitpoints 16.3.11.Other 16.4.Moreinformation Chapter17.Considerationsandrecommendations 17.1.Systemsecurityauditing 17.2.Authority 17.2.1.Adoptedauthority 17.2.2.Swappinguserprofiles 17.2.3.Libraryanddirectorypublicaccess 17.3.Commands 17.3.1.UsingtheLimitCapabilitiesfieldtocontrolcommandauthority 17.3.2.Librarycreateauthority(QCRTAUT) 17.4.Operatingsystem 17.4.1.Restrictobjecttampering 17.4.2.CheckObjectIntegritycommand 17.4.3.Systemcleanup 17.4.4.CreatingandmonitoringtheQSYSMSGmessagequeue 17.4.5.TCP/IPservers 17.4.6.Identifyingallexitpointprograms 17.4.7.Otherenvironments 17.5.Systemvaluesandnetworkattributes
17.5.1.Systemsecuritylevelsystemvalue 17.5.2.Lockingsecuritysystemvalues 17.5.3.Passwordcontrolsystemvalues 17.5.4.Networkattributes 17.6.Userprofiles 17.7.Moreinformation AppendixA.LPARsecurityconsiderations Thehypervisor Partitionisolation HypervisoronPOWER5systems ManagingsecurityforLPARs Moreinformation Interpartitioncommunications ExternalLAN OptiConnect VirtualEthernet Moreinformation ControllingvirtualLANtraffic ConnectingvirtualLANstoexternalLANs Moreinformation Othersecurityconsiderations AppendixB.OperationsConsole ConfiguringtheOperationsConsole Consoledeviceauthentication Userauthentication
Dataprivacy Dataintegrity OperationsConsoleLANconsole CreatingadditionalDSTandSSTprofiles Creatingadditionalservicetoolsdeviceprofiles Moreinformation AppendixC.Applicationsandmiddlewaresecurityconsiderations WebSphereApplicationServer Enablingsecurity WebSphereuserprofiles ProtectingWebSphereApplicationServerfilesandresources Moreinformation WebSphereMQ MQuserprofiles ProtectingWebSphereMQfilesandresources LotusDomino Dominofori5/OS ProtectingDominofilesandresources Importantfilestoconsider Moreinformation IBMHTTPServer(poweredbyApache) HTTPserveruserprofiles ProtectingHTTPserverfilesandresources Importantfilestoconsider Moreinformation
AppendixD.Programtemporaryfixes Planningyourfixmanagementstrategy Whyani5/OSstrategy Maintenancestrategyrecommendations Highimpactorpervasivefixes Relatedpublications IBMRedbookspublications Otherpublications Onlineresources HowtogetIBMRedbooks HelpfromIBM Index
SIMULATION CONCLUSIONANDFUTUREWORK REFERENCES Chapter3.TensionsinCollaborativeCyberSecurityandhowTheyAffectIncidentDetectionand Response ABSTRACT BACKGROUND THEHISTORYANDPROBLEMSOFCOLLABORATIVECYBERSECURITY INTRODUCTION CASESTUDIESINSECURITYCOLLABORATION CHALLENGESTOSUCCESSFULCOLLABORATION COLLABORATIONSOLUTIONS TECHNICALCOLLABORATIONSOLUTIONS FUTURECOLLABORATIVETECHNOLOGIES LESSONSLEARNED CONCLUSION REFERENCES ENDNOTES Chapter4.ChallengesinSharingComputerandNetworkLogs ABSTRACT INTRODUCTION CONCLUSION REFERENCES ENDNOTE Chapter5.DataProtectioninCollaborativeBusinessApplications ABSTRACT
INTRODUCTION PRIVACYPRESERVINGFRAUDDETECTION CONCLUSION REFERENCES Chapter6.AnApproachtoUnifiedTrustManagementFramework ABSTRACT Section1.INTRODUCTION Section2.CHALLENGESFORTRUSTMANAGEMENT Section3.TAXONOMYFRAMEWORKOFTRUST Section4.TRUSTMANAGEMENTARCHITECTURE Section5.SYSTEMCOMPONENTSOFTRUSTENGINE Section6.SYSTEMSETTINGUPANDOPERATIONS Section7.ANAPPLICATIONEXAMPLE Section8.RELATEDWORK Section9.CONCLUDINGREMARKS REFERENCES Chapter7.TrustAwareRecommenderSystemsforOpenandMobileVirtualCommunities ABSTRACT VIRTUALCOMMUNITIES TRUSTASPECTINOPENVIRTUALCOMMUNITIES ANARCHITECTUREFORTRUSTBASEDRECOMMENDERSYSTEMFOROPENANDMOBILECOMMUNITIES CONCLUSION REFERENCES ENDNOTES Chapter8.SecuringMobileAgentSystemsthroughCollaboration
ABSTRACT INTRODUCTION BACKGROUND MASSECURITYWITHOUTCOLLABORATION MASSECURITYTHROUGHPARTIALCOLLABORATION MASSECURITYTHROUGHCOLLABORATION DISCUSSION CONCLUSION REFERENCES Chapter9.HowTrustandReputationBasedCollaborationImpactWirelessSensorNetworkSecurity ABSTRACT INTRODUCTION DESCRIPTIONOFATYPICALWIRELESSSENSORNETWORKINFRASTRUCTURE COLLABORATION,TRUSTANDREPUTATIONFORSECURITY PRIVACY CONCLUSION REFERENCES ENDNOTES Chapter10.TrustedComputingforCollaboration ABSTRACT INTRODUCTION CONCLUSION REFERENCES ENDNOTES Chapter11.TrustPrivacyTradeoffsinDistributedComputing
ABSTRACT Section1.INTRODUCTION Section2.PREVIOUSWORK Section3.TRUSTPRIVACYTRADEOFFSYSTEM Section4.THESYSTEMSIMULATION Section5.CONCLUSION ACKNOWLEDGMENT REFERENCES SelectedReadings Chapter12.APropositionforDevelopingTrustandRelationalSynergyinInternationaleCollaborative Groups ABSTRACT INTRODUCTION BACKGROUND MAINFOCUSOFTHECHAPTER SOLUTIONSANDRECOMMENDATIONS FUTUREDIRECTIONS CONCLUSION REFERENCES KEYTERMS Chapter13.TrustBasedUsageControlinCollaborativeEnvironment ABSTRACT INTRODUCTION AFRAMEWORKTOINTEGRATIONTRUSTINTOUSAGECONTROL ARCHITECTUREOFTRUSTBASEDUSAGECONTROLINFILESHARING PROTOTYPESIMULATION
Overrelianceonclientsidevalidation Unencryptedtraffic Unhardeneddatabase Weakpasswordpolicies Poorerrorhandlingmechanisms Chapter3.TheToolsoftheTrade Webapplications Thickclientapplications Terminalservicesapplications InterceptingJavaapplets Embeddedapplication Webservicesapplication Mobileapplications Chapter4.SecurityTestingRepository Genericthreatprofileandtestplan Corebanking Internetbanking Webtrading Derivativestrading Creditcardpaymentmanagementapplications Debitcardmanagementsystem Mutualfundsmanagement Loanmanagementapplication Chequemanagementapplication Overdraftcalculatorapplication
Adjustmentsandwaiversapplication Onlineremittanceapplication Accountopeningtracker Backofficetradingapplication Electronicpaymentswitch Cashdepositor Tellerautomationmachines ATMreconcilerapplication Balanceviewerterminals Customercarecentreapplication Interactivevoiceresponsesystem Frauddetectionsoftware Chapter5.EmergingTrends Emerginglandscapeofapplications Newattacksonthehorizon ITGResources PocketGuides Toolkits BestPracticeReports TrainingandConsultancy Newsletter
VMware vSphere and Virtual Infrastructure Security: Securing the Virtual Environment
By: Edward L. Haletky Publisher: Prentice Hall Pub. Date: June 22, 2009 Print ISBN-10: 0-13-715800-9 Print ISBN-13: 978-0-13-715800-3 Web ISBN-10: 0-13-608321-8 Web ISBN-13: 978-0-13-608321-4 Pages in Print Edition: 552
Copyright Dedication PraisePageforVMwarevSphereandVirtualInfrastructureSecurity Foreword Preface WhoShouldReadThisBook? WhatThisBookCovers Acknowledgments AbouttheAuthor AbouttheContributingAuthors Chapter1.WhatIsaSecurityThreat? The10,000FootViewwithoutVirtualization The10,000FootViewwithVirtualization ApplyingVirtualizationSecurity Definitions
Threat Vulnerability Fault TheBeginningoftheJourney Chapter2.HolisticViewfromtheBottomUp AttackGoals AnatomyofanAttack FootprintingStage ScanningStage EnumerationStage PenetrationStage PenetrationSuccessful PenetrationUnsuccessful TypesofAttacks BufferOverflows HeapOverflows WebBasedAttacks Layer2Attacks Layer3NonrouterAttacks DNSAttacks Layer3RoutingAttacks RouteTablePoisoning SourceRoutedPackets ManintheMiddleAttack(MiTM) Conclusion
Chapter3.UnderstandingVMwarevSphereandVirtualInfrastructureSecurity HypervisorModels HypervisorSecurity SecuretheHardware SecuretheManagementAppliance SecuretheHypervisor SecuretheManagementInterfaces SecuretheVirtualMachine Conclusion Chapter4.StorageandSecurity StorageConnectionswithintheVirtualEnvironment StorageAreaNetworks(SAN) NetworkAttachedStorage(NAS) InternetSCSI(iSCSI)Servers VirtualStorageAppliances StorageUsagewithintheVirtualEnvironment VMDatastore AncillaryFileStore BackupStore TapeDevices StorageSecurity DatainMotion DataatRest StorageSecurityIssues VCBProxyServer
