|
Securing Information & Communications Systems: Principles, Technologies, & Applications, Hardback
Stay one confident step ahead of the ever-evolving threat potential with today's most powerful IT security tools and techniques found in this practical resource. Written by an international team of security specialists, this one-stop reference gives you the latest expertise on everything from access control and network security, to smart cards and
privacy, all conveniently organized in self-contained chapters to give you fast access to whatever answers, solutions, or guidance you may need.
This total blueprint to security design and operations brings all modern considerations into focus. It maps out user authentication methods that feature the latest biometric techniques, followed by authorization and access controls including DAC, MAC, and ABAC and how these controls are best applied in today's relational and multilevel secure database systems. The book addresses network security in depth, offering a fresh look at anti-intrusion approaches, intrusion detection systems, authentication and authorization infrastructures, identity certificates, smart cards, and tokens. It also includes the latest encryption techniques, including algorithms to resist active and side channel attacks. Moreover, you find privacy-enhancing identity management tools, techniques for controlling website content, and even cybercrime investigation techniques that will help you turn the tables on attackers. Case studies of various Internet security applications round out this full collection of security tools that will prove indispensable in your ongoing efforts to safeguard IT systems from attack.
CONTENTS:
Introduction.
Security Concepts, Services and Threats - Threats and Vulnerabilities. Security Services and Safeguards.
Business-Integrated Information Security Management - Business-Integrated Information Security Management. Applying the PDCA Model to Manage Information Security. Information Security Management through Business Process Management. Factors Affecting the Use of Systematic Managerial Tools in Business - Integrated Information Security Management. Information Security Management Standardization and International Business Management. Business Continuity Management.
User Authentication Technologies - Authentication Based Upon Secret Knowledge. Authentication Based Upon Tokens. Authentication Based on Biometrics. Operational Considerations
Authorization and Access Control - Discretionary Access Control (DAC). Mandatory Access Control (MAC). Other Classic Approaches. Role-Based Access Control (RBAC). Attribute-Based Access Control.
Data Centric Applications - Security in Relational Databases. Multilevel Secure Databases. Role-Based Access Control in Database Federations.
Modern Cryptology - Encryption for Secrecy Protection. Hashing and Signatures for Authentication. Analysis and Design of Cryptographic Algorithms.
Network Security - Network Security Architecture. Security at the Network Layer. Security at the Transport Layer. Security at the Application Layer. Security in Wireless Networks. Network Vulnerabilities. Remote Attacks. Anti-intrusion Approaches.
Standard Public Key and Privilege Management Infrastructures - Key Management and Authentication. Public Key Infrastructures. Privilege Management Infrastructures.
Smart Cards and Tokens - New Applications, New Threats. Smart Cards. Side-Channel Analysis. Towards the Internet of Things.
Privacy and Privacy-Enhancing Technologies (PETs) - The Concept of Privacy. Privacy Challenges of Emerging Technologies. Legal Protection by the European Legislative Framework. Classification of PETs. Privacy Enhancing Technologies for Anonymous Communication
Content Filtering Technologies and the Law - Filtering: A Technical Solution as a Legal Solution or Imperative? Content Filtering Technologies. Under- and Over-Blocking: Is Filtering Effective? Filtering: Protection or/and Censorship? Filtering As Cross-National Issue.
Model for Cybercrime Investigation - Definitions. Comprehensive Model of Cybercrime. Protecting the Evidence.
Systemic Holistic Approach to IT Security - Aims and Objectives. Theoretical Background to the Systemic-Holistic model. The Systemic-Holistic Model and Approach. Security and Control Versus Risk: Cybermetrics. Example of System theories as Control Methods. Can Theory and Practice Unite?
Electronic Voting Systems - Requirements for an Internet-Based e-Voting System. Cryptography and e-Voting Protocols.
On Mobile Wiki Systems Security - Blending Wiki and Mobile Technology. Background Information. The Proposed Solution.
Author's Biographies
|
