Security Engineering Book Review
|
Security Engineering
|
Security Engineering
- Author:
- Ross Anderson
- Publisher:
- Wiley
- Published:
- 2008
- Pages:
- 1040
|
Security Engineering
Security Engineering Chapters
Security Engineering Chapters
- What is Security Engineering?
- Introduction
- A Framework
- Example 1 - A Bank
- Example 2 - A Military Base
- Example 3 - A Hospital
- Example 4 - The Home
- Definitions
- Summary
- Usability and Psychology
- Introduction
- Attacks Based on Psychology
- Insights from Psychology Research
- What the Brain Does Worse Than the Computer
- Perceptual Bias and Behavioural Economics
- Different Aspects of Mental Processing
- Differences Between People
- Social Psychology
- What the Brain Does Better Than Computer
- Passwords
- Difficulties with Reliable Password Entry
- Difficulties with Remembering the Password
- Naive Password Choice
- User Abilities and Training
- Design Errors
- Operational Issues
- Social Engineering Attacks
- Trusted Path
- Phishing Countermeasures
- Password Manglers
- Client Certs or Specialist Apps
- Using the Browser's Password Database
- Soft Keyboards
- Customer Education
- Microsoft Passport
- Phishing Alert Toolbars
- Two-Factor Authentication
- Trusted Computing
- Fortified Password Protocols
- Two-Channel Authentication
- The Future of Phishing
- Systems Issues
- Can You Deny Service?
- Protecting Oneself or Others?
- Attacks on Password Entry
- Interface Design
- Eavesdropping
- Technical Defeats of Password Retry Counter
- Attacks on Password Storage
- One-Way Encryption
- Password Cracking
- Absolute Limits
- CAPTCHAs
- Summary
- Research Problems
- Further Reading
- Protocols
- Introduction
- Password Eavesdropping Risks
- Who Goes There? - Simple Authentication
- Challenge and Response
- The MIG-in-Middle Attack
- Reflection Attacks
- Manipulating the Message
- Changing the Environment
- Chosen Protocol Attacks
- Managing Encryption Keys
- Basic Key Management
- The Needham-Schroeder Protocol
- Kerberos
- Practical Key Management
- Getting Formal
- A Typical Smartcard Banking Protocol
- The BAN Logic
- Verifying the Payment Protocol
- Limitations of Formal Verification
- Summary
- Research Problems
- Further Reading
- Access Control
- Introduction
- Operating System Access Controls
- Groups and Roles
- Access Control Lists
- Unix Operating System Security
- Apple's OS/X
- Windows - Basic Architecture
- Capabilities
- Windows - Added Features
- Middleware
- Database Access Controls
- General Middleware Issues
- ORBs and Policy Languages
- Sandboxing and Proof-Carrying Code
- Virtualization
- Trusted Computing
- Hardware Protection
- Intel Processors and 'Trusted Computing'
- ARM Processors
- Security Processors
- What Goes Wrong
- Smashing the Stack
- Other Technical Attacks
- User Interface Failures
- Why So Many Things Go Wrong
- Remedies
- Environmental Creep
- Summary
- Research Problems
- Further Reading
- Cryptography
- Introduction
- Historical Background
- An Early Stream Cipher - The Vigenère
- The One-Time Pad
- An Early Block Cipher - Playfair
- One-Way Functions
- Asymmetric Primitives
- The Random Oracle Model
- Random Functions - Hash Functions
- Properties
- The Birthday Theorem
- Random Generators - Stream Ciphers
- Random Permutations - Block Ciphers
- Public Key Encryption and Trapdoor One-Way Permutations
- Digital Signatures
- Symmetric Crypto Primitives
- SP-Networks
- Block Size
- Number of Rounds
- Choice of S-Boxes
- Linear Cryptanalysis
- Differential Cryptanalysis
- Serpent
- The Advanced Encryption Standard (AES)
- Feistel Ciphers
- The Luby-Rackoff Result
- DES
- Modes of Operation
- Electronic Code Book
- Cipher Block Chaining
- Output Feedback
- Counter Encryption
- Cipher Feedback
- Message Authentication Code
- Composite Modes of Operation
- Hash Functions
- Extra Requirements on the Underlying Cipher
- Common Hash Functions and Applications
- Asymmetric Crypto Primitives
- Cryptography Based on Factoring
- Cryptography Based on Discrete Logarithms
- Public Key Encryption - Diffie Hellamn and ElGamal
- Key Establishment
- Digital Signature
- Special Purpose Primitives
- Elliptic Curve Cryptography
- Certification
- The Strength of Asymmetric Cryptographic Primitives
- Summary
- Research Problems
- Further Reading
- Distributed Systems
- Introduction
- Concurrency
- Using Old data Versus Paying to Propagate State
- Locking to Prevent Inconsistent Updates
- The Order of Updates
- Deadlock
- Non-Convergent States
- Secure Time
- Fault Tolerance and Failure Recovery
- Failure Models
- Byzantine Failure
- Interaction with Fault Tolerance
- What is Resilience For?
