Engineering information security : the application of systems engineering concepts to achieve information assurance /: the application of systems engineering concepts to achieve information assurance. (2015)
- Record Type:
- Book
- Title:
- Engineering information security : the application of systems engineering concepts to achieve information assurance /: the application of systems engineering concepts to achieve information assurance. (2015)
- Main Title:
- Engineering information security : the application of systems engineering concepts to achieve information assurance
- Further Information:
- Note: Stuart Jacobs.
- Authors:
- Jacobs, Stuart
- Contents:
- Preface and Acknowledgments xxiii About the Companion Website xxvii 1 WHAT IS SECURITY? 1 1.1 Introduction 1 1.2 The Subject of Security 2 1.2.1 Branches of Security 2 1.2.2 Defining Security by Function 5 1.2.3 The Common Body of Knowledge (CBK) Security Domains 8 1.3 A Twenty-First Century Tale 15 1.3.1 The Actors 15 1.3.2 What Actually Occurred 17 1.3.3 How Could All This Have Been Prevented? 19 1.3.4 They Did Not Live Happily Ever After 20 1.4 Why Are You Important to Computer Security? 21 1.4.1 What Are the Threats to Your Computer? 22 1.4.2 As a User, What to Do? 23 1.4.3 The Reality of Cybercrime and Cyberwarfare 23 1.5 End of the Beginning 25 1.6 Chapter Summary 29 1.7 Further Reading and Resources 30 2 SYSTEMS ENGINEERING 31 2.1 So What Is Systems Engineering? 31 2.1.1 Similar Systems Engineering Process 32 2.1.2 Another Systems Engineering View 38 2.1.3 Process Variations 41 2.2 Process Management 41 2.2.1 ISO 9000 Processes and Procedures 41 2.2.2 Capability Maturity Model (CMM) 43 2.3 Organization Environments 46 2.3.1 Economic, Legal, and Political Contexts 47 2.3.2 Business/Organizational Types 52 2.3.3 National Critical Infrastructure 56 2.4 Chapter Summary 59 2.5 Further Reading and Resources 59 3 FOUNDATION CONCEPTS 61 3.1 Security Concepts and Goals 62 3.1.1 Subjects and Objects 63 3.1.2 What Is Trust? 63 3.1.3 Domains, Security, and Trust 64 3.1.4 Security Goals/Objectives 65 3.1.5 X.800 Security Services 66 3.1.6 A Modern Definition of Security ServicesPreface and Acknowledgments xxiii About the Companion Website xxvii 1 WHAT IS SECURITY? 1 1.1 Introduction 1 1.2 The Subject of Security 2 1.2.1 Branches of Security 2 1.2.2 Defining Security by Function 5 1.2.3 The Common Body of Knowledge (CBK) Security Domains 8 1.3 A Twenty-First Century Tale 15 1.3.1 The Actors 15 1.3.2 What Actually Occurred 17 1.3.3 How Could All This Have Been Prevented? 19 1.3.4 They Did Not Live Happily Ever After 20 1.4 Why Are You Important to Computer Security? 21 1.4.1 What Are the Threats to Your Computer? 22 1.4.2 As a User, What to Do? 23 1.4.3 The Reality of Cybercrime and Cyberwarfare 23 1.5 End of the Beginning 25 1.6 Chapter Summary 29 1.7 Further Reading and Resources 30 2 SYSTEMS ENGINEERING 31 2.1 So What Is Systems Engineering? 31 2.1.1 Similar Systems Engineering Process 32 2.1.2 Another Systems Engineering View 38 2.1.3 Process Variations 41 2.2 Process Management 41 2.2.1 ISO 9000 Processes and Procedures 41 2.2.2 Capability Maturity Model (CMM) 43 2.3 Organization Environments 46 2.3.1 Economic, Legal, and Political Contexts 47 2.3.2 Business/Organizational Types 52 2.3.3 National Critical Infrastructure 56 2.4 Chapter Summary 59 2.5 Further Reading and Resources 59 3 FOUNDATION CONCEPTS 61 3.1 Security Concepts and Goals 62 3.1.1 Subjects and Objects 63 3.1.2 What Is Trust? 63 3.1.3 Domains, Security, and Trust 64 3.1.4 Security Goals/Objectives 65 3.1.5 X.800 Security Services 66 3.1.6 A Modern Definition of Security Services 69 3.2 Role of Cryptography in Information Security 77 3.2.1 Cryptographic Hash Algorithms 81 3.2.2 Encryption Algorithms 86 3.2.3 Cryptanalysis and Other Key Issues 101 3.2.4 Key Management 108 3.2.5 Cryptographic Authentication 112 3.3 Key Management Revisited 120 3.4 Chapter Summary 121 3.5 Further Reading and Resources 122 4 AUTHENTICATION OF SUBJECTS 123 4.1 Authentication Systems 123 4.1.1 Kerberos-Based Authentication 124 4.1.2 Public-Key Infrastructure 128 4.1.3 Remote Authentication Dial-in User Service and EAP 144 4.1.4 Diameter 149 4.1.5 Secure Electronic Transactions (SET) 150 4.1.6 Authentication Systems Summary 154 4.2 Human Authentication 154 4.2.1 What the Subject Has Factor 155 4.2.2 What the Subject Knows Factor 155 4.2.3 What the Subject Is Factor 156 4.2.4 Where the Subject Is Factor 157 4.2.5 Combinations of Factors 157 4.2.6 Rainbow Tables 158 4.2.7 Proxies for Humans 159 4.3 Chapter Summary 167 4.4 Further Reading and Resources 168 5 SECURITY SYSTEMS ENGINEERING 169 5.1 Security Policy Development 170 5.2 Senior Management Oversight and Involvement 170 5.3 Security Process Management and Standards 