Stallings' Sixth Edition: Network Security Applications & Standards - TLS, Cloud, Authentication

网络协议

需积分: 5 132 浏览量更新于2024-06-22 收藏 14.33MB PDF 举报

身份认证购VIP最低享 7 折!

领优惠券(最高得80元）

《网络安全基础：应用与标准第六版》由经验丰富的计算机科学家威廉·斯泰林斯博士编著。斯泰林斯博士拥有麻省理工学院计算机科学博士学位和圣母大学电气工程学士学位，在网络安全领域拥有超过30年的实践经验。他曾在多种计算机和操作系统上设计并实现过基于TCP/IP和OSI的协议套件，这使得本书在理论与实践之间架起了一座桥梁。该书的核心内容包括： 1. **传输层安全（TLS）**：TLS是网络通信中的一项关键技术，它提供了加密和身份验证服务，确保数据在互联网上传输过程中的隐私和完整性。它是HTTPS、FTPS等安全协议的基础，对于保护在线交易、电子邮件和其他敏感通信至关重要。 2. **云安全**：随着云计算的普及，云安全成为现代网络架构中的关键关注点。书中可能探讨了如何在云环境中实施安全策略，如数据加密、访问控制、多因素认证等，以确保云资源的安全。 3. **用户身份验证模型**：不同的身份验证方法，如用户名/密码、生物特征识别、双因素认证等，被讨论以评估其安全性和实用性。理解这些模型有助于管理员优化用户体验与安全性之间的平衡。 4. **攻击表面与攻击树**：这是网络安全分析的重要工具，通过识别系统的所有入口点和潜在威胁路径，可以帮助企业预防和应对安全攻击。书中可能详细介绍了如何构建和管理攻击树，以及如何通过它们来改进安全策略。 5. **RSA的实际应用**：RSA是一种公钥加密算法，广泛用于数据加密、数字签名和密钥交换。书中可能会介绍RSA的工作原理，以及在实际网络环境中如何有效地利用它来保护数据和通信安全。《网络安全基础：应用与标准第六版》全球版涵盖了广泛的地域，并由多位专业编辑和项目管理团队合作完成，旨在为读者提供全面且实用的网络安全知识，适合学生、专业人员和任何对网络安全感兴趣的人参考。无论是基础概念还是当前热点话题，这本书都为读者提供了一个深入理解和掌握网络安全基石的平台。

资源详情

资源推荐

Thanks also to the people who provided detailed technical reviews of one or more

chapters: Kashif Aftab, Alan Cantrell, Rajiv Dasmohapatra, Edip Demirbilek, Dan Dieterle,

Gerardo Iglesias Galvan, Michel Garcia, David Gueguen, Anasuya Threse Innocent, Dennis

Kavanagh, Duncan Keir, Robert Knox, Bo Lin, Kousik Nandy, Nickolay Olshevsky, Massi-

miliano Sembiante, Oscar So, and Varun Tewari.

Nikhil Bhargava (IIT Delhi) developed the set of online homework problems and

solutions. Professor Sreekanth Malladi of Dakota State University developed the hacking

exercises. Sanjay Rao and Ruben Torres of Purdue developed the laboratory exercises that

appear in the IRC.

The following people contributed project assignments that appear in the instructor’s

supplement: Henning Schulzrinne (Columbia University), Cetin Kaya Koc (Oregon State

University), and David Balenson (Trusted Information Systems and George Washington

University). Kim McLaughlin developed the test bank.

Finally, I thank the many people responsible for the publication of this text, all of whom

did their usual excellent job. This includes the staff at Pearson, particularly my editor Tracy

Johnson, program manager Carole Snyder, and production manager Bob Engelhardt. Thanks

also to the marketing and sales staffs at Pearson, without whose efforts this text would not

be in front of you.

aCknOwledgementS FOr the glObal editiOn

The publishers would like to thank the following for contributing to and reviewing the

Global Edition: A. Kannammal (Coimbatore Institute of Technology), Somitra Sanadhya

(IIIT Delhi), Atul Kahate (Symbiosis University and Pune University), Anwitaman Datta

(NTU Singapore), and Khyat Sharma.

PrefaCe 15

A01_STAL4855_06_GE_FM.indd 15 9/8/16 9:01 PM

18 CHAPTER 1 / INTRODUCTION

The requirements of information security within an organization have undergone two

major changes in the last several decades. Before the widespread use of data process-

ing equipment, the security of information felt to be valuable to an organization was

provided primarily by physical and administrative means. An example of the former

is the use of rugged filing cabinets with a combination lock for storing sensitive docu-

ments. An example of the latter is personnel screening procedures used during the

hiring process.