- At What Level is the Redundancy?
- Service-Denial Attacks
- Naming
- The Distributed Systems View of Naming
- What Else Goes Wrong
- Naming and Identity
- Cultural Assumptions
- Semantic Content of Names
- Uniqueness of Names
- Stability of Names and Addresses
- Adding Social Content to Naming
- Restrictions on the Use of Names
- Types of Name
- Summary
- Research Problems
- Further Reading
- Economics
- Introduction
- Classical Economics
- Information Economics
- The Price of Information
- The Value of Lock-In
- Asymmetric Information
- Game Theory
- The Prisoners' Dilemma
- Evolutionary Games
- The Economics of Security and Dependability
- Weakest Link, or Sum of Efforts?
- Managing the Patching Cycle
- Why Is Windows So Insecure?
- Economics of Privacy
- Economics of DRM
- Summary
- Research Problems
- Further Reading
- Multilevel Security
- Introduction
- What is a Security Policy Model?
- The Bell-LaPadula Security Policy Model
- Classification and Clearances
- Information Flow Control
- The Standard Criticisms of Bell-La Padula
- Alternative Formulations
- The Biba Model and Vists
- Historical Examples of MLS Systems
- SCOMP
- Blacker
- MLS Unix and Compartmented Mode Workstations
- The NRL Pump
- Logistics Systems
- Sybard Suite
- Wiretap Systems
- Future MLS Systems
- Vista
- Linux
- Virtualization
- Embedded Systems
- What Goes Wrong
- Composability
- The Cascade Problem
- Covert Channels
- The Threat from Viruses
- Polyinstantiation
- Other Practical Problems
- Broader Implications of MLS
- Multilateral Security
- Introduction
- Compartmentation, the Chinese Wall and the BMA Model
- Compartmentation and the Lattice Model
- The Chinese Wall
- The BMA Model
- The Threat Model
- The Security Policy
- Pilot Implementations
- Current Privacy Issues
- Inference Control
- Basic Problems of Inference Control in Medicine
- Other Applications of Inference Control
- The Theory of Inference Control
- Query Set Size Control
- Trackers
- More Sophisticated Query Controls
- Cell Suppression
- Maximum Order Control and the Lattice Model
- Audit Based Control
- Randomization
- Limitations of Generic Approaches
- The Value of Imperfect Protection
- The Residual Problem
- Banking and Bookkeeping
- Introduction
- The Origins of Bookkeeping
- Double-Entry Bookkeeping
- A Telegraphic History of E-commerce
- How Bank Computer Systems Work
- The Clark-Wilson Security Policy Model
- Designing Internal Controls
- What Goes Wrong
- Wholesale Payment Systems
- Automatic Teller Machines
- ATM Basics
- What Goes Wrong
- Incentives and Injustices
- Credit Cards
- Fraud
- Forgery
- Automatic Fraud Detection
- The Economics of Fraud
- Online Credit card Fraud - the Hype and the Reality
- Smartcard-Based Banking
- EMV
- Static Data Authentication
- Dynamic Data Authentication
- Combined Data Authentication
- RFID
- Home Banking and Money Laundering
- Physical Protection
- Introduction
- Threats and Barriers
- Threat Model
- Deterrence
- Walls and Barriers
- Mechanical Locks
- Electronic Locks
- Alarms
- Now not to Protect a Painting
- Sensor Defeats
- Feature Interactions
- Attacks on Communications
- Lessons Learned
- Monitoring and Metering
- Introduction
- Prepayment Meters
- Utility
- How the System Works
- What Goes Wrong
- Taxi Meters, Tachographs and Truck Speed Limiters
- The Tachograph
- What Goes Wrong
- How Most Tachograph Manipulation is Done
- Tampering with the Supply
- Tampering with the Instrument
- High-Tech Attacks
- The Digital Tachograph Project
- System Level Problems
- Other Problems
- The Resurrecting Duckling
- Postage Meters
- Nuclear Command and Control
- Introduction
- The Evolution of Command and Control
- The Kennedy Memorandum
- Authorization, Environment, Intent
- Unconditionally Secure Authentication
- Shared Control Systems
- Tamper Resistance and PALs
- Treaty Verification
- What Goes Wrong
- Secrecy or Openness?
