第1页 / 共838页
第2页 / 共838页
第3页 / 共838页
第4页 / 共838页
第5页 / 共838页
第6页 / 共838页
第7页 / 共838页
第8页 / 共838页
Computer Security: Principles and Practice, Third Edition.pdf
Cover
Title Page
Copyright Page
ACKNOWLEDGMENTS
Contents
Online Resources
Preface
Notation
About the Authors
Chapter 0 Reader’s and Instructor’s Guide
0.1 Outline of this Book
0.2 A Roadmap for Readers and Instructors
0.3 Support for CISSP Certification
0.4 Support for NSA/DHS Certification
0.5 Support for ACM/IEEE Computer Society Computer Science Curricula 2013
0.6 Internet and Web Resources
0.7 Standards
Chapter 1 Overview
1.1 Computer Security Concepts
1.2 Threats, Attacks, and Assets
1.3 Security Functional Requirements
1.4 Fundamental Security Design Principles
1.5 Attack Surfaces and Attack Trees
1.6 Computer Security Strategy
1.7 Recommended Reading
1.8 Key Terms, Review Questions, and Problems
PART ONE: COMPUTER SECURITY TECHNOLOGY AND PRINCIPLES
Chapter 2 Cryptographic Tools
2.1 Confidentiality with Symmetric Encryption
2.2 Message Authentication and Hash Functions
2.3 Public-Key Encryption
2.4 Digital Signatures and Key Management
2.5 Random and Pseudorandom Numbers
2.6 Practical Application: Encryption of Stored Data
2.7 Recommended Reading
2.8 Key Terms, Review Questions, and Problems
Chapter 3 User Authentication
3.1 Electronic User Authentication Principles
3.2 Password-Based Authentication
3.3 Token-Based Authentication
3.4 Biometric Authentication
3.5 Remote User Authentication
3.6 Security Issues for User Authentication
3.7 Practical Application: An Iris Biometric System
3.8 Case Study: Security Problems for ATM Systems
3.9 Recommended Reading
3.10 Key Terms, Review Questions, and Problems
Chapter 4 Access Control
4.1 Access Control Principles
4.2 Subjects, Objects, and Access Rights
4.3 Discretionary Access Control
4.4 Example: UNIX File Access Control
4.5 Role-Based Access Control
4.6 Attribute-Based Access Control
4.7 Identity, Credential, and Access Management
4.8 Trust Frameworks
4.9 Case Study: RBAC System for a Bank
4.10 Recommended Reading
4.11 Key Terms, Review Questions, and Problems
Chapter 5 Database and Cloud Security
5.1 The Need for Database Security
5.2 Database Management Systems
5.3 Relational Databases
5.4 SQL Injection Attacks
5.5 Database Access Control
5.6 Inference
5.7 Database Encryption
5.8 Cloud Computing
5.9 Cloud Security Risks and Countermeasures
5.10 Data Protection in the Cloud
5.11 Cloud Security as a Service
5.12 Recommended Reading
5.13 Key Terms, Review Questions, and Problems
Chapter 6 Malicious Software
6.1 Types of Malicious Software (Malware)
6.2 Advanced Persistent Threat
6.3 Propagation—Infected Content—Viruses
6.4 Propagation—Vulnerability Exploit—Worms
6.5 Propagation—Social Engineering—Spam E-Mail, Trojans
6.6 Payload—System Corruption
6.7 Payload—Attack Agent—Zombie, Bots
6.8 Payload—Information Theft—Keyloggers, Phishing, Spyware
6.9 Payload—Stealthing—Backdoors, Rootkits
6.10 Countermeasures
6.11 Recommended Reading
6.12 Key Terms, Review Questions, and Problems
Chapter 7 Denial-of-Service Attacks
7.1 Denial-of-Service Attacks
7.2 Flooding Attacks
7.3 Distributed Denial-of-Service Attacks
7.4 Application-Based Bandwidth Attacks
7.5 Reflector and Amplifier Attacks
7.6 Defenses Against Denial-of-Service Attacks
7.7 Responding to a Denial-of-Service Attack
7.8 Recommended Reading
7.9 Key Terms, Review Questions, and Problems
Chapter 8 Intrusion Detection
8.1 Intruders