SCSIreservations FibreChannelSAN(RegularorNPIV) iSCSI NFS CIFSforBackups SharedFileAccessoverSecureShell(SSH)orSecureCopyUse FTP/RCommandUsage Extents Conclusion Chapter5.ClusteringandSecurity TypesofClusters StandardSharedStorage RAIDBlade VMwareCluster HighAvailability(HA) DynamicResourceScheduling(DRS) DistributedPowerManagement(DPM) EnhancedVMotionCapability(EVC) FaultTolerance(FT) HostProfilesandDistributedVirtualSwitch VirtualMachineClusters SecurityConcerns Heartbeats Isolation VMwareClusterProtocols
VMwareHotMigrationFailures VirtualMachineClusters Management Conclusion Chapter6.DeploymentandManagement ManagementandDeploymentDataFlow VICtoVC(IncludingPlugIns) VICtoHost VCwebAccess ESX(i)webAccess VISDKtoVC VISDKtoHost RCLItoHost RCLItoVC SSHtoHost ConsoleAccess LabManager SiteManager LifeCycleManager AppSpeed CapacityIQ VMwareUpdateManager ManagementandDeploymentAuthentication DifferenceBetweenAuthorizationandAuthentication SplitBrainAuthentication
SplitBrainAuthorization MitigatingSplitBrainAuthorizationandAuthentication SettingUpMicrosoftWindowsSystemsforRemoteLogging SettingUpVMwareESXforRemoteLogging SettingUpVMwareESXiforRemoteLogging DirectoryServices IntegrationwithNIS PartialIntegrationwithActiveDirectory,LDAP,orLDAPS FullIntegrationwithAD SettingUpDirectoryServicesonOtherManagementHosts SecurityofManagementandDeploymentNetwork UsingSSL UsingIPsec UsingTunnels UsingDeploymentServers SecurityIssuesduringManagementandDeployment VICPlugins VMsontheWrongNetwork VMsorNetworksCreatedWithoutAuthorization VMsontheWrongStorage VMsAssignedtoImproperResourcePools PrematurePropagationofVMsfromQualityAssurancetoProduction PhysicaltoVirtual(P2V)CrossingSecurityZones Conclusion Chapter7.OperationsandSecurity
MonitoringOperations HostMonitoring HostConfigurationMonitoring PerformanceMonitoring VirtualMachineAdministratorOperations UsingtheWrongInterfacetoAccessVMs UsingtheBuiltinVNCtoAccesstheConsole VirtualMachineHasCrashed BackupAdministratorOperations ServiceConsoleBackups NetworkBackups DirectStorageAccessBackups VirtualInfrastructureAdministratorOperations UsingToolsAcrossSecurityZones RunningCommandsAcrossAllHosts ManagementRolesandPermissionsSetIncorrectly Conclusion Chapter8.VirtualMachinesandSecurity TheVirtualMachine SecuretheVirtualHardware SecuretheGuestOSandApplication SecuretheHypervisorInteractionLayer Components LimitingKnowledgeaboutRunningwithinaVM VMwareTools
IsolationSettings VirtualMachineAdministration VirtualMachineCreation VirtualMachineModification VirtualMachineDeletion Conclusion Chapter9.VirtualNetworkingSecurity VirtualNetworkingBasics BasicConnections 802.1qorVLANTagging ExternalSwitchTagging(EST) VirtualSwitchTagging(VST) VirtualGuestTagging(VGT) QinQIssueswithvSwitches SecurityZones StandardZones VirtualizationManagementSecurityZone StorageSecurityZone VMwareVMotionSecurityZone VirtualMachineSecurityZone BestPractices VirtualizationHostwithSingleorDualpNIC ThreepNICs FourpNICs FivepNICs
SixpNICs EightpNICs TenpNICs pNICCombinationConclusion Cases DMZonaPrivatevSwitch UseofVirtualFirewalltoProtecttheVirtualizationManagementNetwork VMwareasaService Tools IntrusionDetectionandPrevention AuditingInterfaces Conclusion Chapter10.VirtualDesktopSecurity WhatIsVDI? Components VDIProducts VDM VDMsPlaceintheNetwork TheVDMConnectionServer TheVDMClient TheVDMWebAccessClient TheVDMAgentforVirtualDesktops SecurityImplications VMwareView LinkedClones:WhatAreTheyandHowDoTheyChangeSecurity?
StorageOvercommit OverviewofLinkedClones ProtectingtheVC OfflineDesktops SSLinaVDMorViewEnvironment SecureVDIImplementation SecuretheVirtualDesktop Conclusion Chapter11.SecurityandVMwareESX VMwareESXiHardeningRecipe VMwareESXHardeningRecipe Step1:RootPassword Step2:ShadowPassword Step3:IPtablesFirewall Step4:LockdownbySourceIP Step5:RunSecurityAssessments Step6:ApplyHardeningperAssessments Step7:AdditionalAuditingTools Conclusion Chapter12.DigitalForensicsandDataRecovery DataRecovery DataRecoveryHostUnavailable DataRecoveryCorruptLUN DataRecoveryRecreateLUN DataRecoveryRecreateDisk
ReplaceController ReadPastBadBlocks ScanningTransmissionElectronMicroscopy DigitalForensics DigitalForensicsAcquisition DigitalForensicsAnalysis DigitalForensicsWhoDidWhat,When,Where,andHow? Conclusion Conclusion:JusttheBeginning:TheFutureofVirtualizationSecurity AppendixA.PatchestoBastilleTool AppendixB.SecurityHardeningScript AppendixC.AssessmentScriptOutput CISCATOutput BastilleLinuxOutput DISASTIGOutput TripwireConfigCheckOutput AppendixD.SuggestedReadingandUsefulLinks
PracticeLab1 Section1.0:CoreConfiguration(20Points) Section2.0:CiscoFirewall(10Points) Section3.0:CiscoVPN(16Points) Section4.0:CiscoIPS(IntrusionPreventionSystem)(6Points) Section5.0:ImplementIdentityAuthentication(12Points) Section6.0:ImplementControlandManagementPlaneSecurity(12Points) Section7.0:AdvancedSecurity(12Points) Section8.0:NetworkAttacks(12Points) AsktheProctor Section1.0:CoreConfiguration(20Points) Section2.0:CiscoFirewall(10Points) Section3.0:CiscoVPN(16Points) Section4.0:CiscoIPS(IntrusionPreventionSystem)(6Points) Section5.0:ImplementIdentityAuthentication(12Points) Section6.0:ImplementControlandManagementPlaneSecurity(12Points) Section7.0:AdvancedSecurity(12Points) Section8.0:NetworkAttacks(12Points) LabDebrief Section1.0:CoreConfiguration(20Points) Section2.0:CiscoFirewall(10Points) Section3.0:CiscoVPN(16Points) Section4.0:CiscoIPS(IntrusionPreventionSystem)(6Points) Section5.0:ImplementIdentityAuthentication(12Points) Section6.0:ImplementControlandManagementPlaneSecurity(12Points)
Section7.0:AdvancedSecurity(12Points) Section8.0:NetworkAttacks(12Points) Chapter2.PracticeLab2 Overview EquipmentList GeneralGuidelines PrelabSetupandCablingInstructions CatalystSwitchportCablingDiagram SerialWANInterfaceCablingDiagram LabTopologyDiagram IPAddressDetails IPRoutingProtocolDiagram IPRoutingDetails PracticeLab2 Section1.0:CoreConfiguration(14Points) Section2.0:CiscoFirewall(13Points) Section3.0:CiscoVPN(15Points) Section4.0:CiscoIPS(IntrusionPreventionSystem)(8Points) Section5.0:ImplementIdentityAuthentication(12Points) Section6.0:ImplementControlandManagementPlaneSecurity(13Points) Section7.0:AdvancedSecurity(12Points) Section8.0:NetworkAttacks(13Points) AsktheProctor Section1.0:CoreConfiguration(14Points) Section2.0:CiscoFirewall(13Points)
Section3.0:CiscoVPN(15Points) Section4.0:CiscoIPS(IntrusionPreventionSystem)(8Points) Section5.0:ImplementIdentityAuthentication(12Points) Section6.0:ImplementControlandManagementPlaneSecurity(13Points) Section7.0:AdvancedSecurity(12Points) Section8.0:NetworkAttacks(13Points) LabDebrief Section1.0:CoreConfiguration(14Points) Section2.0:CiscoFirewall(13Points) Section3.0:CiscoVPN(15Points) Section4.0:CiscoIPS(IntrusionPreventionSystem)(8Points) Section5.0:ImplementIdentityAuthentication(12Points) Section6.0:ImplementControlandManagementPlaneSecurity(13Points) Section7.0:AdvancedSecurity(12Points) Section8.0:NetworkAttacks(13Points)
Section2.7.ImpactofSecurityCostsonSecurityDecisionsandInvestments:NetworkSecurityRisk Management Chapter3.ProtectingWeb2.0:WhatMakesitsoChallenging? Section3.1.ExecutiveSummary Section3.2.DefiningWeb2.0 Section3.3.TheChallengesofWeb2.0Security Section3.4.SecuringtheWeb2.0Network Section3.5.TheWirelessDataChallenge Section3.6.SecuringtheWeb2.0ApplicationsandContent Chapter4.LimitationsofthePresentModels Section4.1.ExecutiveSummary Section4.2.AftermarketSecurityABrokenModel Section4.3.StandardsandRegulations Section4.4.RegulateYourselfintoGoodSecurity? Section4.5.SilosofRisk Section4.6.AbsenceofMetricstoDefineTrust Section4.7.TheCurrentModelisBrokenNowWhat? Chapter5.DefiningtheSolutionITUTX.805StandardExplained Section5.1.ExecutiveSummary Section5.2.TheITUTX.805StandardExplained:BuildingafoundationfortheSecurityValueLifeCycle Section5.3.CouplingtotheISO/IEC27000SeriesStandard:ComplementaryStandardsthatEnablethe ProcessandPolicyLeadingtoCompliance Section5.4.EnterpriseRiskandITManagementFrameworks Chapter6.BuildingtheSecurityFoundationUsingtheITUTX.805Standard:TheITUTX.805Standard MadeOperational Section6.1.ExecutiveSummary Chapter7.TheBenefitsofaSecurityFrameworkApproach
