Artikeltemplate

Read more

Written by Steve Bellovin, one of the world's most respected security consultants, this guide is for students who know all the basics: working security specialists, admins, IT managers, architects, and chief security officers. Bellovin will help students take a deeper look at what they're doing, understand security as a "systems problem," recognize the implications of your environment, and "think like the enemy."

List of contents

Preface xi
 
Part I: Defining the Problem 1
 
Chapter 1: Introduction 3
1.1 Changes 3
1.2 Adapting to Change 5
1.3 Security Analysis 9
1.4 A Few Words on Terminology 12
 
Chapter 2: Thinking About Security 15
2.1 The Security Mindset 15
2.2 Know Your Goals 17
2.3 Security as a Systems Problem 21
2.4 Thinking Like the Enemy 25
 
Chapter 3: Threat Models 31
3.1 Who’s Your Enemy? 31
3.2 Classes of Attackers 34
3.3 Advanced Persistent Threats 36
3.4 What’s at Risk? 40
3.5 The Legacy Problem 42
 
Part II: Technologies 43
 
Chapter 4: Antivirus Software 45
4.1 Characteristics 45
4.2 The Care and Feeding of Antivirus Software 51
4.3 Is Antivirus Always Needed? 53
4.4 Analysis 57
 
Chapter 5: Firewalls and Intrusion Detection Systems 61
5.1 What Firewalls Don’t Do 61
5.2 A Theory of Firewalls 63
5.3 Intrusion Detection Systems 69
5.4 Intrusion Prevention Systems 71
5.5 Extrusion Detection 72
5.6 Analysis 76
 
Chapter 6: Cryptography and VPNs 81
6.1 Cryptography, the Wonder Drug 81
6.2 Key Distribution 84
6.3 Transport Encryption 85
6.4 Object Encryption 89
6.5 VPNs 92
6.6 Protocol, Algorithm, and Key Size Recommendations 97
6.7 Analysis 104
 
Chapter 7: Passwords and Authentication 107
7.1 Authentication Principles 107
7.2 Passwords 108
7.3 Storing Passwords: Users 115
7.4 Password Compromise 120
7.5 Forgotten Passwords 121
7.6 Biometrics 124
7.7 One-Time Passwords 128
7.8 Cryptographic Authentication 132
7.9 Tokens and Mobile Phones 134
7.10 Single-Sign-On and Federated Authentication 137
7.11 Storing Passwords: Servers 139
7.12 Analysis 143
 
Chapter 8: PKI: Public Key Infrastructures 149
8.1 What’s a Certificate? 149
8.2 PKI: Whom Do You Trust? 151
8.3 PKI versus PKI 155
8.4 Certificate Expiration and Revocation 160
8.5 Analysis 166
 
Chapter 9: Wireless Access 169
9.1 Wireless Insecurity Myths 169
9.2 Living Connected 175
9.3 Living Disconnected 178
9.4 Smart Phones, Tablets, Toys, and Mobile Phone Access 179
9.5 Analysis 180
 
Chapter 10: Clouds and Virtualization 185
10.1 Distribution and Isolation 185
10.2 Virtual Machines 186
10.3 Sandboxes 188
10.4 The Cloud 192
10.5 Security Architecture of Cloud Providers 193
10.6 Cloud Computing 194
10.7 Cloud Storage 195
10.8 Analysis 197
 
Part III: Secure Operations 203
 
Chapter 11: Building Secure Systems 205
11.1 Correct Coding 206
11.2 Design Issues 210
11.3 External Links 213
11.4 Trust Patterns 217
11.5 Legacy Systems 220
11.6 Structural Defenses 222
11.7 Security Evaluations 225
 
Chapter 12: Selecting Software 229
12.1 The Quality Problem 229
12.2 Selecting Software Wisely 233
 
Chapter 13: Keeping Software Up to Date 239
13.1 Holes and Patches 239
13.2 The Problem with Patches 242
13.3 How to Patch 243
 
Chapter 14: People 247
14.1 Employees, Training, and Education 248
14.2 Users 251
14.3 Social Engineering 253
14.4 Usability 256
14.5 The Human Element 263
 
Chapter 15: System Administration 267
15.1 Sysadmins: Your Most Important Security Resource 267
15.2 Steering the Right Path 269
15.3 System Administration Tools and Infrastructure 272
15.4 Outsourcing System Administration 275
15.5 The Dark Side Is Powerful 276
 
Chapter 16: Security Process 279
16.1 Planning 279
16.2 Security Policies 280
16.3 Logging and Reporting 283
16.4 Incident Response 287
 
Part IV: The Future 291
 
Chapter 17: Case Studies 293
17.1 A Small Medical Practice 293
17.2 An E-Commerce Site 295
17.3 A Cryptographic Weakness 298
17.4 The Internet of Things 301
 
Chapter 18: Doing Security Properly 309
18.1 Obsolescence 309
18.2 New Devices 310
18.3 New Threats 311
18.4 New Defenses 312
18.5 Thinking about Privacy 313
18.6 Putting It All Together 314
 
References 317

Index 355

About the author

Steven M. Bellovin, a professor in the department of computer science at Columbia University, has played an active role in securing the Internet. He has received the Usenix Lifetime Achievement Award and the NIST/NSA National Computer Systems Security Award. He is a member of the National Academy of Engineering and of the Cybersecurity Hall of Fame, and has served as Chief Technologist of the Federal Trade Commission and as Security Area director for the Internet Engineering Task Force. He is coauthor of Firewalls and Internet Security, now in its second edition (Addison-Wesley, 2003).

Summary

Written by Steve Bellovin, one of the world's most respected security consultants, this guide is for students who know all the basics: working security specialists, admins, IT managers, architects, and chief security officers. Bellovin will help students take a deeper look at what they're doing, understand security as a "systems problem," recognize the implications of your environment, and "think like the enemy."