8.2 Intrusion Detection
8.3 Analysis Approaches
8.4 Host-Based Intrusion Detection
8.5 Network-Based Intrusion Detection
8.6 Distributed or Hybrid Intrusion Detection
8.7 Intrusion Detection Exchange Format
8.8 Honeypots
8.9 Example System: Snort
8.10 Recommended Reading
8.11 Key Terms, Review Questions, and Problems
Chapter 9 Firewalls and Intrusion Prevention Systems
9.1 The Need for Firewalls
9.2 Firewall Characteristics and Access Policy
9.3 Types of Firewalls
9.4 Firewall Basing
9.5 Firewall Location and Configurations
9.6 Intrusion Prevention Systems
9.7 Example: Unified Threat Management Products
9.8 Recommended Reading
9.9 Key Terms, Review Questions, and Problems
PART TWO: SOFTWARE SECURITY AND TRUSTED SYSTEMS
Chapter 10 Buffer Overflow
10.1 Stack Overflows
10.2 Defending Against Buffer Overflows
10.3 Other Forms of Overflow Attacks
10.4 Recommended Reading
10.5 Key Terms, Review Questions, and Problems
Chapter 11 Software Security
11.1 Software Security Issues
11.2 Handling Program Input
11.3 Writing Safe Program Code
11.4 Interacting with the Operating System and Other Programs
11.5 Handling Program Output
11.6 Recommended Reading
11.7 Key Terms, Review Questions, and Problems
Chapter 12 Operating System Security
12.1 Introduction to Operating System Security
12.2 System Security Planning
12.3 Operating Systems Hardening
12.4 Application Security
12.5 Security Maintenance
12.6 Linux/Unix Security
12.7 Windows Security
12.8 Virtualization Security
12.9 Recommended Reading
12.10 Key Terms, Review Questions, and Problems
Chapter 13 Trusted Computing and Multilevel Security
13.1 The Bell-LaPadula Model for Computer Security
13.2 Other Formal Models for Computer Security
13.3 The Concept of Trusted Systems
13.4 Application of Multilevel Security
13.5 Trusted Computing and the Trusted Platform Module
13.6 Common Criteria for Information Technology Security Evaluation
13.7 Assurance and Evaluation
13.8 Recommended Reading
13.9 Key Terms, Review Questions, and Problems
PART THREE: MANAGEMENT ISSUES
Chapter 14 IT Security Management and Risk Assessment
14.1 IT Security Management
14.2 Organizational Context and Security Policy
14.3 Security Risk Assessment
14.4 Detailed Security Risk Analysis
14.5 Case Study: Silver Star Mines
14.6 Recommended Reading
14.7 Key Terms, Review Questions, and Problems
Chapter 15 IT Security Controls, Plans, and Procedures
15.1 IT Security Management Implementation
15.2 Security Controls or Safeguards
15.3 IT Security Plan
15.4 Implementation of Controls
15.5 Monitoring Risks
15.6 Case Study: Silver Star Mines
15.7 Recommended Reading
15.8 Key Terms, Review Questions, and Problems
Chapter 16 Physical and Infrastructure Security
16.1 Overview
16.2 Physical Security Threats
16.3 Physical Security Prevention and Mitigation Measures
16.4 Recovery From Physical Security Breaches
16.5 Example: A Corporate Physical Security Policy
16.6 Integration of Physical and Logical Security
16.7 Recommended Reading
16.8 Key Terms, Review Questions, and Problems
Chapter 17 Human Resources Security
17.1 Security Awareness, Training, and Education
17.2 Employment Practices and Policies
17.3 E-Mail and Internet Use Policies
17.4 Computer Security Incident Response Teams
17.5 Recommended Reading
17.6 Key Terms, Review Questions, and Problems
Chapter 18 Security Auditing
18.1 Security Auditing Architecture
18.2 Security Audit Trail
18.3 Implementing the Logging Function
18.4 Audit Trail Analysis