Section7.1.ExecutiveSummary Section7.2.ConvincingtheCFO Chapter8.CorrectingOurPathWhatWillitTake? Section8.1.ExecutiveSummary Section8.2.ThePoweroftheCustomertoTransformanIndustry Section8.3.SummaryandConclusions AppendixA.BuildingSecureProductsandSolutions SectionA.1.Introduction SectionA.2.ProductLifecycleOverview SectionA.3.IntegratingSecurityIntotheProductLifecycle SectionA.4.BuildinginSecurity SectionA.5.BellLabsSecurityFrameworkOverview SectionA.6.TheProposedApproach SectionA.7.IntegratingSecurityinRequirementsandDesignPhase SectionA.8.IntegratingSecurityintheImplementationPhase SectionA.9.IntegratingSecurityinTestingPhase SectionA.10.IntegratingSecurityintheProductManagement SectionA.11.Conclusion AppendixB.UsingtheBellLabsSecurityFrameworktoEnhancetheISO17799/27001Information SecurityManagementSystem SectionB.1.Introduction SectionB.2.AugmentingISO/IEC27001withtheBellLabsSecurityFramework SectionB.3.ImplementationGuidanceUsingtheBellLabsSecurityFramework SectionB.4.MethodologyforApplyingtheBellLabsSecurityFrameworktoISO/IEC27001 SectionB.5.ExamplesofApplyingtheBellLabsSecurityFrameworktoISO/IEC27001Controls
Chapter3.ExecutingTests Section3.1.CommonParadigmsforConductingTests Section3.2.ConductingSiteExploration Section3.3.ExampleTacticalApproaches Section3.4.MechanismsofPhysicalSecurity Section3.5.Summary Chapter4.AnIntroductiontoSocialEngineeringTechniques Section4.1.IntroductiontoGuerillaPsychology Section4.2.TacticalApproachestoSocialEngineering Section4.3.Summary Chapter5.LockPicking Section5.1.LockPickingasaHobby Section5.2.IntroductiontoLockPicking Section5.3.AdvancedTechniques Section5.4.AttackingOtherMechanisms Section5.5.Summary Chapter6.InformationGathering Section6.1.DumpsterDiving Section6.2.ShoulderSurfing Section6.3.CollectingPhotographicIntelligence Section6.4.FindingInformationFromPublicSourcesandtheInternet Section6.5.ElectronicSurveillance Section6.6.CovertSurveillance Section6.7.Summary Chapter7.HackingWirelessEquipment
Section7.1.WirelessNetworkingConcepts Section7.2.IntroductiontoWirelessCryptography Section7.3.CrackingEncryption Section7.4.AttackingaWirelessClient Section7.5.MountingaBluetoothAttack Section7.6.Summary Chapter8.GatheringtheRightEquipment Section8.1.The"GetofJailFree"Card Section8.2.PhotographyandSurveillanceEquipment Section8.3.ComputerEquipment Section8.4.WirelessEquipment Section8.5.GlobalPositioningSystems Section8.6.LockPickingTools Section8.7.ForensicsEquipment Section8.8.CommunicationsEquipment Section8.9.Scanners Section8.10.Summary Chapter9.TalesfromtheFrontLine Section9.1.SCADARaiders Section9.2.NightVision Section9.3.UnauthorizedAccess Section9.4.Summary Chapter10.IntroducingSecurityPolicyConcepts Section10.1.PhysicalSecurity Section10.2.ProtectivelyMarkedorClassifiedGDIMaterial
Section10.3.ProtectiveMarkingsintheCorporateWorld Section10.4.CommunicationsSecurity Section10.5.StaffBackgroundChecks Section10.6.DataDestruction Section10.7.DataEncryption Section10.8.OutsourcingRisks Section10.9.IncidentResponsePolicies Section10.10.Summary Chapter11.CounterIntelligence Section11.1.UnderstandingtheSourcesofInformationExposure Section11.2.SocialEngineeringAttacks Section11.3.ProtectingAgainstElectronicMonitoring Section11.4.SecuringRefuse Section11.5.ProtectingAgainstTailgatingandShoulderSurfing Section11.6.PerformingPenetrationTesting Section11.7.BaselinePhysicalSecurity Section11.8.Summary AppendixA.UKLaw SectionA.1.1.ComputerMisuseAct SectionA.1.2.HumanRightsAct SectionA.1.3.RegulationofInvestigatoryPowersAct SectionA.1.4.DataProtectionAct AppendixB.USLaw SectionB.1.1.ComputerFraudandAbuseAct SectionB.1.2.ElectronicCommunicationsPrivacyAct
SectionB.1.3.SOXandHIPAA AppendixC.EULaw SectionC.1.1.EuropeanNetworkandInformationSecurityAgency SectionC.1.2.DataProtectionDirective AppendixD.SecurityClearances SectionD.1.1.ClearanceProceduresintheUnitedKingdom SectionD.1.2.LevelsofClearanceintheUnitedKingdom SectionD.1.3.LevelsofClearanceintheUnitedStates AppendixE.SecurityAccreditations SectionE.1.1.CertifiedInformationSystemsSecurityProfessional SectionE.1.2.CommunicationElectronicsSecurityGroupCHECK SectionE.1.3.GlobalInformationAssuranceCertification SectionE.1.4.INFOSECAssessmentandEvaluation
Cyber Security and Global Information Assurance: Threat Analysis and Response Solutions
By: Kenneth J. Knapp Publisher: IGI Global Pub. Date: April 30, 2009 Print ISBN-13: 978-1-60566-326-5 Print ISBN-10: 1-60566-084-1 Pages in Print Edition: 458
Copyright EditorialAdvisoryBoard ListofReviewers Foreword Preface REFERENCES Acknowledgment Section:IRiskandThreatAssessment ChapterI.DynamicModelingoftheCyberSecurityThreatProblem:TheBlackMarketforVulnerabilities ABSTRACT INTRODUCTION BACKGROUND BLACKMARKETFORVULNERABILITIES:DEFINITION,ISSUESANDPROBLEMS TRACINGTHEHISTORYOFVULNERABILITYDISCOVERY THEDYNAMICMODELOFTHEBMs LEARNINGFROMMODELANDFUTURETRENDS CONCLUSION
REFERENCES ChapterII.AnAttackGraphBasedApproachforThreatIdentificationofanEnterpriseNetwork ABSTRACT INTRODUCTION BACKGROUND PROPOSEDAPPROACH:THREATIDENTIFICATIONANDATTACKPATHPREDICTION CASESTUDY FUTURERESEARCH&CONCLUSION REFERENCES ENDNOTES ChapterIII.InsiderThreatPrevention,DetectionandMitigation ABSTRACT INTRODUCTION BACKGROUND DEFININGTHEINSIDERTHREAT COUNTERINGTHETHREAT:RISKMANAGEMENT BESTPRACTICESFORMITIGATINGTHEINSIDERTHREAT DETECTIONMEASURES CONCLUSION REFERENCES ChapterIV.AnAutocorrelationMethodologyfortheAssessmentofSecurityAssurance ABSTRACT INTRODUCTION BACKGROUND METRICSDEVELOPMENTANDIMPLEMENTATIONAPPROACH
AUTOCORRELATIONANALYSIS FUTURETRENDS CONCLUSION REFERENCES ChapterV.SecurityImplicationsforManagementfromtheOnsetofInformationTerrorism ABSTRACT INTRODUCTION BACKGROUND INFORMATIONTERRORISMANDTHENEWSECURITYENVIRONMENT MANAGEMENTIMPLICATIONSFROMINFORMATIONTERRORISM FUTURETRENDS CONCLUSION REFERENCES Section:IIOrganizationalandHumanSecurity ChapterVI.TheAdoptionofInformationSecurityManagementStandards:ALiteratureReview ABSTRACT INTRODUCTION BACKGROUND THEADOPTIONOFINFORMATIONSECURITYSTANDARDS FUTURETRENDS CONCLUSION REFERENCES ChapterVII.DataSmog,TechnoCreepandtheHobblingoftheCognitiveDimension ABSTRACT INTRODUCTION
BACKGROUND DATASMOGANDTECHNOCREEPARECHOKINGTHECOGNITIVEDIMENSION CAUSESOFDATASMOG TECHNOCREEPCONTRIBUTESTODATASMOGANDINFORMATIONOVERLOAD IMPLICATIONSOFDATASMOG CONCLUSION REFERENCES ChapterVIII.BalancingthePublicPolicyDriversintheTensionbetweenPrivacyandSecurity ABSTRACT INTRODUCTION PUBLICPOLICYBACKGROUNDOFPRIVACYANDSECURITY PRIVACYVS.SECURITY:ANIRRECONCILABLETRADEOFF? PRIVACYANDSECURITYHARMONIZE RECOMMENDATIONS CONCLUSION REFERENCES ChapterIX.HumanFactorsinSecurity:TheRoleofInformationSecurityProfessionalswithin Organizations ABSTRACT INTRODUCTION ROLESANDRESPONSIBILITIESOFITSECURITYPROFESSIONALS ACULTURALAPPROACHTOTHEITSECURITYPROFESSION DISCUSSION CONCLUSIONANDHRMIMPLICATIONS REFERENCES APPENDIXA:DESCRIPTIONOFSECURITYCERTIFICATIONS
ChapterX.DiagnosingMisfits,InducingRequirements,andDelineatingTransformationswithin ComputerNetworkOperationsOrganizations ABSTRACT INTRODUCTION BACKGROUND ORGCONCNDMODEL RESULTS DISCUSSION&CONCLUSION REFERENCES APPENDIXA:ORGCONANALYSISANDRECOMMENDATIONSFORSIMPLEENVIRONMENTS APPENDIXB:ORGCONANALYSISANDRECOMMENDATIONSFORCOMPLEXENVIRONMENTS APPENDIXC ChapterXI.AnApproachtoManagingIdentityFraud ABSTRACT INTRODUCTION BACKGROUND MANAGINGIDENTITYCRIME:GOVERNMENTLEVELSTRATEGIES MANAGINGIDENTITYCRIME:ORGANIZATIONALLEVELSTRATEGIES FUTURETRENDSANDRESEARCH CONCLUSION REFERENCES Section:IIIEmergencyResponsePlanning ChapterXII.ARepeatableCollaborationProcessforIncidentResponsePlanning ABSTRACT INTRODUCTION BACKGROUND
