Networking Security and Standards

Security is the science and technology of secure communications and resource protection from security violation such as unauthorized access and modification. Putting proper security in place gives us many advantages. It lets us exchange confidential information and keep it confidential. We can be sure that a piece of information received has not been changed. Nobody can deny sending or receiving a piece of information. We can control which piece of information can be accessed, and by whom. We can know when a piece of information was accessed, and by whom. Networks and databases are guarded against unauthorized access. We have seen the rapid development of the Internet and also increasing security requirements in information networks, databases, systems, and other information resources. This comprehensive book responds to increasing security needs in the marketplace, and covers networking security and standards. There are three types of readers who are interested in security: non-technical readers, general technical readers who do not implement security, and technical readers who actually implement security. This book serves all three by providing a comprehensive explanation of fundamental issues of networking security, concept and principle of security standards, and a description of some emerging security technologies. The approach is to answer the following questions: 1. What are common security problems and how can we address them? 2. What are the algorithms, standards, and technologies that can solve common security problems? 3.

Klappentext

The rapid development of the Internet, coupled with increasing security requirements in information networks, databases, systems, and other information resources has led to the development of this book. emNetworking Security and Standards/em responds to increasing security needs in the marketplace by providing a comprehensive explanation of the fundamental issues of networking security. The book presents concepts and principles of security standards, and provides a description of some emerging security technologies. This book deals with the issues of common security problems and how they can be addressed, and discusses the most appropriate algorithms, standards, and technologies which can be applied to solving common security problems. br/ emNetworking Security and Standards/em introduces readers to security at a conceptual level, with a strong emphasis on standards. It addresses the concepts and principles of security standards rather than the detailed implementation specifications. br/ This book serves as an excellent reference for professionals working in all aspects of networking security and standards, and may be used as a text for advanced courses on the topic.

Inhalt

1. Business Fundamentals of Security.- 1.1 Principles of Security.- 1.2 Identification and Authentication.- 1.3 Access Control.- 1.4 Confidentiality.- 1.5 Data Integrity.- 1.6 Non-Repudiation.- 1.7 Security Management.- 1.8 Security Regulation.- 1.9 Security Standards.- 2. Technical Fundamentals of Security.- 2.1 Secret and Public Key Cryptography.- 2.2 Secret Key Encryption.- 2.3 Public Key Encryption.- 2.4 Message Digest and Authentication.- 2.5 Digital Signature.- 2.6 Key Management.- 2.7 Identity Authentication.- 2.8 Key Escrow Encryption.- 2.9 Cryptoanalysis.- 3. Security Architecture Standard.- 3.1 ISO 7498 Basic Reference Model for OSI.- 3.2 ISO 74982 Security Architecture.- 3.3 Security Services.- 3.4 Security Mechanisms.- 3.5 Relationship of Security Services, Mechanisms and Layers.- 3.6 Placement of Security Services and Mechanisms.- 3.7 Security Management.- 4. Data Encryption Standards.- 4.1 ANSI X3.92 Data Encryption Standard (DES).- 4.2 ANSI X3.106 DEA Modes of Operation.- 4.3 ANSI X9.23 Standard.- 5. Key Management Standards.- 5.1 ANSI X9.17 Standard.- 5.2 ANSI X9.24 Standard.- 6. Data Integrity Standards.- 6.1 ANSI X9.9 Standard.- 6.2 ANSI X9.19 Standard.- 6.3 NIST FIPS 180 Secure Hash Standard.- 7. Digital Signature Standards.- 7.1 NIST FIPS 186 Digital Signature Standard.- 7.2 RSA Digital Signature (CCITT X.509, ANSI X9.31, and ISO 9796).- 8. Sign-On Authentication Standard.- 8.1 ANSI X9.26 Sign-On Authentication.- 8.2 ANSI X9.26 Interoperability.- 9. Directory and Certificate Standards.- 9.1 CCITT X.500 Standard.- 9.2 CCITT X.509 Standard.- 10. Electronic Mail Standards.- 10.1 CCITT X.400 Message Handling Systems.- 10.2 Security in CCITT X.400.- 10.3 Security in CCITT X.411.- 10.4 Security in CCITT X.420.- 11. Electronic Data InterchangeStandards.- 11.1 ANSI X12 EDI and ISO EDIFACT Standards.- 11.2 Secure EDI (ANSI X12.58).- 11.3 Secure EDIFACT (ISO 9735).- 12. Security Application Technologies.- 12.1 RSA Public Key Cryptography Standards.- 12.2 DoD Security Classifications.- 12.3 Kerberos and KryptoKnight.- 12.4 Firewall.- 12.5 Internet Secure Protocols: SSL and SHTTP.- 12.6 Private Communication Technology Protocols.- 12.7 Java Security.- 12.8 Internet Keyed Payment Protocols.- 12.9 Security Transaction Technology.- 12.10 Secure Electronic Transaction.- 12.11 Digital Cash and Digital Check.- 12.12 Smart Cards.- 12.13 Security for Lotus Notes.- 12.14 Database Security.