18.5 Example: An Integrated Approach
18.6 Recommended Reading
18.7 Key Terms, Review Questions, and Problems
Chapter 19 Legal and Ethical Aspects
19.1 Cybercrime and Computer Crime
19.2 Intellectual Property
19.3 Privacy
19.4 Ethical Issues
19.5 Recommended Reading
19.6 Key Terms, Review Questions, and Problems
PART FOUR: CRYPTOGRAPHIC ALGORITHMS
Chapter 20 Symmetric Encryption and Message Confidentiality
20.1 Symmetric Encryption Principles
20.2 Data Encryption Standard
20.3 Advanced Encryption Standard
20.4 Stream Ciphers and RC4
20.5 Cipher Block Modes of Operation
20.6 Location of Symmetric Encryption Devices
20.7 Key Distribution
20.8 Recommended Reading
20.9 Key Terms, Review Questions, and Problems
Chapter 21 Public-Key Cryptography and Message Authentication
21.1 Secure Hash Functions
21.2 HMAC
21.3 The RSA Public-Key Encryption Algorithm
21.4 Diffie-Hellman and Other Asymmetric Algorithms
21.5 Recommended Reading
21.6 Key Terms, Review Questions, and Problems
PART FIVE: NETWORK SECURITY
Chapter 22 Internet Security Protocols and Standards
22.1 Secure E-Mail and S/MIME
22.2 DomainKeys Identified Mail
22.3 Secure Sockets Layer (SSL) and Transport Layer Security (TLS)
22.4 HTTPS
22.5 IPv4 and IPv6 Security
22.6 Recommended Reading
22.7 Key Terms, Review Questions, and Problems
Chapter 23 Internet Authentication Applications
23.1 Kerberos
23.2 X.509
23.3 Public-Key Infrastructure
23.4 Recommended Reading
23.5 Key Terms, Review Questions, and Problems
Chapter 24 Wireless Network Security
24.1 Wireless Security
24.2 Mobile Device Security
24.3 IEEE 802.11 Wireless LAN Overview
24.4 IEEE 802.11i Wireless LAN Security
24.5 Recommended Reading
24.6 Key Terms, Review Questions, and Problems
Appendix A: Projects and Other Student Exercises for Teaching Computer Security
A.1 Hacking Project
A.2 Laboratory Exercises
A.3 Security Education (SEED) Projects
A.4 Research Projects
A.5 Programming Projects
A.6 Practical Security Assessments
A.7 Firewall Projects
A.8 Case Studies
A.9 Reading/Report Assignments
A.10 Writing Assignments
A.11 Webcasts for Teaching Computer Security
Acronyms
References
Index
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Z
Computer SeCurity
PrinciPles and Practice
Third Edition
William Stallings
Lawrie Brown
UNSW Canberra at the Australian Defence Force Academy
Boston Columbus
Indianapolis New York San Francisco Upper Saddle River
Amsterdam Cape Town Dubai London Madrid Milan Munich Paris Montreal Toronto
Delhi Mexico City São Paulo Sydney Hong Kong Seoul Singapore Taipei Tokyo
Editorial Director, ECS: Marcia Horton
Executive Editor: Tracy Johnson (Dunkelberger)
Editorial Assistant: Kelsey Loanes
Director of Marketing: Christy Lesko
Marketing Manager: Yez Alayan
Marketing Assistant: Jon Bryant
Director of Program Management: Erin Gregg
Program Management – Team Lead: Scott Disanno
Program Manager: Carole Snyder
Project Manager: Robert Engelhardt
Procurement Specialist: Linda Sager
Cover Designer: Marta Samsel
Managing Project Editor: Dr. Priyadharshini
Dhanagopal
Production Project Manager: Jennifer Sargunar
Permissions Supervisor: Rachel Youdelman
Permissions Administrator: William Opaluch
Cover Art: © Arnaud Chicurel/Hemis/Corbis
Associate Web Developer: Barry Offringa
Full-Service Project Management:
Mahalatchoumy Saravanan, Jouve India
Credits and acknowledgments borrowed from other sources and reproduced, with permission, in this textbook
appear on page 815.