ACOLLABORATIONPROCESSFORINCIDENTRESPONSEPLANNING APPLICATIONEXPERIENCES FUTURETRENDSANDRESEARCHISSUES CONCLUSION REFERENCES KEYTERMS APPENDIXA:CASE3INITIALBRAINSTORMINGIDEASANDRESULTINGCOURSEOFACTIONSECTIONOF THEFINALIRP ChapterXIII.PandemicInfluenza,WorkerAbsenteeismandImpactsonCriticalInfrastructures:Freight TransportationasanIllustration ABSTRACT INTRODUCTION ANALYSISOFRAILROADOPERATIONS ANALYSISOFCONTAINERPORTOPERATIONS EXTENDINGTHECONCEPTSTOOTHERINFRASTRUCTURES CONCLUSION REFERENCES ChapterXIV.InformationSharing:AStudyofInformationAttributesandtheirRelativeSignificance DuringCatastrophicEvents ABSTRACT INTRODUCTION INFORMATIONQUALITY DISASTERTYPES CONTENTANALYSIS CONCLUSION ACKNOWLEDGMENT REFERENCES
APPENDIXA:DOCUMENTCORPUS APPENDIXB:ORGANIZATIONALANDTECHNOLOGICALRESOURCES ChapterXV.AnOverviewoftheCommunityCyberSecurityMaturityModel ABSTRACT INTRODUCTION:THENEEDFORCOMMUNITYCYBERSECURITYPROGRAMS CONCLUSION REFERENCES Section:IVSecurityTechnologies ChapterXVI.ServerHardeningModelDevelopment:AMethodologyBasedApproachtoIncreased SystemSecurity ABSTRACT INTRODUCTION BACKGROUND SECURESERVERMODELINGCONCEPTS FUTURETRENDS CONCLUSION REFERENCES APPENDIXA:SERVERSERVICESANDDAEMONSLISTING APPENDIXB:USERPHYSICALACCESSASSESSMENTFORM APPENDIXC:NMAPSCANNINGFORM APPENDIXD:SERVERHARDENINGMODELCHECKLIST ChapterXVII.TrustedComputing:EvolutionandDirection ABSTRACT INTRODUCTION BACKGROUND TRUSTEDCOMPUTING:THENANDNOW
FUTURETRENDS CONCLUSION REFERENCES ChapterXVIII.Introduction,ClassificationandImplementationofHoneypots ABSTRACT INTRODUCTION BACKGROUND CLASSIFICATIONOFHONEYPOTS ADVANTAGESANDLIMITATIONSOFHONEYPOTS PRACTICALUSESINTHEFIELD FUTURETRENDS CONCLUSION REFERENCES CompilationofReferences
UK US Europe Canada CopyrightandIntellectualpropertyinfringement PCI Protectionagainstbreachofconfidentialityandreputationdamage Privacy Processingofpersonaldatadataprotectionanddatabreachnotification Chapter5.SummaryofRecommendations Chapter6.Conclusion Appendix:Glossary ITGResources PocketGuides Toolkits BestPracticeReports TrainingandConsultancy Newsletter
Generaltreatmentoptions Chapter2.TreatmentUsingISO27001 Assessthedamage Pastorfuture? Initiateaninvestigation,secureallevidence Evaluateevidence Draftthereport Finaldecision Followupwithtenacity Review HowISO27001supportsthetreatmentofbreaches Chapter3.CaseStudies Casestudy1smallcompany Casestudy2smallcompany Casestudy3mediumsizedcompany Casestudy4largecompany ITGResources OtherWebsites PocketGuides Toolkits BestPracticeReports TrainingandConsultancy
Homeland Security Preparedness and Information Systems: Strategies for Managing Public Policy
By: Christopher G. Reddick Publisher: IGI Global Pub. Date: September 30, 2009 Print ISBN-13: 978-1-60566-834-5 Print ISBN-10: 1-60566-834-6 Pages in Print Edition: 274
Copyright Foreword Preface Acknowledgment Section:1BackgroundInformation Chapter1.HomelandSecurityPreparedness INRODUCTION BACKGROUND ORGANIZATIONALBEHAVIORANDINFORMATIONTECHNOLOGY ADMINISTRATIVEANDORGANIZATIONALASPECTSOFHOMELANDSECURITY HOMELANDSECURITYCOLLABORATION ADAPTIVEMANAGEMENTANDHOMELANDSECURITY RESEARCHMETHODS DESCRIPTIVECHARACTERISTICSOFCITYMANAGERSANDTHEIRGOVERNMENTS POSSIBLETERRORISTTHREATS TYPESOFHOMELANDSECURITYEQUIPMENTPURCHASED HOMELANDSECURITYFUNDING
COLLABORATIONANDHOMELANDSECURITY HOMELANDSECURITYINFORMATIONASSESSMENT RATINGHOMELANDSECURITYCOLLABORATION HOMELANDSECURITYCOLLABORATIONANDADAPTIVEMANAGEMENT MANAGEMENTCONCERNSANDHOMELANDSECURITY ORGANIZATIONALASPECTSOFHOMELANDSECURITY CITYGOVERNMENTHOMELANDSECURITYASSESSMENT HURRICANEKATRINA,INFORMATIONSYSTEMSANDPREPAREDNESS CONCLUSION REFERENCES APPENDIXA:CONGRESSIONALRESEARCHSERVICESUMMARYOFTHEHOMELANDSECURITYACTOF 2002 Chapter2.CitizenCentricEGovernment INTRODUCTION EXISTINGRESEARCHONCIOs CITIZENCENTRICEGOVERNMENTADOPTION CLINGERCOHENACTANDCIOs THEENVIRONMENTALCONTEXTOFPUBLICSECTORCIOs CITIZENCENTRICFEDERALGOVERNMENTANDEGOVERNMENT CONCEPTUALFRAMEWORK MANAGEMENTCAPACITY SECURITYANDPRIVACY TOPMANAGEMENTSUPPORT EGOVERNMENTPROJECTMANAGEMENT MANAGERIALINNOVATION LACKOFRESOURCECAPACITY
CHARACTERISTICSOFFEDERALCIOs CIOsOPINIONSONEGOVERNMENT OPENENDEDRESPONSES EXAMPLESOFCITIZENCENTRICGOVERNMENTANDHSIS CONCLUSION REFERENCES APPENDIXA:CONGRESSIONALRESEARCHSERVICESUMMARYOFTHEEGOVERNMENTACTOF2002 Chapter3.CollaborationandEGovernment INTRODUCTION BACKGROUND INFORMATIONSHARING NATIONALINFORMATIONEXCHANGEMODEL ENTERPRISEARCHITECTUREANDHSIS COLLABORATIVEMANAGEMENTPRINCIPLESANDEGOVERNMENT COLLABORATIONANDEGOVERNMENTCONCEPTUALFRAMEWORK SURVEYRESULTS STATEGOVERNMENTCIOSANDTHEIRGOVERNMENTS LEVELSOFCOLLABORATIONANDEGOVERNMENT COLLABORATIONANDEGOVERNMENTWITHINSTATEGOVERNMENTS COLLABORATIONANDSTATEEGOVERNMENTPROJECTS CONCLUSION REFERENCES Section:2HomelandSecurityInformationSystemsinGovernment Chapter4.FederalGovernmentHomelandSecurityInformationSystems INTRODUCTION
THEDEPARTMENTOFHOMELANDSECURITY INFORMATIONTECHNOLOGYUSEDATDEPARTMENTOFHOMELANDSECURITY HOMELANDSECURITYENVIRONMENT COMPUTERSECURITYACT PAPERWORKREDUCTIONACT CLINGERCOHENACT EGOVERNMENTACT CHALLENGES,ROLES,ANDRESPONSIBILITIESOFFEDERALCIOs PRINCIPLESOFEFFECTIVEMANAGEMENTANDIT DATACOLLECTIONMETHODS HSISIMPACTONCIOROLESANDRESPONSIBILITIES HSISIMPACTONTOPITCHALLENGESFORCIOs HSISANDITMANAGEMENTCAPABILITIES HOMELANDSECURITYPREPAREDNESSANDHSIS CONCLUSION REFERENCES Chapter5.InformationTechnologyandEmergencyManagement INTRODUCTION FUNCTIONSEMERGENCYMANAGEMENT EMERGENCYPLANNING INTERGOVERNMENTALANDCOLLABORATION CITIZENSANDEMERGENCYMANAGEMENT MANAGEMENTINFORMATIONSYSTEMS EMERGENCYMANAGEMENTTECHNOLOGIES ITISSUESANDEMERGENCYMANAGEMENT
INFORMATIONTECHNOLOGYANDFEMA EXPEDITEDASSISTANCE EMERGENCYALERTSYSTEM SURVEYMETHODSANDSUMMARYRESULTS THEENVIRONMENTALCONTEXTOFEMERGENCYMANAGEMENTANDPREPAREDNESS ITANDTHEEMERGENCYMANAGEMENTFUNCTION CONCLUSION REFERENCES Chapter6.LocalGovernmentHomelandSecurityInformationSystems INTRODUCTION BACKGROUNDONLOCALGOVERNMENTS STAGESOFLOCALEGOVERNMENTDEVELOPMENT INFORMATIONANDHOMELANDSECURITY HOMELANDSECURITYADVISORYSYSTEM NATIONALINCIDENTMANAGEMENTSYSTEM SURVEYSONLOCALHSIS DATAANDMETHODS HOMELANDSECURITYINFORMATIONSYSTEMSINITIATIVES FEDERAL/STATEFUNDINGFORHOMELANDSECURITYRELATEDPROGRAMS LOCALGOVERNMENTOWNSOURCEFUNDINGFORHOMELANDSECURITYINITIATIVES QUALITYOFHOMELANDSECURITYINFORMATIONRECEIVEDFROMFEDERALANDSTATE GOVERNMENTS LOCALGOVERNMENTTRAININGANDTECHNICALASSISTANCEANDHSIS TRAININGMETHODSTHATLOCALGOVERNMENTSPREFER CONCLUSION REFERENCES
Section:3EmergingIssues Chapter7.Citizens,theInternet,andTerrorismInformation INTRODUCTION DIGITALDIVIDE TRUSTANDSATISFACTION CITIZENINITIATEDCONTACTS SURVEYRESULTSOFCITIZENONLINEACCESS EMERGENCIESANDTHEINTERNET CONCLUSION REFERENCES Chapter8.InformationSecurityinGovernment INTRODUCTION INFORMTIONSECURITYISSUES MANAGEMENTANDINFORMATIONSECURITY ORGANIZATIONALCULTUREANDINFORMATIONSECURITY INFORMATIONSECURITYPOLICY EDUCATION DETERRENCEANDPREVENTION USERSANDINFORMATIONSECURITY INFORMATIONSECURITYTHREATS CYBERSECURITYANDCYBERTERRORISM INFORMATIONSECURITYSURVEYS TEXASSTATEAGENCYINFORATIONSECURITYSURVEY CAUSESOFINFORMATIONSECURITYINCIDENTS INFORMATIONSECURITYANDTHEINTERNALANDEXTERNALENVIRONMENT
