计算机安全导论

章节摘录

版权页：   插图：   Fingerprints have been used in forensic work since the mid-19th century to identify criminals,but more recently,fingerprint scanners have been incorporated into electronic authentication systems as a means of granting access to specific users.Unlike signatures,fingerprints are universal except in rare cases,unique,easily collected and analyzed,and difficult to circum-vent,making them an effective biometric characteristic.While fingerprints may change slightly over time,the degree to which they change does not affect a biometric system's ability to identify the owner. Voice recognition does not score as well.While most people have a voice and are willing to use it as a means of authentication,it is often not distinctive enough to differentiate from another person's voice.In addition,the human voice changes significantly from year to year,and voice recog-nition systems can be easily circumvented using a sound recording of an authorized user. Another common biometric system uses a person's eyes as a unique characteristic.These types of scans satisfy universality,distinctiveness,permanence,and collectability,and are very difficult to circumvent.Older systems employ retinal scanning,which involves illuminating the eye with a bright sensor and capturing an image of the blood vessels in the back of the eye.Many users find retinal scanning uncomfortable or invasive,and would prefer other means of authentication.Iris scanning systems are generally better received,providing equally strong authentication by taking a high-quality photograph of the surface of the eye. Other biometric systems are more commonly used to identify people in public,rather than provide authentication for a select pool of users.

