計算機安全：藝術與科學

ISBN：9787302083412

定價：96元

印次：1-1

裝幀：平裝

印刷日期：2004-4-22

本書詳盡地介紹了計算機安全的理論與實踐，闡釋了該領域最基本和最普遍的知識，包括計算機安全的本質和面臨的挑戰，策略與安全的關係，密碼學的角色與套用，策略實現機制，保障技術和方法學，脆弱性分析和入侵檢測等。同時把計算機系統、網路、人為因素和密碼學等概念融為一體，本書可作為信息安全、計算機等相關專業本科生、研究生的教科書和學習參考書，也可作為維護網路和計算機系統安全的管理人員、信息安全技術開發人員的工具書和參考書。

Preface

Goals

Philosophy

Organization

Roadmap

Dependencies

Background

UndergraduateLevel

GraduateLevel

Practitioners

SpecialAcknowledgment

Acknowledgments

PART1:INTRODUCTION

ChapterIAnOverviewofComputerSecurity

1.1TheBasicComponents

1.2Threats

1.3PolicyandMechanism

1.4AssumptionsandTrust

1.5Assurance

1.6OperationalIssues

1.7HumanIssues

1.8TyingItAllTogether

1.9Summary

1.10ResearchIssues

1.11FurtherReading

1.12Exercises

PART2:FOUNDATIONS

Chapter2AccessControlMatrix

2.1ProtectionState

2.2AccessControlMatrixModel

2.3ProtectionStateTransitions

2.4Copying,Owning,andtheAttenuationofPrivilege

2.5Summary

2.6ResearchIssues

2.7FurtherReading

2.8Exercises

Chapter3FoundationalResults

3.1TheGeneralQuestion

3.2BasicResults

3.3TheTake-GrantProtectionModel

3.4ClosingtheGap

3.5ExpressivePowerandtheModels

3.6Summary

3.7ResearchIssues

3.8FurtherReading

3.9Exercises

PART3:POLICY

Chapter4SecurityPolicies

4.1SecurityPolicies

4.2TypesofSecurityPolicies

4.3TheRoleofTrust

4.4TypesofAccessControl

4.5PolicyLanguages

4.6Example:AcademicComputerSecurityPolicy

4.7SecurityandPrecision

4.8Summary

4.9ResearchIssues

4.10FurtherReading

4.11Exercises

Chapter5ConfidentialityPolicies

5.1GoalsofConfidentialityPolicies

5.2TheBell-LaPadulaModel

5.3Tranquility

5.4TheControversyovertheBell-LaPadulaModel

5.5Summary

5.6ResearchIssues

5.7FurtherReading

5.8Exercises

Chapter6IntegrityPolicies

6.1Goals

6.2BibaIntegrityModel

6.3Lipner'sIntegrityMatrixModel

6.4Clark-WilsonIntegrityModel

6.5Summary

6.6ResearchIssues

6.7FurtherReading

6.8Exercises

Chapter7HybridPolicies

7.1ChineseWallModel

7.2ClinicalInformationSystemsSecurityPolicy

7.3OriginatorControlledAccessControl

7.4Role-BasedAccessControl

7.5Summary

7.6ResearchIssues

7.7FurtherReading

7.8Exercises

Chapter8NoninterferenceandPolicyComposition

8.1TheProblem

8.2DeterministicNoninterference

8.3Nondeducibility

8.4GeneralizedNoninterference

8.5Restrictiveness

8.6Summary

8.7ResearchIssues

8.8FurtherReading

8.9Exercises

PART4:IMPLEMENTATIONI:CRYPTOGRAPHY

Chapter9BasicCryptography

9.1WhatIsCryptography?

9.2ClassicalCryptosystems

9.3PublicKeyCryptography

9.4CryptographicChecksums

9.5Summary

9.6ResearchIssues

9.7FurtherReading

9.8Exercises

Chapter10KeyManagement

10.1SessionandInterchangeKeys

10.2KeyExchange

10.3KeyGeneration

10.4CryptographicKeyInfrastructures

10.5StoringandRevokingKeys

10.6DigitalSignatures

10.7Summary

10.8ResearchIssues

10.9FurtherReading

10.10Exercises

Chapter11CipherTechniques

11.1Problems

11.2StreamandBlockCiphers

11.3NetworksandCryptography

11.4ExampleProtocols

11.5Summary

11.6ResearchIssues

11.7FurtherReading

11.8Exercises

Chapter12Authentication

12.1AuthenticationBasics

12.2Passwords

12.3Challenge-Response

12.4Biometrics

12.5Location

12.6MultipleMethods

12.7Summary

12.8ResearchIssues

12.9FurtherReading

12.10Exercises

PART5:IMPLEMENTATIONII:SYSTEMS

Chapter13DesignPrinciples

13.1Overview

13.2DesignPrinciples

13.3Summary

13.4ResearchIssues

13.5FurtherReading

13.6Exercises

Chapter14RepresentingIdentity

14.1WhatIsIdentity?