INFORMATIONSECURITYSUPPORT,RESOURCES,ANDPREPAREDNESS THREATSTOINFORMATIONSECURITY EFFECTIVENESSOFTHREATPROTECTIONMECHANISMS CONCLUSION REFERENCES Chapter9.EmergencyManagementWebsites INTRODUCTION WEBSITESANDEMERGENCYMANAGEMENT EGOVERNMENTGROWTHMODELS LEVELSOFADOPTIONOFEGOVERNMENTWEBSITES FACTORSOFEGOVERNMENTWEBSITEADOPTION BENCHMARKINGEGOVERNMENTWEBSITES TRANSPARENCYANDACCESSIBILITYANDEGOVERNMENTWEBSITES FEMADISASTERDECLARATIONS EMERGENCYMANAGEMENTWEBSITECONTENTANALYSIS CONCLUSION REFERENCES Chapter10.Conclusion INTRODUCTION THEENVIRONMENTALCONTEXTOFHOMELANDSECURITY PREVALENCEOFHSISINGOVERNMENTS CITIZENS,INFORMATIONSECURITY,ANDONLINEINFORMATION FUTURERESEARCHRECOMMENDATIONS REFERENCES Section:4SelectedReadingsfromtheAuthor
Chapter11.PerceivedEffectivenessofEGovernmentanditsUsageinCityGovernments:Survey EvidencefromInformationTechnologyDirectors ABSTRACT INTRODUCTION CONCLUSION REFERENCES Chapter12.EGovernmentandCreatingaCitizenCentricGovernment:AStudyofFederalGovernment CIOs ABSTRACT INTRODUCTION CLINGERCOHENACTANDCIOs THEENVIRONMENTALCONTEXTOFPUBLICSECTORCIOs CITIZENCENTRICFEDERALGOVERNMENTANDEGOVERNMENT CONCEPTUALFRAMEWORK CHARACTERISTICSOFFEDERALCIOs CIOs'OPINIONSONEGOVERNMENT DESCRIPTIVESTATISTICSOFDEPENDENTANDPREDICTORVARIABLES RESULTSOFOLSREGRESSIONMODEL DISCUSSIONOFHYPOTHESES CONCLUSION ACKNOWLEDGMENT REFERENCES
Cisco ASA: All-in-One Firewall, IPS, Anti-X, and VPN Adaptive Security Appliance, Second Edition
By: Jazib Frahim - CCIE No. 5459; Omar Santos Publisher: Cisco Press Pub. Date: December 29, 2009 Print ISBN-10: 1-58705-819-7 Print ISBN-13: 978-1-58705-819-6 Web ISBN-10: 1-58714-101-9 Web ISBN-13: 978-1-58714-101-0 Pages in Print Edition: 1152
Copyright AbouttheAuthors AbouttheTechnicalReviewers Acknowledgments IconsUsedinThisBook Introduction PartI:ProductOverview Chapter1.IntroductiontoSecurityTechnologies Firewalls IntrusionDetectionSystems(IDS)andIntrusionPreventionSystems(IPS) VirtualPrivateNetworks Summary Chapter2.CiscoASAProductandSolutionOverview CiscoASA5505Model CiscoASA5510Model
CiscoASA5520Model CiscoASA5540Model CiscoASA5550Model CiscoASA558020and558040Models CiscoASAAIPSSMModule CiscoASAGigabitEthernetModules CiscoASACSCSSMModule Summary Chapter3.InitialSetupandSystemMaintenance AccessingtheCiscoASAAppliances ManagingLicenses InitialSetup DeviceSetup IPVersion6 SettingUptheSystemClock ConfigurationManagement RemoteSystemManagement SystemMaintenance SystemMonitoring DeviceMonitoringandTroubleshooting Summary PartII:FirewallTechnology Chapter4.ControllingNetworkAccess PacketFiltering ConfiguringTrafficFiltering
AdvancedACLFeatures ContentandURLFiltering DeploymentScenariosforTrafficFiltering MonitoringNetworkAccessControl UnderstandingAddressTranslation DNSDoctoring MonitoringAddressTranslations Summary Chapter5.IPRouting ConfiguringStaticRoutes RIP OSPF EIGRP IPMulticast Summary Chapter6.Authentication,Authorization,andAccounting(AAA) AAAProtocolsandServicesSupportedbyCiscoASA DefininganAuthenticationServer ConfiguringAuthenticationofAdministrativeSessions AuthenticatingFirewallSessions(CutThroughProxyFeature) ConfiguringAuthorization ConfiguringAccounting Summary Chapter7.ApplicationInspection EnablingApplicationInspection
SelectiveInspection ComputerTelephonyInterfaceQuickBufferEncodingInspection DistributedComputingEnvironmentRemoteProcedureCalls(DCERPC) DomainNameSystem ExtendedSimpleMailTransferProtocol FileTransferProtocol GeneralPacketRadioServiceTunnelingProtocol H.323 UnifiedCommunicationsAdvancedSupport HTTP ICMP ILS InstantMessenger(IM) IPSecPassThrough MGCP NetBIOS PPTP SunRPC RSH RTSP SIP Skinny(SCCP) SNMP SQL*Net TFTP
WAAS XDMCP Summary Chapter8.Virtualization ArchitecturalOverview ConfigurationofSecurityContexts DeploymentScenarios MonitoringandTroubleshootingtheSecurityContexts Summary Chapter9.TransparentFirewalls ArchitecturalOverview RestrictionsWithinTransparentFirewalls ConfigurationofTransparentFirewalls DeploymentScenarios MonitoringandTroubleshootingtheTransparentFirewalls Summary Chapter10.FailoverandRedundancy ArchitecturalOverview FailoverConfiguration DeploymentScenarios MonitoringandTroubleshootingFailovers Summary Chapter11.QualityofService QoSTypes QoSArchitecture
ConfiguringQualityofService QoSDeploymentScenarios MonitoringQoS Summary PartIII:IntrusionPreventionSystem(IPS)Solutions Chapter12.ConfiguringandTroubleshootingIntrusionPreventionSystem(IPS) OverviewoftheAdaptiveInspectionPreventionSecurityServicesModule(AIPSSM)andAdaptive InspectionPreventionSecurityServicesCard(AIPSSC) AIPSSMandAIPSSCManagement CiscoIPSSoftwareArchitecture ConfiguringtheAIPSSM AIPSSMMaintenance AdvancedFeaturesandConfiguration CiscoASABotnetDetection Summary Chapter13.TuningandMonitoringIPS IPSTuning MonitoringandTuningtheAIPSSMUsingCSMARS DisplayingandClearingStatistics Summary PartIV:ContentSecurity Chapter14.ConfiguringCiscoContentSecurityandControlSecurityServicesModule InitialCSCSSMSetup ConfiguringCSCSSMWebBasedFeatures ConfiguringCSCSSMMailBasedFeatures ConfiguringCSCSSMFileTransferProtocol(FTP)
Summary Chapter15.MonitoringandTroubleshootingtheCiscoContentSecurityandControlSecurityServices Module MonitoringtheCSCSSM TroubleshootingtheCSCSSM Summary PartV:VirtualPrivateNetwork(VPN)Solutions Chapter16.SitetoSiteIPSecVPNs PreconfigurationChecklist ConfigurationSteps AdvancedFeatures ModifyingDefaultParameters DeploymentScenarios MonitoringandTroubleshootingSitetoSiteIPSecVPNs Summary Chapter17.IPSecRemoteAccessVPNs CiscoIPSecRemoteAccessVPNSolution AdvancedCiscoIPSecVPNFeatures L2TPOverIPSecRemoteAccessVPNSolution DeploymentScenarios MonitoringandTroubleshootingCiscoRemoteAccessVPN Summary Chapter18.PublicKeyInfrastructure(PKI) IntroductiontoPKI InstallingCertificates TheLocalCertificateAuthority
ConfiguringIPSecSitetoSiteTunnelsUsingCertificates ConfiguringtheCiscoASAtoAcceptRemoteAccessIPSecVPNClientsUsingCertificates TroubleshootingPKI Summary Chapter19.ClientlessRemoteAccessSSLVPNs SSLVPNDesignConsiderations SSLVPNPrerequisites PreSSLVPNConfigurationGuide ClientlessSSLVPNConfigurationGuide CiscoSecureDesktop HostScan DynamicAccessPolicies DeploymentScenarios MonitoringandTroubleshootingSSLVPN Summary Chapter20.ClientBasedRemoteAccessSSLVPNs SSLVPNDeploymentConsiderations SSLVPNPrerequisites PreSSLVPNConfigurationGuide AnyConnectVPNClientConfigurationGuide DeploymentScenarioofAnyConnectClient MonitoringandTroubleshootingAnyConnectSSLVPNs Summary Index
Techniques and Applications for Advanced Information Privacy and Security: Emerging Organizational, Ethical, and Human Issues
By: Hamid Nemati Publisher: IGI Global Pub. Date: March 31, 2009 Print ISBN-13: 978-1-60566-210-7 Print ISBN-10: 1-60566-211-9 Pages in Print Edition: 414
Copyright Dedication AssociateEditors EditorialReviewBoard BookReviewEditor CaseStudyEditors Foreword Preface Section:IInformationSecurityandPrivacy:ThreatsandSolutions ChapterI.ARuleBasedandGameTheoreticApproachtoOnLineCreditCardFraudDetection ABSTRACT INTRODUCTION BACKGROUNDANDRELATEDWORK GAMETHEORETICMODEL PROPOSEDFRAUDDETECTIONSYSTEM SIMULATIONANDEXPERIMENTALRESULTS CONCLUSION
REFERENCES ChapterII.EmailWormDetectionUsingDataMining ABSTRACT INTRODUCTION RELATEDWORK FEATUREREDUCTIONANDCLASSIFICATIONTECHNIQUES DATASET EXPERIMENTALSETUP RESULTS CONCLUSION REFERENCES ChapterIII.InformationSystemsSecurity:CasesofNetworkAdministratorThreats ABSTRACT INTRODUCTION NETWORKSECURITYASABUSINESSISSUE THEFOCUSOFINVESTMENTONNETWORKSECURITY HACKINGANDCRACKING PUTTINGTHEMALLTOGETHER:CASESONSECURITYBREACHESTHROUGHNETWORKADMINISTRATORS IMPLICATIONSOFCASESANDCONCLUSION REFERENCES ChapterIV.RootkitsandWhatWeKnow:AssessingU.S.andKoreanKnowledgeandPerceptions ABSTRACT INTRODUCTION RELEVANTLITERATURE ROOTKITS:STATUSANDPOTENTIAL