内容概要

作者：（美国）古德里奇（Michael T.Goodrich） （美国）塔玛萨（Roberto Tamassia）

书籍目录

Introduction 1.1 Fundamental Concepts 1.1.1 Confidentiality,Integrity,and Availability  1.1.2 Assurance,Authenticity,and Anonymity  1.1.3 Threats and Attacks 1.1.4 Security Principles 1.2 Access Control Models 1.2.1 Access Control Matrices 1.2.2 Access Control Lists 1.2.3 Capabilities 1.2.4 Role-Based Access Control 1.3 Cryptographic Concepts 1.3.1 Encryption 1.3.2 Digital Signatures 1.3.3 Simple Attacks on Cryptosystems 1.3.4 Cryptographic Hash Functions 1.3.5 Digital Certificates 1.4 Implementation and Usability Issues 1.4.1 Efficiency and Usability 1.4.2 Passwords 1.4.3 Social Engineering 1.4.4 Vulnerabilities from Programming Errors  1.5 Exercises Physical Security 2.1 Physical Protections and Attacks 2.2 Locks and Safes 2.2.1 Lock Technology 2.2.2 Attacks on Locks and Safes 2.2.3 The Mathematics of Lock Security 2.3 Authentication Technologies 2.3.1 Barcodes 2.3.2 Magnetic Stripe Cards 2.3.3 Smart Cards 2.3.4 RFIDs 2.3.5 Biometrics  2.4 Direct Attacks Against Computers 2.4.1 Environmental Attacks and Accidents 2.4.2 Eavesdropping 2.4.3 TEMPEST 2.4.4 Live CDs 2.4.5 Computer Forensics 2.5 Special-Purpose Machines 2.5.1 Automated Teller Machines 2.5.2 Voting Machines 2.6 Physical Intrusion Detection 2.6.1 Video Monitoring 2.6.2 Human Factors and Social Engineering 2.7 Exercises Operating Systems Security 3.1 Operating Systems Concepts 3.1.1 The Kernel and Input/Output 3.1.2 Processes 3.1.3 The Filesystem 3.1.4 Memory Management 3.1.5 Virtual Machines 3.2 Process Security 3.2.1 Inductive Trust from Start to Finish 3.2.2 Monitoring， Management， and Logging 3.3 Memory and Filesystem Security 3.3.1 Virtual Memory Security 3.3.2 Password-Based Authentication 3.3.3 Access Control and Advanced File Permissions 3.3.4 File Descriptors 3.3.5 Symbolic Links and Shortcuts 3.4 Application Program Security 3.4.1 Compiling and Linking 3.4.2 Simple Buffer Overflow Attacks 3.4.3 Stack-Based Buffer Overflow 3.4.4 Heap-Based Buffer Overflow Attacks 3.4.5 Format String Attacks 3.4.6 Race Conditions 3.5 Exercises Malware 4.1 Insider Attacks 4.1.1 Backdoors 4.1.2 Logic Bombs 4.1.3 Defenses Against Insider Attacks 4.2 Computer Viruses 4.2.1 Virus Classification 4.2.2 Defenses Against Viruses 4.2.3 Encrypted Viruses 4.2.4 Polymorphic and Metamorphic Viruses 4.3 Malware Attacks 4.3.1 Trojan Horses 4.3.2 Computer Worms 4.3.3 Rootkits 4.3.4 Zero-Day Attacks 4.3.5 Botnets 4.4 Privacy-lnvasive Software 4.4.1 Adware 4.4.2 Spyware 4.5 Countermeasures 4.5.1 Best Practices 4.5.2 The Impossibility of Detecting All Malware  4.5.3 The Malware Detection Arms Race 4.5.4 Economics of Malware 4.6 Exercises Network Security Ⅰ 5.1 Network Security Concepts 5.1.1 Network Topology 5.1.2 Internet Protocol Layers 5.1.3 Network Security Issues 5.2 The Link Layer 5.2.1 Ethernet 5.2.2 Media Access Control (MAC) Addresses 5.2.3 ARP Spoofing  5.3 The Network Layer 5.3.1 IP 5.3.2 Internet Control Message Protocol 5.3.3 IP Spoofing 5.3.4 Packet Sniffing 5.4 The Transport Layer 5.4.1 Transmission Control Protocol (TCP) 5.4.2 User Datagram Protocol (UDP) 5.4.3 Network Address Translation (NAT) 5.4.4 TCP Session Hijacking 5.5 Denial-of-Service Attacks 5.5.1 ICMP Attacks 5.5.2 SYN Flood Attacks 5.5.3 Optimistic TCP ACK Attack 5.5.4 Distributed Denial-of-Service 5.5.5 IP Traceback 5.6 Exercises 6 Network Security Ⅱ 6.1 The Application Layer and DNS 6.1.1 A Sample of Application-Layer Protocols 6.1.2 The Domain Name System (DNS) 6.1.3 DNS Attacks 6.1.4 DNSSEC 6.2 Firewalls 6.2.1 Firewall Policies 6.2.2 Stateless and Stateful Firewalls 6.3 Tunneling 6.3.1 Secure Shell (SSH) 6.3.2 IPsec 6.3.3 Virtual Private Networking (VPN) 6.4 Intrusion Detection 6.4.1 Intrusion Detection Events 6.4.2 Rule-Based Intrusion Detection 6.4.3 Statistical Intrusion Detection 6.4.4 Port Scanning 6.4.5 Honeypots 6.5 Wireless Networking 6.5.1 Wireless Technologies 6.5.2 Wired Equivalent Privacy (WEP) …… 7 Web Security 8 Cryptography 9 Security Models and Practice 10 Distributed-Applications Security

编辑推荐

《大学计算机教育国外著名教材系列:计算机安全导论(影印版)》重点介绍的不是有关安全的数学与计算知识，而是站在计算机安全的系统、技术、管理和策略的角度，为读者提供计算机安全的基本概念、计算机面临的威胁以及相应的对策，是高等学校本科生“计算机安全”课程的理想教材。

作者简介

《大学计算机教育国外著名教材系列:计算机安全导论(影印版)》旨在从应用的观点来介绍计算机安全的一般原则。通过《大学计算机教育国外著名教材系列:计算机安全导论(影印版)》，读者能熟悉常见的网络攻击，包括病毒、蠕虫、密码破解、按键记录器、拒绝服务、DNS缓存中毒、端口扫描、欺骗和网络钓鱼等，掌握与计算机和网络脆弱性相关的鉴别和防御技术，以及用于检测和修复受感染系统的方法，学习如加密、数字签名、加密协议和访问控制模型等安全系统的基本要素，同时，还将学习如锁、手机、ATM机和信用卡等相关常用物品的安全原则。

---

 计算机安全导论下载

---