170 5.3.1 ISO 27002 172 5.3.2 ISO 27001 185 5.3.3 Policy Hierarchy 186 5.3.4 An Enterprise Security Policy Example 189 5.3.5 COBIT 189 5.3.6 Information Technology Infrastructure Library 194 5.3.7 Federal Information Security Management Act (FISMA) 196 5.4 Information Security Systems Engineering Methodology 199 5.4.1 Existing Asset Inventory and Classification 201 5.4.2 Vulnerabilities, Threats, and Risk 203 5.4.3 Dealing with Risk 224 5.4.4 Risk Management Framework 232 5.4.5 Risk Assignment 240 5.5 Requirements Analysis and Decomposition 240 5.6 Access Control Concepts 244 5.6.1 Subjects, Objects, and Access Operations 245 5.6.2 Mandatory Access Control using a Matrix or Lattice Approach 246 5.6.3 Discretionary Access Control using an Access Control List Approach 246 5.6.4 Mandatory Access Control using a Capability List Approach 247 5.6.5 Administrative Tasks in Access Control Methods 248 5.6.6 Role-Based Access Control (RBAC) 249 5.7 Security Modeling and Security-Related Standards 251 5.7.1 Confidentiality Policies and Integrity Policies 252 5.7.2 Bell–LaPadula Model 253 5.7.3 Graham–Denning Confidentiality Model 254 5.7.4 Chinese Wall Multilateral Confidentiality Model 255 5.7.5 Biba Integrity Model 256 5.7.6 Clark–Wilson Model 256 5.7.7 Security Model Summary 258 5.7.8 Security Standards 259 5.8 Chapter Summary 265 5.8.1 Things to Remember 266 6 TRADITIONAL NETWORK CONCEPTS 269 6.1 Networking Architectures 269 6.1.1 OSI Network Model 270 6.1.2 Internet Network Model 272 6.2 Types of Networks 274 6.2.1 Local Area Network (LAN) 274 6.2.2 Wireless LAN (WLAN) 277 6.2.3 Metropolitan Area Networks (MAN) 277 6.2.4 Wide Area Networks (WAN) 278 6.2.5 The Internet 279 6.2.6 Circuit Switched Networks 279 6.2.7 Supervisory Control and Data Acquisition (SCADA) Systems 284 6.2.8 Sensor Networks 288 6.2.9 Clouds 289 6.2.10 Cellular Networks 294 6.2.11 IEEE 802.16 Networks 295 6.2.12 Long-Term Evolution Networks 295 6.3 Network Protocols 295 6.3.1 Layer 1—Physical 296 6.3.2 Layer 2—Data Link Protocols 296 6.3.3 Layer 3—Internetworking Layer Protocols 310 6.3.4 Layer 4—Transport 332 6.3.5 Layer 5—User Application Protocols 342 6.3.6 Layer 5—Signaling and Control Application Protocols 349 6.3.7 Layer 5—Management Application Protocols 363 6.4 Chapter Summary 368 6.5 Further Reading and Resources 370 7 NEXT-GENERATION NETWORKS 371 7.1 Framework and Topology of the NGN 372 7.1.1 Functional Entities and Groups 372 7.1.2 Domains 373 7.1.3 Interfaces 374 7.1.4 Protocol Layers, Functional Planes, and Interfaces 376 7.2 The NGN Functional Reference Model 380 7.2.1 Strata 380 7.2.2 Management Functional Group 381 7.2.3 Application Functional Group 381 7.2.4 The Transport Stratum 381 7.2.5 The Service Stratum 385 7.2.6 The Service Stratum and the IP Multimedia Subsystem (IMS) 385 7.3 Relationship Between NGN Transport and Service Domains 389 7.4 Enterprise Role Model 390 7.5 Security Allocation within the NGN Transport Stratum Example 393 7.6 Converged Network Management (TMN and eTOM) 393 7.7 General Network Security Architectures 401 7.7.1 The ITU-T X.800 Generic Architecture 402 7.7.2 The Security Frameworks (X.810–X.816) 402 7.7.3 The ITU-T X.805 Approach to Security 403 7.8 Chapter Summary 405 7.9 Further Reading and Resources 405 8 GENERAL COMPUTER SECURITY ARCHITECTURE 409 8.1 The Hardware Protects the Software 410 8.1.1 Processor States and Status 411 8.1.2 Memory Management 412 8.1.3 Interruption of Processor Activity 420 8.1.4 Hardware Encryption 421 8.2 The Software Protects Information 424 8.3 Element Security Architecture Description 426 8.3.1 The Kernel 429 8.3.2 Security Contexts 430 8.3.3 Security-Critical Functions 432 8.3.4 Security-Related Functions 435 8.4 Operating System (OS) Structure 435 8.4.1 Security Management Function 437 8.4.2 Networking Subsystem Function 437 8.5 Security Mechanism … (more)
- Edition:
- 2nd edition
- Publisher Details:
- Hoboken : Wiley-IEEE Press
- Publication Date:
- 2015
- Extent:
- 1 online resource, illustrations
- Subjects:
- 005.8
Computer security
Computer networks -- Security measures
Information technology -- Security measures
Data protection - Languages:
- English
- ISBNs:
- 9781119104797
9781119104711 - Related ISBNs:
- 9781119101604
- Notes:
- Note: Description based on CIP data; item not viewed.
- Access Rights:
- Legal Deposit; Only available on premises controlled by the deposit library and to one user at any one time; The Legal Deposit Libraries (Non-Print Works) Regulations (UK).
- Access Usage:
- Restricted: Printing from this resource is governed by The Legal Deposit Libraries (Non-Print Works) Regulations (UK) and UK copyright law currently in force.
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library HMNTS - ELD.DS.43287
- Ingest File:
- 02_024.xml