BookReview Computer Security: Principles and Practice, Second Edition William Stallings and. Lawrie Brown Prentice Hall ISBN: COMPUTER. principles and practice solution manual file type ebook download, free computer security principles and practice solution manual file type download pdf. lawrie brown university of new south wales, australian defence force academy computer security principles and practice [pdf, epub ebook] - computer security.
|Language:||English, Spanish, Hindi|
|ePub File Size:||19.83 MB|
|PDF File Size:||10.82 MB|
|Distribution:||Free* [*Register to download]|
Stallings, William. Computer security: principles and practice / William Stallings, Lawrie Brown.—2nd ed. p. cm. ISBN (alk. paper). COMPUTER SECURITY PRINCIPLES AND PRACTICE Second Edition William Stallings Lawrie Brown University of New South Wales, Australian Defence. cqbe is a p2p certificate solution that decentralizes authority and provides highly available p2p certificate and revocation storage. - blackdoor/DAC.
Computer emergency response teams are set up by government and large organization to handle computer security incidents. Infrastructures as targets[ edit ] Once a cyber-attack has been initiated, there are certain targets that need to be attacked to cripple the opponent. Certain infrastructures as targets have been highlighted as critical infrastructures in time of conflict that can severely cripple a nation. Control systems, energy resources, finance, telecommunications, transportation, and water facilities are seen as critical infrastructure targets during conflict. Many devices are integrated with computer platforms to control valves and gates to certain physical infrastructures.
Electricity also known as electric grids power cities, regions, and households; it powers machines and other mechanisms used in day-to-day life.
Using U. By shutting those grids down, they can cause mass hysteria, backlog, and confusion; also being able to locate critical areas of operation to further attacks in a more direct method. Cyberterrorists can access instructions on how to connect to the Bonneville Power Administration which helps direct them on how to not fault the system in the process. This is a major advantage that can be utilized when cyber-attacks are being made because foreign attackers with no prior knowledge of the system can attack with the highest accuracy without drawbacks.
Cyberattacks on natural gas installations go much the same way as it would with attacks on electrical grids. Cyberterrorists can shutdown these installations stopping the flow or they can even reroute gas flows to another section that can be occupied by one of their allies. There was a case in Russia with a gas supplier known as Gazprom, they lost control of their central switchboard which routes gas flow, after an inside operator and Trojan horse program bypassed security. Operations would stall from region to region causing nationwide economical degradation.
In the U. A cyberattack on a financial institution or transactions may be referred to as a cyberheist.
These attacks may start with phishing that targets employees, using social engineering to coax information from them. They may allow attackers to hack into the network and put keyloggers on the accounting systems.
In time, the cybercriminals are able to obtain password and keys information. An organization's bank accounts can then be accessed via the information they have stolen using the keyloggers. Telecommunication integration is becoming common practice, systems such as voice and IP networks are merging. Everything is being run through the internet because the speeds and storage capabilities are endless. Denial-of-service attacks can be administered as previously mentioned, but more complex attacks can be made on BGP routing protocols or DNS infrastructures.
It is less likely that an attack would target or compromise the traditional telephony network of SS7 switches, or an attempted attack on physical devices such as microwave stations or satellite facilities.
The ability would still be there to shut down those physical facilities to disrupt telephony networks. The whole idea on these cyber-attacks is to cut people off from one another, to disrupt communication, and by doing so, to impede critical information being sent and received.
In cyberwarfare, this is a critical way of gaining the upper-hand in a conflict. Applets that illustrate algorithms and protocols would be especially nice.
My work experience includes seven years at the National Security Agency followed by two years at a Silicon Valley startup company where I helped design and develop a digital rights management security product.
This real-world work was sandwiched between academic jobs. While in academia, my research interests have included a wide variety of security topics. With my return to academia in , I quickly realized that none of the available security textbooks had much connection with the real world. I can say that many of my former students who are now at leading Silicon Valley companies tell me that the information they learned in my course has proved useful in the real world.
I do have a life outside of information security. I also spend too much time watching cartoons. Another favorite activity of mine is complaining about the absurd price of housing in the San Francisco Bay Area. I want to thank my thesis advisor, Clyde F. Martin for introducing me to this fascinating subject. In my seven years at NSA, I learned more about security than I could have learned in a lifetime anywhere else.
Unfortunately, the people who taught me so much must remain anonymous. At my ill-fated startup company, MediaSnap, Inc. In spite of these pressures, we produced a high-quality digital rights management product that was far ahead of its time.
I want to thank all at MediaSnap, and especially Joe Pasqua and Paul Clarke, for giving me the chance to work on such a fascinating and challenging project. Richard Low, a colleague here at SJSU, provided helpful feedback on an early version of the manuscript.
David Blockus deserves special mention for giving me detailed comments on each chapter at a particularly critical juncture in the writing of this book. I want to thank all of the people at Wiley who applied their vast expertise to make the book writing process as painless as possible. Trudy is a generic bad guy who is trying to attack the system in some way.
Some authors employ a team of bad guys where the name implies the particular nefarious activity. Trudy will be our all-purpose bad guy. Alice, Bob, Trudy and the rest of the gang need not be humans. For example, one possible scenario would be that Alice is a laptop, Bob a server, and Trudy a human.
Information has integrity if unauthorized writing is prohibited. Denial of service, or DoS, attacks are a relatively recent concern. Such attacks try to reduce access to information.
As a result of the rise in DoS attacks, data availability has become a fundamental issue in information security. Bob might then take his business elsewhere.
Although these two authentication problems look similar on the surface, under the surface they are completely different.
Authentication over a network is open to many kinds of attacks. The messages sent over a network can be viewed by Trudy. To make matters worse, Trudy can not only intercept messages, she can alter messages and insert messages of her own making.
She can also replay old messages in an effort to, say, convince AOB that she is really Bob. Authentication in such a situation requires careful attention to the protocols that are used. Cryptography also has an important role to play in security protocols. Enforcing such restrictions is the domain of authorization. Note that authorization places restrictions on the actions of authenticated users.
Modern software systems tend to be large, complex, and rife with bugs.
How can AOB be sure that its software is behaving correctly? On the other hand, some software is written with the intent of doing evil. Such malicious software, or malware, includes the all-too-familiar computer viruses and worms that plague the Internet today.
What can Trudy do to increase the nastiness of such pests? Bob also has many software concerns. For example, when Bob enters his password on his computer, how does he know that his password has not been captured and sent to Trudy? If Bob conducts a transaction at www. Operating systems are themselves large and complex pieces of software. OSs also enforce much of the security in any system, so some knowledge of OSs is necessary in order to more fully appreciate the challenges of information security.
I believe this is appropriate, since the strengths, weaknesses, and inherent limitations of the mechanisms directly affect all of the other critical aspects of security.
In other words, without a reasonable understanding of the mechanisms, it is not possible to have an informed discussion of any of the other three issues. These classic systems illustrate fundamental principles that are employed in modern digital cipher systems, but in a more user-friendly format. Hash functions are used in many different contexts in information security. Some of these uses are quite surprising and not always intuitive. In fact, weak passwords present a major security weakness in most systems.
The alternatives to passwords include biometrics and smartcards. Authorization deals with restrictions placed on authenticated users. Authorization leads naturally to a few relatively specialized topics. If both types of information are on a single system, how can we enforce such restrictions? The idea behind such modeling is to lay out the essential security requirements of a system. If so, the system would automatically inherit all of the security properties that are known to hold for such a model.
Multilevel security also provides an opportunity to discuss covert channels and inference control. Covert channels are unintended channels of communication.