- Introduction
- History
- Security Printing
- Threat Model
- Security Printing Technologies
- Packaging and Seals
- Substrate Properties
- The Problems of Glue
- PIN Mailers
- Systemic Vulnerabilities
- Peculiarities of the Threat Model
- Anti-Gundecking Measures
- The Effect of Random Failure
- Material Control
- Not Protecting the Right Things
- The Cost and Nature of Inspection
- Evaluation Methodology
- Security Printing and Seals
- Introduction
- History
- Security Printing
- Threat model
- Security Printing Technologies
- Packaging and Seals
- Substrate Properties
- The Problems of Glue
- PIN Mailers
- Systemic Vulnerabilities
- Peculiarities of the Threat Model
- Anti-Gundecking Measures
- The Effect of Random Failure
- Materials Control
- Not Protecting the Right Things
- The Cost and Nature Introspection
- Evaluation Methodology
- Biometrics
- Introduction
- Handwritten Signatures
- Face Recognition
- Bertilonage
- Fingerprints
- Verifying Positive or Negative Identity Claims
- Crime Scene Forensics
- Iris Codes
- Voice Recognition
- Other Systems
- What Goes Wrong
- Physical Tamper Resistance
- Introduction
- History
- High-End Physically Secure Processors
- Evaluation
- Medium Security Processors
- The iButton
- The Dallas 5000 Series
- FGPA Security and the Clipper Chip
- Smartcards and Microcontrollers
- History
- Architecture
- Security Evolution
- The State of the Art
- Defense in Depth
- Stop Loss
- What Goes Wrong
- The Trusted Interface Problem
- Conflicts
- The Lemons Market, Rick Dumping and Evaluation
- Security-by-Obscurity
- Interaction with Policy
- Function Creep
- So What Should One Protect?
- Emission Security
- Introduction
- History
- Technical Surveillance and Countermeasures
- Passive Attacks
- Leakage Through Power and Signal Cables
- Red / Black Separation
- Timing Analysis
- Power Analysis
- Leakage Through RF Signals
- Active Attacks
- Tempest Virtues
- Nonstop
- Glitching
- Differential Fault Analysis
- Combination Attacks
- Commercial Exploitation
- Defenses
- Optical Acoustic and Thermal Side Channels
- How Serious are Emsec Attacks?
- API Attacks
- Introduction
- API Attacks on Security Models
- The XOR-To-Null-Key Attack
- The Attack on the 4758
- Multiparty Computation and Differential Protocol Attacks
- The EMV Attack
- API Attacks on Operating Systems
- Electronic and Information Warfare
- Introduction
- Basics
- Communicating Systems
- Surveillance and Target Acquisitions
- IFF Systems
- Improvised Explosive Devices
- Directed Energy Weapons
- Information Warfare
- Definitions
- Doctrine
- Potentially Useful Lessons from Electronic Warfare
- Difference Between E-war and I-war
- Telecom System Security
- Phone Phreaking
- Attacks on Metering
- Attacks on Signaling
- Attacks on Switching and Configuration
- Insecure End Systems
- Feature Interaction
- Mobile Phones
- Mobile Phone Cloning
- GSM Security Mechanisms
- Third Generation Mobiles - 3gPP
- Platform Security
- So Was Mobile Security a Success or a Failure?