Copyright © 2015, 2012, 2008 by Pearson Education, Inc. All rights reserved. Printed in the United States of
America. This publication is protected by copyright, and permission should be obtained from the publisher
prior to any prohibited reproduction, storage in a retrieval system, or transmission in any form or by any means,
electronic, mechanical, photocopying, recording, or likewise. To obtain permission(s) to use material from this
work, please submit a written request to Pearson Education, Inc., Permissions Department, One Lake Street,
Upper Saddle River, New Jersey 07458, or you may fax your request to 201-236-3290.
Many of the designations by manufacturers and sellers to distinguish their products are claimed as trademarks.
Where those designations appear in this book, and the publisher was aware of a trademark claim, the designations
have been printed in initial caps or all caps.
pages cm
Library of Congress Cataloging-in-Publication Data
Stallings, William, author.
Computer security : principles and practice / William Stallings, Lawrie Brown, University of New South Wales,
Australian Defence Force Academy. — Third edition.
ISBN 978-0-13-377392-7 — ISBN 0-13-377392-2
measures—Examinations—Study guides. 4. Electronic data processing personnel—Certification—Study guides.
I. Brown, Lawrie, author. II. Title.
QA76.9.A25S685 2014
005.8—dc23
1. Computer security. 2. Computer security—Examinations—Study guides. 3. Computer networks—Security
10 9 8 7 6 5 4 3 2 1
2014012092
ISBN-10: 0-13-377392-2
ISBN-13: 978-0-13-377392-7
For my loving wife, Tricia
To my extended family, who helped
make this all possible
—WS
—LB
This page intentionally left blank
ContentS
Online Resources xi
Preface xii
Notation xviii
About the Authors xix
Outline of this Book 2
A Roadmap for Readers and Instructors 2
Support for CISSP Certification 3
Support for NSA/DHS Certification 5
Support for ACM/IEEE Computer Society Computer Science Curricula 2013 6
Internet and Web Resources 8
Standards 9
0.1
0.2
0.3
0.4
0.5
0.6
0.7
Chapter 0 Reader’s and Instructor’s Guide 1
Chapter 1 Overview 11
Computer Security Concepts 12
Threats, Attacks, and Assets 19
Security Functional Requirements 25
Fundamental Security Design Principles 27
Attack Surfaces and Attack Trees 31
Computer Security Strategy 34
Recommended Reading 36
Key Terms, Review Questions, and Problems 37
1.1
1.2
1.3
1.4
1.5
1.6
1.7
1.8
2.1
2.2
2.3
2.4
2.5
2.6
2.7
2.8
Confidentiality with Symmetric Encryption 41
Message Authentication and Hash Functions 47
Public-Key Encryption 55
Digital Signatures and Key Management 60
Random and Pseudorandom Numbers 64
Practical Application: Encryption of Stored Data 66
Recommended Reading 67
Key Terms, Review Questions, and Problems 68
Part One COmPuter SeCurity teChnOlOgy and PrinCiPleS 40
Chapter 2 Cryptographic Tools 40
Chapter 3 User Authentication 72
Electronic User Authentication Principles 74
Password-Based Authentication 78
Token-Based Authentication 90
Biometric Authentication 96
Remote User Authentication 100
3.1
3.2
3.3
3.4
3.5
v
vi Contents
3.6
3.7
3.8
3.9
3.10
Access Control Principles 114
Subjects, Objects, and Access Rights 117
Discretionary Access Control 118
Example: UNIX File Access Control 124
Role-Based Access Control 127
Attribute-Based Access Control 133
Identity, Credential, and Access Management 139
Trust Frameworks 143
Case Study: RBAC System for a Bank 147