METHODOLOGYANDMEASUREMENTS ISSUES,CONCLUSIONSANDLIMITATIONS REFERENCES APPENDIX Section:IIPrivacyPreservationandTechniques ChapterV.PrivacyPreservingDataMiningandtheNeedforConfluenceofResearchandPractice ABSTRACT 1.INTRODUCTION 2.ASURVEYOFPRIVACYPRESERVINGDATAMINING 3.EVALUATINGPPDMTECHNIQUES 4.GOVERNMENTALANDREGULATORYACTIVITIESCONCERNINGPRIVACY 5.SOMEOPENISSUES:APROMISINGRESEARCHAGENDA 6.CONCLUSION REFERENCES ENDNOTE ChapterVI.ADimensionalityReductionBasedTransformationtoSupportBusinessCollaboration ABSTRACT INTRODUCTION BACKGROUND PROBLEMDEFINITION THEDIMENSIONALITYREDUCTIONBASEDTRANSFORMATION ATAXONOMYOFPPCSOLUTIONS EXPERIMENTALRESULTS CONCLUSION REFERENCES
APPENDIXA:RESULTSOFTHESTRESSFUNCTIONAPPLIEDTOTHEDATASETS APPENDIXB:RESULTSOFFMEASUREFORTHECLUSTERSMINEDFROMTRANSFORMEDDATASETS ChapterVII.PrivacyPreservingTransactionsProtocolusingMobileAgentswithMutualAuthentication ABSTRACT INTRODUCTION MODELOFMUTUALAUTHENTICATEDTRANSACTIONSWITHMAANDDEFINITIONOFUNDETACHABLE SIGNATURES PRELIMINARIES TRANSACTIONSPROTOCOLWITHMUTUALAUTHENTICATION ANALYSISOFTHETRANSACTIONSPROTOCOL CONCLUSION REFERENCES ChapterVIII.DynamicControlMechanismsforUserPrivacyEnhancement ABSTRACT INTRODUCTION TOWARDSAUTOMATICCONSENTDECISIONMAKING THESHARINGEVALUATORMODEL(SHEM) EXPERIMENTALWORK RESULTSANALYSIS DISCUSSIONANDCONCLUSION ACKNOWLEDGMENT REFERENCES ENDNOTES APPENDIXA. APPENDIXB:QUESTIONNAIRE ChapterIX.AProjectionoftheFutureEffectsofQuantumComputationonInformationPrivacy
ABSTRACT INTRODUCTION BACKGROUNDANDRELATEDWORK QUANTUMCONCEPTSASTHEYRELATETOINFORMATIONPRIVACY INFORMATIONPRIVACYINTHEQUANTUMERA WHATCANBEDONE? CONCLUSIONANDFUTUREWORK REFERENCES Section:IIIAuthenticationTechniques ChapterX.OntheDesignofanAuthenticationSystemBasedonKeystrokeDynamicsUsingaPredefined InputText ABSTRACT 1.INTRODUCTION 2.RESEARCHQUESTIONS 3.EXPERIMENTALSETUP 4.METHODOLOGYOFANALYSIS 5.RESULT1 6.CONCLUSION REFERENCES ENDNOTE ChapterXI.DefeatingActivePhishingAttacksforWebBasedTransactions ABSTRACT INTRODUCTION THEORETICALBACKGROUND FURTHEROBSERVATIONS PROPOSEDSOLUTION:TWOFACTORINTERLOCKAUTHENTICATION
PROTOCOLANALYSIS FUTURERESEARCH REFERENCES ENDNOTES ChapterXII.AContentBasedWatermarkingSchemeforImageAuthenticationUsingDiscreteWavelet TransformInterCoefficientRelations ABSTRACT INTRODUCTION EXISTINGRESEARCHWORK PROPOSEDCONTENTBASEDWATERMARKINGUSINGINTERCOEFFICIENTRELATIONS EXPERIMENTALRESULTS CONCLUSION REFERENCES Section:IVSecurityandPrivacyManagement ChapterXIII.PrivacyandSecurityintheAgeofElectronicCustomerRelationshipManagement ABSTRACT INTRODUCTION PRIVACYDEFINED SECURITY CONDITIONALRELATIONAL"VALUEEXCHANGE"MODEL IMPLICATIONSFORENTERPRISESANDCUSTOMERS CONCLUSIONANDDIRECTIONSFORFUTURERESEARCH REFERENCES ChapterXIV.TheImpactofPrivacyRiskHarm(RH)andRiskLikelihood(RL)onITAcceptance:An ExaminationofaStudentInformationSystem ABSTRACT
INTRODUCTION THEORETICALDEVELOPMENT RESEARCHMETHOD RESULTS DISCUSSION CONCLUSION REFERENCES ENDNOTES ChapterXV.IgnoranceisBliss:TheEffectofIncreasedKnowledgeonPrivacyConcernsandInternet ShoppingSitePersonalizationPreferences ABSTRACT INTRODUCTION REVIEWOFTHELITURATURE HYPOTHESES METHODOLOGY RESULTS DISCUSSIONANDCONCLUSION CONCLUSION REFERENCES Section:VWebSecurityandPrivacyIssuesandTechnologies ChapterXVI.TrustworthyWebServices:AnExperienceBasedModelforTrustworthinessEvaluation ABSTRACT INTRODUCTION RELATEDWORKS EXPERIENCEBASEDTRUSTWORTHINESSEVALUATION INQUIRYMODULEFOREXPERIENCESPECIFICATION
EVALUATIONMODULEFOFTRUSTWORTHINESSEVALUATION CHOICEMODULEFORSELECTINGTRUSTWORTHYCOMPOSITESERVICES CONCLUSIONANDFUTURERESEARCHES ACKNOWLEDGMENT REFERENCES ChapterXVII.AdministeringtheSemanticWeb:Confidentiality,PrivacyandTrustManagement ABSTRACT INTRODUCTION TRUST,PRIVACY,ANDCONFIDENTIALITY CPTFRAMEWORK CONFIDENTIALITYFORTHESEMANTICWEB OURAPPROACHTOCONFIDENTIALITYMANAGEMENT PRIVACYFORTHESEMANTICWEB TRUSTFORTHESEMANTICWEB SUMMARYANDDIRECTIONS REFERENCES ChapterXVIII.AnOntologyofInformationSecurity ABSTRACT INTRODUCTION ONTOLOGYOVERVIEW REFINEMENTOFTHECOREONTOLOGY ADVANCEDUSESOFTHEONTOLOGY IMPLEMENTATION RELATEDWORK DISCUSSIONANDFUTUREWORK
CONCLUSION ACKNOWLEDGMENT REFERENCES APPENDIX:INTRODUCTIONTOOWL Section:VIEvaluatingInformationSecurityandPrivacy:WhereareWeGoingfromHere? ChapterXIX.InformationSecurityEffectiveness:ConceptualizationandValidationofaTheory ABSTRACT INTRODUCTION RESEARCHMETHODOLOGY RESULTS LINKSTOEXISTINGTHEORY LIMITATIONS IMPLICATIONSANDCONCLUSION NOTE REFERENCES ENDNOTES APPENDIX.SURVEYINSTRUMENT. ChapterXX.ASimulationModelofISSecurity ABSTRACT INTRODUCTION BACKGROUND THEMODEL RESULTSANDDISCUSSION REFERENCES CompilationofReferences
AbouttheContributors
ABSTRACT INTRODUCTION DRMTECHNIQUES DRMFORSTREAMINGMEDIA ATTACKS IMPLEMENTATION CONCLUSION REFERENCES KEYTERMS ChapterIII.RethinkingDRMUsingExceptionManagement ABSTRACT INTRODUCTION BACKGROUNDANDGENERALPROBLEMDESCRIPTION AMODELFORMANAGINGEXCEPTIONSINDRMENVIRONMENTS DISCUSSION FUTURETRENDSANDCONCLUSION REFERENCES KEYTERMS ChapterIV.OverviewofOMADigitalRightsManagement ABSTRACT INTRODUCTION BASICTERMSANDCONCEPTSOFDIGITALRIGHTSMANAGEMENT THEOPENMOBILEALLIANCEANDOMADRM CONTROLLEDACCESSTODIGITALWORKS:OMADRMversion2.0 USAGEMEASUREMENTANDLICENSETRANSFER:OMADRMVERSION2.1
OMADRMEXTENSIONSFORBROADCASTSUPPORT OMABCASTPROFILES PORTABILITYOFPROTECTEDCONTENT:OMASECUREREMOVABLEMEDIA MOREFLEXIBILITY:OMASECURECONTENTEXCHANGE FURTHERDRMISSUES SUMMARY REFERENCES KEYTERMS APPENDIX:USEOFTRADEMARKsANDREGISTEREDTRADEMARKS ChapterV.DiscoveringtheCoreSecurityRequirementsofDRMSystemsbyMeansofObjectiveTrees ABSTRACT INTRODUCTION PROBLEMANALYSIS ESTABLISHINGCORESECURITYREQUIREMENTSUSINGOBJECTIVETREES APPLICABILITY CONCLUSION ACKNOWLEDGMENT REFERENCES KEYTERMS ENDNOTES ChapterVI.DigitalRightsManagementforUntrustedPeertoPeerNetworks ABSTRACT INTRODUCTION BACKGROUND DESIGN
IMPLEMENTATION SECURITYANALYSIS TESTING CONCLUSIONANDFUTUREWORK REFERENCES KEYTERMS ChapterVII.PervasiveVideoSurveillanceSystemsOverTCP/IPNetworks ABSTRACT INTRODUCTION BACKGROUND TECHNICALANDRESEARCHCHALLENGES VIDEOENCODINGANDCOMPRESSION TRAFFICENGINEERINGANDCENTRALIZEDNETWORKDESIGN DISTRIBUTEDINTELLIGENCENETWORKDESIGN REALLIFECASESTUDY:VIDEOSURVEILLANCEINALARGEINDUSTRIALSEAPORT CONCLUSION REFERENCES KEYTERMS ENDNOTES ChapterVIII.P2PTunes:APeertoPeerDigitalRightsManagementSystem ABSTRACT INTRODUCTION BACKGROUND DESIGNOFP2PTunes IMPLEMENTATIONANDTESTING
SECURITY CONCLUSION FUTUREWORK REFERENCES KEYTERMS ChapterIX.AHardwareApproachforTrustedAccessandUsageControl ABSTRACT INTRODUCTION BACKGROUNDANDPROPOSEDAPPROACH HARDWAREBASEDSECURITYELEMENTS SCENARIOS FUTURETRENDSANDCONCLUSION REFERENCES KEYTERMS ENDNOTES Section:IICoreTechniques ChapterX.ASummaryofRecentandOldResultsontheSecurityoftheDiffieHellmanKeyExchange ProtocolinFiniteGroups ABSTRACT INTRODUCTION BACKGROUND TESTINGTHEDIFFIEHELLMANASSUMPTION TESTINGTHEDIFFIEHELLMANINDISTINGUISHABILITYASSUMPTIONINTHEMULTIPLICATIVEGROUPZ*p ALOOKOFTHERELATIONSHIPWITHTHEDISCRETELOGARITHMPROBLEM FUTURETRENDS CONCLUSION
REFERENCES KEYTERMS ENDNOTES ChapterXI.SecretSharingwithKDimensionalAccessStructure ABSTRACT INTRODUCTION BACKGROUND:SECRETSHARINGSCHEMES GRAPHBASEDGENERALACCESSSTRUCTUREFORSECRETSHARING APLANEBASEDACCESSSTRUCTUREFORSECRETSHARING AGENERICKDimensionalACCESSSTRUCTUREFORSECRETSHARING CONCLUSION ACKNOWLEDGMENT REFERENCES KEYTERMS ChapterXII.WirelessVideoTransmission ABSTRACT INTRODUCTION BACKGROUNDONVIDEOCODINGSTANDARDS H.264/AVCMPEG4PART10ADVANCEDVIDEOCODINGSTANDARD WIRELESSCHANNELCHARACTERISTICS ERRORRESILIENTVIDEOTRANSMISSIONSYSTEM SELECTEDWORKSINH.264/AVCWIRELESSVIDEOTRANSMISSION SUMMARYANDFURTHERREADINGS REFERENCES KEYTERMS
ChapterXIII.ASurveyofInformationHiding ABSTRACT INTRODUCTION BACKGROUND IMAGESTEGANOGRAPHY VIDEOSTEGANOGRAPHY AUDIOSTEGANOGRAPHY TEXTSTEGANOGRAPHY STEGANOGRAPHYINBLACK&WHITEIMAGE STEGANOGRAPHYINWEBPAGES CONCLUSION REFERENCES KEYTERMS ChapterXIV.DigitalWatermarkingCapacityandDetectionErrorRate ABSTRACT INTRODUCTION ADAPTIVEWATERMARKINGALGORITHM WATERMARKINGCAPACITY WATERMARKINGCAPACITYBASEDONNEURALNETWORK DETECTIONERRORRATE PAYLOADCAPACITY RESULTS CONCLUSION REFERENCES KEYTERMS