14.2FilesandObjects

14.3Users

14.4GroupsandRoles

14.5NamingandCertificates

14.6IdentityontheWeb

14.7Summary

14.8ResearchIssues

14.9FurtherReading

14.10Exercises

Chapter15AccessControlMechanisms

15.1AccessControlLists

15.2Capabilities

15.3LocksandKeys

15.4Ring-BasedAccessControl

15.5PropagatedAccessControlLists

15.6Summary

15.7ResearchIssues

15.8FurtherReading

15.9Exercises

Chapter16InformationFlow

16.1BasicsandBackground

16.2NonlatticeInformationFlowPolicies

16.3Compiler-BasedMechanisms

16.4Execution-BasedMechanisms

16.5ExampleInformationFlowControls

16.6Summary

16.7ResearchIssues

16.8FurtherReading

16.9Exercises

Chapter17ConfinementProblem

17.1TheConfinementProblem

17.2Isolation

17.3CovertChannels

17.4Summary

17.5ResearchIssues

17.6FurtherReading

17.7Exercises

PART6:ASSURANCEContributedbyElisabethSullivan

Chapter18IntroductiontoAssurance

18.1AssuranceandTrust

18.2BuildingSecureandTrustedSystems

18.3Summary

18.4ResearchIssues

18.5FurtherReading

18.6Exercises

Chapter19BuildingSystemswithAssurance

19.1AssuranceinRequirementsDefinitionandAnalysis

19.2AssuranceDuringSystemandSoftwareDesign

19.3AssuranceinImplementationandIntegration

19.4AssuranceDuringOperationandMaintenance

19.5Summary

19.6ResearchIssues

19.7FurtherReading

19.8Exercises

Chapter20FormalMethods

20.1FormalVerificationTechniques

20.2FormalSpecification

20.3EarlyFormalVerificationTechniques

20.4CurrentVerificationSystems

20.5Summary

20.6ResearchIssues

20.7FurtherReading

20.8Exercises

Chapter21EvaluatingSystems

21.1GoalsofFormalEvaluation

21.2TCSEC:1983-1999

21.3InternationalEffortsandtheITSEC:1991-2001

21.4CommercialInternationalSecurityRequirements:1991

21.5OtherCommercialEfforts:Early1990s

21.6TheFederalCriteria:1992

21.7FIPS140:1994-Present

21.8TheCommonCriteria:1998-Present

21.9SSE-CMM:1997-Present

21.10Summary

21.11ResearchIssues

21.12FurtherReading

21.13Exercises

PART7:SPECIALTOPICS

Chapter22MaliciousLogic

22.1Introduction

22.2TrojanHorses

22.3ComputerViruses

22.4ComputerWorms

22.5OtherFormsofMaliciousLogic

22.6TheoryofMaliciousLogic

22.7Defenses

22.8Summary

22.9ResearchIssues

22.10FurtherReading

22.11Exercises

Chapter23VulnerabilityAnalysis

23.1Introduction

23.2PenetrationStudies

23.3VulnerabilityClassification

23.4Frameworks

23.5GuptaandGligor'sTheoryofPenetrationAnalysis

23.6Summary

23.7ResearchIssues

23.8FurtherReading

23.9Exercises

Chapter24Auditing

24.1Definitions

24.2AnatomyofanAuditingSystem

24.3DesigninganAuditingSystem

24.4APosterioriDesign

24.5AuditingMechanisms

24.6Examples:AuditingFileSystems

24.7AuditBrowsing

24.8Summary

24.9ResearchIssues

24.10FurtherReading

24.11Exercises

Chapter25IntrusionDetection

25.1Principles

25.2BasicIntrusionDetection

25.3Models

25.4Architecture

25.5OrganizationofIntrusionDetectionSystems

25.6IntrusionResponse

25.7Summary

25.8ResearchIssues

25.9FurtherReading

25.10Exercises

PART8:PRACTICUM

Chapter26NetworkSecurity

26.1Introduction

26.2PolicyDevelopment

26.3NetworkOrganization

26.4AvailabilityandNetworkFlooding

26.5AnticipatingAttacks

26.6Summary

26.7ResearchIssues

26.8FurtherReading

26.9Exercises

Chapter27SystemSecurity

27.1Introduction

27.2Policy

27.3Networks

27.4Users

27.5Authentication

27.6Processes

27.7Files

27.8Retrospective

27.9Summary

27.10ResearchIssues

27.11FurtherReading

27.12Exercises

Chapter28UserSecurity

28.1Policy

28.2Access

28.3FilesandDevices

28.4Processes

28.5ElectronicCommunications

28.6Summary

28.7ResearchIssues

28.8FurtherReading

28.9Exercises

Chapter29ProgramSecurity

29.1Introduction

29.2RequirementsandPolicy

29.3Design

29.4RefinementandImplementation

29.5CommonSecurity-RelatedProgrammingProblems

29.6Testing,Maintenance,andOperation

29.7Distribution

29.8Conclusion

29.9Summary

29.10ResearchIssues

29.11FurtherReading

29.12Exercises

PART9:ENDMATTER

Chapter30Lattices

30.1Basics

30.2Lattices

30.3Exercises

Chapter31TheExtendedEuclideanAlgorithm

31.1TheEuclideanAlgorithm

31.2TheExtendedEuclideanAlgorithm

31.3Solvingaxmodn=1

31.4Solvingaxmodn=b

31.5Exercises

Chapter32EntropyandUncertainty

32.1ConditionalandJointProbability

32.2EntropyandUncertainty

32.3JointandConditionalEntropy

32.4Exercises

Chapter33VirtualMachines

33.1VirtualMachineStructure

33.2VirtualMachineMonitor

33.3Exercises

Chapter34SymbolicLogic

34.1PropositionalLogic

34.2PredicateLogic

34.3TemporalLogicSystems

34.4Exercises

Chapter35ExampleAcademicSecurityPolicy

35.1UniversityofCaliforniaE-mailPolicy

35.2TheAcceptableUsePolicyfortheUniversityofCalifomia,Davis

Bibliography

Index