4.1
4.2
4.3
4.4
4.5
4.6
4.7
4.8
4.9
4.10 Recommended Reading 150
4.11
Key Terms, Review Questions, and Problems 151
Security Issues for User Authentication 103
Practical Application: An Iris Biometric System 105
Case Study: Security Problems for ATM Systems 107
Recommended Reading 110
Key Terms, Review Questions, and Problems 110
Chapter 4 Access Control 113
Chapter 5 Database and Cloud Security 155
The Need for Database Security 156
Database Management Systems 157
Relational Databases 159
SQL Injection Attacks 163
Database Access Control 169
Inference 173
Database Encryption 176
Cloud Computing 180
Cloud Security Risks and Countermeasures 187
Chapter 6 Malicious Software 199
5.1
5.2
5.3
5.4
5.5
5.6
5.7
5.8
5.9
5.10 Data Protection in the Cloud 189
5.11
5.12 Recommended Reading 193
5.13
6.1
6.2
6.3
6.4
6.5
6.6
6.7
6.8
6.9
6.10
6.11 Recommended Reading 235
6.12
Cloud Security as a Service 189
Key Terms, Review Questions, and Problems 194
Types of Malicious Software (Malware) 200
Advanced Persistent Threat 203
Propagation—Infected Content—Viruses 204
Propagation—Vulnerability Exploit—Worms 210
Propagation—Social Engineering—Spam E-Mail, Trojans 218
Payload—System Corruption 221
Payload—Attack Agent—Zombie, Bots 222
Payload—Information Theft—Keyloggers, Phishing, Spyware 224
Payload—Stealthing—Backdoors, Rootkits 226
Countermeasures 229
Key Terms, Review Questions, and Problems 236
Contents vii
Denial-of-Service Attacks 241
Flooding Attacks 248
Distributed Denial-of-Service Attacks 250
Application-Based Bandwidth Attacks 252
Reflector and Amplifier Attacks 254
Defenses Against Denial-of-Service Attacks 259
Responding to a Denial-of-Service Attack 263
Recommended Reading 264
Key Terms, Review Questions, and Problems 264
Chapter 7 Denial-of-Service Attacks 240
Chapter 8 Intrusion Detection 267
Chapter 9 Firewalls and Intrusion Prevention Systems 304
The Need for Firewalls 305
Firewall Characteristics and Access Policy 306
Types of Firewalls 308
Firewall Basing 314
Firewall Location and Configurations 317
Intrusion Prevention Systems 322
Example: Unified Threat Management Products 326
Recommended Reading 330
Key Terms, Review Questions, and Problems 331
Intruders 268
Intrusion Detection 272
Analysis Approaches 275
Host-Based Intrusion Detection 278
Network-Based Intrusion Detection 283
Distributed or Hybrid Intrusion Detection 289
Intrusion Detection Exchange Format 291
Honeypots 294
Example System: Snort 296
8.1
8.2
8.3
8.4
8.5
8.6
8.7
8.8
8.9
8.10 Recommended Reading 300
8.11
Key Terms, Review Questions, and Problems 300
7.1
7.2
7.3
7.4
7.5
7.6
7.7
7.8
7.9
9.1
9.2
9.3
9.4
9.5
9.6
9.7
9.8
9.9
10.1
10.2
10.3
10.4
10.5
Part twO SOftware SeCurity and truSted SyStemS 336
Chapter 10 Buffer Overflow 336
Chapter 11 Software Security 375
Stack Overflows 338
Defending Against Buffer Overflows 359
Other Forms of Overflow Attacks 365
Recommended Reading 372
Key Terms, Review Questions, and Problems 372
Software Security Issues 376
Handling Program Input 380
11.1
11.2
相关推荐
2023年江西萍乡中考道德与法治真题及答案.doc
2012年重庆南川中考生物真题及答案.doc
2013年江西师范大学地理学综合及文艺理论基础考研真题.doc
2020年四川甘孜小升初语文真题及答案I卷.doc
2020年注册岩土工程师专业基础考试真题及答案.doc
2023-2024学年福建省厦门市九年级上学期数学月考试题及答案.doc
2021-2022学年辽宁省沈阳市大东区九年级上学期语文期末试题及答案.doc
2022-2023学年北京东城区初三第一学期物理期末试卷及答案.doc
2018上半年江西教师资格初中地理学科知识与教学能力真题及答案.doc
2012年河北国家公务员申论考试真题及答案-省级.doc
2020-2021学年江苏省扬州市江都区邵樊片九年级上学期数学第一次质量检测试题及答案.doc
2022下半年黑龙江教师资格证中学综合素质真题及答案.doc