ChapterXV.DigitalWatermarking ABSTRACT INTRODUCTION BACKGROUND WATERMARKINGTRADEOFFS KERCHOFF'SASSUMPTION APPLICATIONSOFWATERMARKING COMMERCIALWATERMARKING THEWATERMARKINGPROCESS WATERMARKEMBEDDING FUTURETRENDS CONCLUSION REFERENCES KEYTERMS ChapterXVI.DigitalVideoAuthentication ABSTRACT 1.INTRODUCTION 2.ATYPICALVIDEOAUTHENTICATIONSYSTEM 3.VIDEOAUTHENTICATIONTECHNIQUES 4.CONCLUSION 5.REFERENCES KEYTERMS ChapterXVII.FlexibleMultimediaStreamAuthentication ABSTRACT 1INTRODUCTION
2AUTHENTICATIONBASICS 3PRIORARTONSTREAMAUTHENTICATIONTECHNIQUES 4FLEXIBLESTREAMAUTHENTICATIONFRAMEWORK 5PiSASOVERLAYEREDSTREAM 6SECURITYANDPERFORMANCEANALYSIS 7FUTURETRENDS 8CONCLUSION REFERENCES KEYTERMS ChapterXVIII.ScalableDistributionofWatermarkedMedia ABSTRACT INTRODUCTION BACKGROUND SCALABLEWATERMARKDISTRIBUTIONS FUTURETRENDS CONCLUSION REFERENCES KEYTERMS ChapterXIX.CriticalAnalysisofDigitalSteganography ABSTRACT INTRODUCTION INFORMATIONHIDING:ANOVERVIEW INFORMATIONHIDING:REQUIREMENTS STEGANOGRAPHY:STATEOFTHEART ATTACKSONSTEGANOGRAPHY:STEGANALYSIS
EXISTINGSTEGANOGRAPHICTOOLS STEGANALYSISSOFTWARETOOLS ADDITIONALREADING CONCLUSIONANDFUTURERESEARCHDIRECTIONS REFERENCES KEYTERMS ENDNOTES Section:IIITypicalApplications SectionXX.SecureContentDistributioninPureP2P ABSTRACT INTRODUCTION BACKGROUND:REPLICATIONINPUREP2PANDADHOCNETWORKS SECURITYFORCONTENTDISTRIBUTIONINP2PFILESHARINGSYSTEMS FUTURETRENDS CONCLUSION REFERENCES KEYTERMS ChapterXXI.TrustintheValueCreationChainofMultimediaGoods ABSTRACT INTRODUCTION TRUSTINMULTIMEDIAPRODUCTION,DISTRIBUTION,ANDCONSUMPTION 3.TRUSTEDCOMPUTINGGROUPTECHNOLOGYESSENTIALS 4.SELECTEDTOPICS DISCUSSIONANDCONCLUSION REFERENCES
KEYTERMS ChapterXXII.CopyrightProtectionofA/VCodecforMobileMultimediaDevices ABSTRACT INTRODUCTION BACKGROUND JOINTANDPARTIALENCRYPTIONTECHNIQUEINA/VCODEC CONCLUSION REFERENCES KEYTERMS ChapterXXIII.DigitalSteganographyBasedonGeneticAlgorithm ABSTRACT INTRODUCTION STEGANOGRAPHICTECHNIQUES STEGANALYTICTECHNIQUES GABASEDBREAKINGMETHODOLOGY THEGABASEDBREAKINGALGORITHMONSDSS THEGABASEDBREAKINGALGORITHMONFDSS EXPERIMENTALRESULTS CONCLUSION REFERENCES KEYTERMS ChapterXXIV.AdaptiveImageSteganographyBasedonStructuralSimilarityMetric ABSTRACT INTRODUCTION CURRENTARTSONADAPTIVESTEGANOGRAPHYINMEDIA
STEGANGORAPHYBASEDONNONUNIFORMGENERALIZEDLSBANDDYNAMICPROGRAMMING STEGANOGRAPHYBASEDONADAPTIVEQUANTIZATIONEMBEDDERANDREVERSIBLEDATAHIDING EXPERIMENTS CONCLUSION FUTURETRENDS REFERENCES KEYTERMS ChapterXXV.ASurveyonVideoWatermarking ABSTRACT INTRODUCTION BRIEFHISTORYOFVIDEOWATERMARKING PERFORMANCEREQUIREMENTOFVIDEOWATERMARKING APPLICATIONSOFVIDEOWATERMARKING RESEARCHACHIEVEMENTS TYPICALATTACKSAGAINSTVIDEOWATERMARKING RESEARCHPROGRESS HOTTOPICSANDOPENISSUESINVIDEOWATERMARKING CONCLUSION REFERENCES KEYTERMS ChapterXXVI.MultipleDescriptionCodingwithApplicationinMultimediaWatermarking ABSTRACT INTRODUCTION MULTIPLEDESCRIPTIONCODING MULTIPLEDESCRIPTIONWATERMARKINGFRAMEWORK
MDWMFRAMEWORKII:MDCFORWATERMARK MDWMFRAMEWORKIII:MDCFORWATERMARKEDSIGNAL CONCLUDINGREMARKS REFERENCES KEYTERMS ChapterXXVII.FractalBasedSecuredMultipleImageCompressionandDistribution ABSTRACT INTRODUCTION BACKGROUND:FRACTALMATINGCODINGSCHEMES SECUREDMULTIPLEIMAGECOMPRESSIONANDDISTRIBUTION FUTURETRENDS CONCLUSION REFERENCES KEYTERMS CompilationofReferences AbouttheContributors
1.3.2.BaselII 1.3.3.GrammLeachBlileyAct 1.3.4.HealthInsurancePortabilityandAccountabilityAct 1.3.5.CaliforniaSecurityBreachInformationAct 1.3.6.SarbanesOxleyAct Chapter2.TheIBMDataServersecurityroadmapandsomecommonDB2forz/OSsecuritythemes 2.1.TheIBMDataServerSecurityBlueprint 2.1.1.Introductionandoverview 2.1.2.WhyaDataServerSecurityBlueprint? 2.1.3.Investinthefuture 2.2.ThreatelementsoftheIBMDataServerSecurityBlueprint 2.2.1.Datasecuritylayers 2.2.2.Datathreats 2.2.3.Configurationthreats 2.2.4.Auditthreats 2.2.5.Executablethreats 2.3.Threatcountermeasures 2.3.1.Datathreats 2.3.2.Configurationtreats 2.3.3.Auditthreats 2.3.4.Executablethreats 2.4.InterpretationofsomeDB2forz/OScommonsecuritythemes 2.4.1.Separationofroles 2.4.2.Auditversusexternalsecurity 2.4.3.Personallyidentifyinginformationandindexencryption
2.4.4.Encryptionstandards 2.4.5.CostofsecurityversusSLA 2.4.6.Thecostofadatabreach 2.4.7.ROIcalculation Part2.IBMdatagovernanceportfolio Chapter3.IBMdataserversonz/OS 3.1.Securitycategorization 3.1.1.Dataserverssecurityareas 3.2.DB2 3.2.1.Authentication 3.2.2.Authorization 3.2.3.SQL 3.2.4.Applicationsecurity 3.2.5.Encryption 3.2.6.Networksecurity 3.2.7.Auditing 3.3.IMS 3.3.1.Authorization 3.3.2.Encryption 3.3.3.Auditing 3.4.VSAM 3.4.1.Authorization 3.4.2.Encryption 3.4.3.VSAMauditing Chapter4.IBMinformationmanagementtools
4.1.DB2AuditManagementExpertforz/OS 4.2.DataEncryptionforIMSandDB2DatabasesTool 4.2.1.DB2encryption 4.2.2.IMSencryption 4.2.3.DataEncryptionforIMSandDB2DatabasesToolsummary 4.3.LogAnalysisTool 4.4.Performancetools 4.4.1.DB2QueryMonitor 4.4.2.TivoliOMEGAMONXEforDB2PerformanceExpertonz/OS Chapter5.Tivoliproducts 5.1.TivolizSecuresuite 5.1.1.zSecureAdministrationproducts 5.1.2.zSecureAuditProducts 5.2.TivoliSecurityInformationandEventManager 5.2.1.TivoliComplianceInsightManager 5.2.2.TivoliSecurityOperationsManager 5.2.3.Thecombinedvalue Chapter6.Optimsolutions 6.1.Introduction 6.2.IBMOptimDataGrowthSolutionforz/OS 6.3.IBMOptimDataPrivacySolution 6.4.IBMOptimTestDataManagementSolution 6.5.IBMOptimDatabaseRelationshipAnalyzer Part3.Systemzsynergy Chapter7.Systemzsecurityfeatures
7.1.Systemzintegratedcryptography 7.1.1.Cryptographichardware 7.1.2.IBMCommonCryptographicArchitecture 7.1.3.LogicalpartitioningandSystemzhardwarecryptographyexploitation 7.1.4.Monitoringthecryptographicworkloadonz/OS 7.1.5.SysplexandSystemzhardwarecryptography 7.1.6.Softwarerequirements 7.1.7.ICSFbibliography 7.2.DS8000Encryptingdiskstorage 7.3.TS1120Encryptingtapestorage 7.4.zIIP 7.4.1.IPSecencryptionandzIIPexploitation 7.4.2.zIIPandEncryptionToolforIMSandDB2Databases Chapter8.z/OSsecurity 8.1.IntegratedCryptographicServiceFacility 8.1.1.MiddlewareICSFexploitation 8.1.2.ResourceAccessControlFacility 8.2.CommunicationServer 8.3.z/OSEncryptionFacility Part4.DB2AuditManagementExpert Chapter9.DB2AuditManagementExpertarchitectureandinstallation 9.1.Architecturaloverview 9.1.1.Generalfunctions 9.1.2.Components 9.2.Storagemodes
9.2.1.Loadrepositorymode 9.2.2.Generateoffloaddatasetsmode 9.2.3.Dualmode 9.3.Installationandconfiguration 9.3.1.Planningfortheinstallation 9.4.Security 9.5.XML 9.6.Datasharing 9.7.InstallingandconfiguringDB2AuditManagementExpertforz/OS Chapter10.AuditManagementExpertscenarios 10.1.Definingauditresponsibilities 10.2.ReportingUserInterface 10.2.1.IntroductiontoReportingUserInterface 10.2.2.Auditingprivilegedusers 10.2.3.Findingallauthorizationfailures 10.2.4.FindingDDLactivity 10.3.LogAnalysisUserInterface 10.3.1.GeneratingLogAnalysisreports 10.3.2.Templatesandjobs Chapter11.AuditManagementExpertadministration 11.1.Separationofroles 11.2.Control(DBAversusauditor) 11.3.Performancemonitoring 11.3.1.Howtocollectauditdata 11.3.2.Controllingdatacollection