- VOIP
- Security Economics of Telecomms
- Frauds by Phone Companies
- Billing Mechanisms
- Network Attack and Defense
- Introduction
- Vulnerabilities in Network Protocols
- Attacks on Local Networks
- Attacks Using Internet Protocols and Mechanisms
- YSN Flooding
- Smurfing
- Distributed Denial of Service Attacks
- Spam
- DNS Security and Pharming
- Trojans, Viruses, Worms and Rootkits
- Early History of Malicious Code
- The Internet Worm
- How Viruses and Worms Work
- The History of Malware
- Countermeasures
- Defense Against Network Attack
- Configuration Management and Operational Security
- Filtering: Firewalls, Spam Filters, Censorware and Wiretaps
- Packet Filtering
- Circuit gateways
- Application Relays
- ingress Versus Egress Filtering
- Architecture
- Intrusion Detection
- Types of Intrusion Detection
- General Limitations of Intrusion Detection
- Specific Problems Detecting Network Attacks
- Encryption
- SSH
- WiFi
- Bluetooth
- HomePLug
- IPsec
- TLS
- PKI
- Topology
- Copyright and DRM
- Introduction
- Copyright
- Software
- Books
- Audio
- Video and Pay-TV
- Typical System Architecture
- Video Scrambling Techniques
- Attacks on Hybrid Scrambling Systems
- DVB
- DVD
- HD-DVD and Blu-ray
- AACS - Broadcast Encryption and Traitor Tracing
- Blu-ray and SPDC
- General Platforms
- Windows Media Rights Management
- Other Online Rights-Management Systems
- Peer-to-Peer Systems
- Rights Management of Semiconductor IP
- Information Hiding
- Watermarks and Copy Generation Management
- General Information Hiding Techniques
- Attacks on Copyright Marking Schemes
- Application of Copyright Marking Schemes
- Policy
- The IP Lobby
- Who Benefits?
- Accessory Control
- The Bleeding Edge
- Introduction
- Computer Games
- Types of Cheating
- Aimbots and Other Unauthorized Software
- Virtual Worlds, Virtual Economies
- Web Applications
- eBay
- Google
- Social Networking Sites
- Privacy Technology
- Anonymous Email - The Dining Cryptographers and Mixes
- Anonymous Web Browsing - Tor
- Confidential and Anonymous Phone Calls
- Email Encryption
- Steganography and Forensics Countermeasures
- Putting it All Together
- Elections
- Terror, Justice and Freedom
- Introduction
- Terrorism
- Causes of Political Violence
- The Psychology of Political Violence
- The Role of Political Institutions
- The Role of the Press
- The Democratic Response
- Surveillance
- The History of Government Wiretapping
- The Growing Controversy about Traffic Analysis
- Unlawful Surveillance
- Access to Search Terms and Location Data
- Data Mining
- Surveillance via ISPs - Carnivore and its Offspring
- Communications Intelligence on Foreign Targets
- intelligence Strengths and Weaknesses
- The Crypto Wars
- The Back Story to Crypto Policy
- DES and Crypto Research
- The Clipper Chip
- Did the Crypto Wars Matter?
- Export Control
- Censorship
- Censorship by Authoritarian Regimes
- Network Neutrality
- Peer-to-Peer
- Forensics and Rules of Evidence
- Forensics
- Admissibility of Evidence
- Privacy and Data Protection
- European Data Protection
- Differences between Europe and the USA
- Managing the Development of Secure Systems
- Introduction
- Managing a Security Project
- A Tale of Three Supermarkets
- Risk Management
- Organizational Issues
- The Complacency Cycle and the Risk Thermostat
- Interaction with Reliability
- Solving the Wrong Problem
- Incompetent and Inexperienced Security Managers
- Moral Hazard
- Methodology
- Top-Down Design
- Iterative Design
- Lessons from Safety-Critical Systems
- Security Requirements Engineering
- Managing Requirements Evolution
- Bug Fixing
- Control Tuning and Corporate Governance
- Evolving Environments and the Tragedy of the Commons
- Organizational Change
- Managing Project Requirements
- Parallelizing the Process
- Risk Management
- Managing the Team
- System Evaluation and Assurance
- Introduction
- Assurance
- Perverse Economic Incentives
- Project Assurance
- Security Testing
- Formal Methods
- Quis Custodiet?
- Process Assurance
- Assurance Growth
- Evolution and Security Assurance
- Evaluation
- Evaluations by the Relying Party
- The Common Criteria
- What the Common Criteria Don't Do
- Corruption, Manipulation and Inertia
- Ways Forward
- Hostile Review
- Free and Open-Source Software
- Semi-Open Design
- Penetrate-and-Patch, CERTs and Bugtraq
- Education
- Conclusions
Security Engineering Appendices
- Bibliography
- Index
|
|
Poised Solutions Library
Programming Books | Administration Books | Cyber Security Books
Computer Science Books | Electronic Books | Literature Books
Cyber Security Hardening | Cyber Security Monitoring
Cyber Security Encryption | Cyber Security Penetration
© Poised Solutions Copyright 2008 - 2009
Web Development and Web Design by Poised Solutions IT Practice
Guild of Developers • PantheonOS • Cyber Security