11.4.Repositoryadministration Part5.DataEncryptionforIMSandDB2DatabasesTool Chapter12.ArchitectureandICSFkeymanagement 12.1.IntegratedCryptographicServiceFacility 12.2.CEX2Cconfiguration(HMC) 12.3.DESmasterkeygeneration 12.3.1.LoadingcryptographicprocessorswithDESmasterkey 12.3.2.PPINITandCKDSinitialization 12.3.3.HCR7751andCKDSoperationswithoutCEX2C Chapter13.DataEncryptiontoolinstallationandcustomization 13.1.GenerationofanencryptionEDITPROC 13.1.1.GenerateaClearKeyusingICSF 13.2.DB2encryptionimplementationscenariofortheDBA 13.2.1.CreatingtheDB2userexitroutinebyusingISPFpanels 13.2.2.ImplementingDB2encryption 13.2.3.Maxrecordsize Chapter14.Dataencryptionscenarios 14.1.MasterkeyprotectedCKDS 14.1.1.Clearkey 14.1.2.Encryptionfromadatamanagementperspective 14.1.3.Encryptionconfirmationtechniques 14.1.4.Securekey 14.1.5.AES128clearkey 14.2.ClearkeyonlyCryptographicKeyDataSet(HCR7751) 14.3.Compressionandencryption
14.3.1.CompressionsupportinDataEncryptionforIMSandDB2DatabasesTool 14.3.2.Additionalencryptionconsiderationswithcompresseddata 14.3.3.Compressionscenario Chapter15.Administrationofencryptedobjects 15.1.Backupandrecovery(localsiteconsiderations) 15.2.Disasterrecoveryconsiderations 15.3.Keyrotation 15.4.Alterationofencryptedtableschema 15.5.Failurescenarios 15.5.1.KeylabelmismatchinEDITPROC 15.5.2.CKDSfailureMasterkeymismatch 15.5.3.Outofsynchkeylabels 15.6.Performancemeasurements 15.6.1.Utilities 15.6.2.SQL Part6.Appendixes AppendixA.Systemtopologyandworkload A.1.Hardwareandsoftwaresetup A.2.DB2workload A.2.1.GettingstartedInstallationinstructions AppendixB.SampleconfigurationfilesforDB2AuditManagementExpertforz/OS B.1.Serverconfigurationfile B.2.Agentconfigurationfile B.3.AuditSQLcollectorconfigurationfile Relatedpublications
The CSSLP Prep Guide: Mastering the Certified Secure Software Lifecycle Professional
By: Ronald L. Krutz; Alexander J. Fry Publisher: John Wiley & Sons Pub. Date: August 24, 2009 Print ISBN: 978-0-470-46190-7 Web ISBN: 0-470461-90-X Pages in Print Edition: 664
Copyright Dedication AbouttheAuthors Credits Acknowledgments Introduction Chapter1.SecureSoftwareConcepts Section1.1.Confidentiality,Integrity,andAvailability Section1.2.Authentication,Authorization,Auditing,andAccountability Section1.3.SecurityDesignPrinciples Section1.4.RiskManagement Section1.5.Regulations,Privacy,andCompliance Section1.6.SoftwareArchitecture Section1.7.SoftwareDevelopmentMethodologies Section1.8.IntellectualPropertyandPrivacyLegalIssues Section1.9.StandardsandGuidelines Section1.10.InformationSecurityModels
Section1.11.TrustedComputing Section1.12.AcquisitionAssuranceIssues Section1.13.Summary Section1.14.AssessmentQuestions Chapter2.SecureSoftwareRequirements Section2.1.ApproachestoSoftwareRequirementsEngineering Section2.2.SecurityPolicyDecomposition Section2.3.IdentificationofDataandGatheringofThreatInformation Section2.4.Summary Section2.5.AssessmentQuestions Chapter3.SecureSoftwareDesign Section3.1.DesignProcesses Section3.2.DesignConsiderations Section3.3.Architecture Section3.4.Technologies Section3.5.DesignandArchitectureTechnicalReview Section3.6.Summary Section3.7.AssessmentQuestions Chapter4.SecureSoftwareImplementation/Coding Section4.1.DeclarativeversusProgrammaticSecurity Section4.2.CommonSoftwareVulnerabilitiesandCountermeasures Section4.3.DefensiveCodingPractices Section4.4.ExceptionHandling Section4.5.ConfigurationManagement Section4.6.BuildEnvironment
Section4.7.Code/PeerReview Section4.8.CodeAnalysis Section4.9.AntitamperingTechniques Section4.10.InterfaceCoding Section4.11.Summary Section4.12.AssessmentQuestions Chapter5.SecureSoftwareTesting Section5.1.TestingforSecurityQualityAssurance Section5.2.TestTypes Section5.3.TestingforFailure Section5.4.CryptographicValidation Section5.5.ImpactAssessmentandCorrectiveAction Section5.6.StandardsforSoftwareQualityAssurance Section5.7.RegressionTesting Section5.8.Summary Section5.9.AssessmentQuestions Chapter6.SoftwareAcceptance Section6.1.PrereleaseorPredeploymentActivities Section6.2.PostreleaseActivities Section6.3.Summary Section6.4.AssessmentQuestions Chapter7.SoftwareDeployment,Operations,andMaintenance Section7.1.InstallationandDeployment Section7.2.OperationsandMaintenance Section7.3.MonitoringandAuditing
Section7.4.ENDOLIFEPOLICIES Section7.5.Summary Section7.6.AssessmentQuestions AppendixA.AnswerstoAssessmentQuestions SectionA.1.Chapter1 SectionA.2.Chapter2 SectionA.3.Chapter3 SectionA.4.Chapter4 SectionA.5.Chapter5 SectionA.6.Chapter6 SectionA.7.Chapter7 GlossaryofTermsandAcronyms
Windows 7 Tweaks: A Comprehensive Guide on Customizing, Increasing Performance, and Securing Microsoft Windows 7
By: Steve Sinchak Publisher: John Wiley & Sons Pub. Date: December 02, 2009 Print ISBN: 978-0-470-52591-3 Web ISBN: 0-470525-91-6 Pages in Print Edition: 401
Copyright Dedication AbouttheAuthor Credits Acknowledgments Introduction PartI:GettingStartedwithWindows7 Chapter1.SelectingtheRightVersion Section1.1.VersionComparison Section1.2.WindowsAnytimeUpgrade Section1.3.Summary Chapter2.InstallingWindows7 Section2.1.InstallMedia Section2.2.FullInstall Section2.3.DualBootWindowsXP Section2.4.Summary Chapter3.SafeTweaking
Section3.1.UsingSystemRestore Section3.2.SystemRecoveryConsole Section3.3.CreatingaBackupImage Section3.4.Summary PartII:CustomizingWindows7 Chapter4.CustomizingtheStartup Section4.1.CustomizingtheLogonScreen Section4.2.Summary Chapter5.CustomizingUserNavigation Section5.1.CustomizingtheStartMenu Section5.2.CustomizingtheTaskbar Section5.3.UsingGroupPolicyEditortoCustomizetheStartMenuandTaskbar Section5.4.Summary Chapter6.PersonalizingtheDesktop Section6.1.CustomizingtheDesktopIcons Section6.2.CustomizingtheDesktop Section6.3.Summary Chapter7.CustomizingtheAppearanceoftheWindowsInterface Section7.1.WorkingwithThemes Section7.2.CustomizingAeroGlass Section7.3.SkinningWindows7 Section7.4.Summary Chapter8.FineTuningWindowsExplorer Section8.1.CustomizingWindowsLayout Section8.2.ModifyingFileAssociations
Section8.3.CustomizingtheContextMenu Section8.4.WorkingwithLibraries Section8.5.CustomizingYourFolders Section8.6.WorkingwithHiddenFiles Section8.7.Summary Chapter9.PersonalizingInternetExplorer8 Section9.1.CustomizingSearch Section9.2.TweakingtheTabs Section9.3.FunwithRSS Section9.4.UsingAddonsinInternetExplorer Section9.5.AdvancedInternetExplorer8Features Section9.6.Summary Chapter10.CustomizingWindowsMedia Section10.1.AdjustingYourAudioExperience Section10.2.CustomizingWindowsMediaPlayer12 Section10.3.CustomizingMediaCenter Section10.4.Summary PartIII:IncreasingYourSystem'sPerformance Chapter11.AnalyzingYourSystem Section11.1.MonitoringYourSystemHardware Section11.2.BenchmarkingYourSystem Section11.3.Summary Chapter12.SpeedingUptheSystemBoot Section12.1.WorkingwiththeBIOS Section12.2.ModifyingtheOperatingSystemBoot
Section12.3.Summary Chapter13.MakingYourComputerLogOnFaster Section13.1.SpeedingUptheLogon Section13.2.OtherTimeSavingTips Section13.3.Summary Chapter14.SpeedingUpWindowsExplorer Section14.1.SpeedingUpFileBrowsingandAccess Section14.2.SpeedingUptheUserInterface Section14.3.AdjustingExplorer'sSearch Section14.4.Summary Chapter15.OptimizingCoreWindowsComponents Section15.1.WindowsLovesRAM Section15.2.TweakingthePagingFile Section15.3.DefragmentingYourHardDrive Section15.4.AdjustingYourApplicationPriorities Section15.5.Summary Chapter16.OptimizingYourNetwork Section16.1.OptimizingYourWebBrowser Section16.2.SpeedingUpYourNetworkConnection Section16.3.Summary PartIV:SecuringWindows Chapter17.WindowsSecurity Section17.1.ActivelyProtectingYourComputer Section17.2.ControllingYourComputerAccounts Section17.3.TweakingUserAccountControl
Section17.4.UsingFileEncryption Section17.5.Summary Chapter18.InternetSecurity Section18.1.AnalyzingYourSecurity Section18.2.UsingaFirewall Section18.3.WebBrowserSecurity Section18.4.DefendingAgainstSpywareandMalware Section18.5.UsingAntivirusSoftware Section18.6.Summary Chapter19.ProtectingYourPrivacy Section19.1.InternetExplorerPrivacy Section19.2.WindowsInterfacePrivacy Section19.3.Summary