With the introduction of the computer, the need for automated tools for pro-

tecting files and other information stored on the computer became evident. This

is especially the case for a shared system, such as a time-sharing system, and the

need is even more acute for systems that can be accessed over a public telephone

network, data network, or the Internet. The generic name for the collection of tools

designed to protect data and to thwart hackers is computer security.

The second major change that affected security is the introduction of distrib-

uted systems and the use of networks and communications facilities for carrying

data between terminal user and computer and between computer and computer.

Network security measures are needed to protect data during their transmission. In

fact, the term network security is somewhat misleading, because virtually all busi-

ness, government, and academic organizations interconnect their data processing

equipment with a collection of interconnected networks. Such a collection is often

referred to as an internet,

and the term internet security is used.

We use the term internet with a lowercase “i” to refer to any interconnected collection of network.

A corporate intranet is an example of an internet. The Internet with a capital “I” may be one of the facili-

ties used by an organization to construct its internet.

Learning Objectives

After studying this chapter, you should be able to:

 Describe the key security requirements of confidentiality, integrity, and

availability.

 Describe the X.800 security architecture for OSI.

 Discuss the types of security threats and attacks that must be dealt with

and give examples of the types of threats and attacks that apply to different

categories of computer and network assets.

 Explain the fundamental security design principles.

 Discuss the use of attack surfaces and attack trees.

 List and briefly describe key organizations involved in cryptography

standards.

M01_STAL4855_06_GE_C01.indd 18 8/11/16 8:31 AM

CHAPTER 1 / INTRODUCTION 19

There are no clear boundaries between these two forms of security. For ex-

ample, a computer virus may be introduced into a system physically when it arrives

on a flash drive or an optical disk and is subsequently loaded onto a computer.

Viruses may also arrive over an internet. In either case, once the virus is resident

on a computer system, internal computer security tools are needed to detect and

recover from the virus.

This book focuses on internet security, which consists of measures to deter,

prevent, detect, and correct security violations that involve the transmission of

information. That is a broad statement that covers a host of possibilities. To give

you a feel for the areas covered in this book, consider the following examples of

security violations:

1. User A transmits a file to user B. The file contains sensitive information (e.g.,

payroll records) that is to be protected from disclosure. User C, who is not

authorized to read the file, is able to monitor the transmission and capture a

copy of the file during its transmission.

2. A network manager, D, transmits a message to a computer, E, under its man-

agement. The message instructs computer E to update an authorization file

to include the identities of a number of new users who are to be given access

to that computer. User F intercepts the message, alters its contents to add or

delete entries, and then forwards the message to E, which accepts the message

as coming from manager D and updates its authorization file accordingly.

3. Rather than intercept a message, user F constructs its own message with

the desired entries and transmits that message to E as if it had come from

managerD. Computer E accepts the message as coming from manager D and

updates its authorization file accordingly.

4. An employee is fired without warning. The personnel manager sends a mes-

sage to a server system to invalidate the employee’s account. When the invali-

dation is accomplished, the server is to post a notice to the employee’s file as

confirmation of the action. The employee is able to intercept the message and

delay it long enough to make a final access to the server to retrieve sensitive

information. The message is then forwarded, the action taken, and the confir-

mation posted. The employee’s action may go unnoticed for some consider-

able time.

5. A message is sent from a customer to a stockbroker with instructions for vari-

ous transactions. Subsequently, the investments lose value and the customer

denies sending the message.

Although this list by no means exhausts the possible types of security violations, it

illustrates the range of concerns of network security.

This chapter provides a general overview of the subject matter that struc-

tures the material in the remainder of the book. We begin with a general discussion

of network security services and mechanisms and of the types of attacks they are

designed for. Then we develop a general overall model within which the security

services and mechanisms can be viewed.

M01_STAL4855_06_GE_C01.indd 19 8/11/16 8:31 AM

剩余463页未读，继续阅读

wenda_zhang

粉丝: 0
资源: 4

Stallings' Sixth Edition: Network Security Applications & Standa...

最新资源

Stallings' Sixth Edition: Network Security Applications & Standa...

网络安全基础 标准与应用第六版

网络安全基础应用与标准（第6版）答案英文版.pdf

网络安全基础应用与标准 第6版 英文版 答案.pdf

network security essentials 6th edition pdf

怎么查看Microsoft Security Essentials是否为最新版本

springsecurity 相关书籍

获取打开此windowsdefender链接的应用

Essentials

navicat premium essentials mac16.1.3汉化包

Windows Server 2016 Essentials和Windows Server 2016的区别

conda+install+r-essentials+in+mac

android 毕设 参考文献 英语

algorithm essentials cpp

添加Xamarin.Essentials库到Xamarin.Forms项目中

lux urp essentials

Windowsserver2012

周克敏 essentials of robust control 课后解答

essentials for dummies

ffmpeg-6.0-essentials_build.zip

最新资源

网络安全基础标准与应用第六版

网络安全基础应用与标准第6版英文版答案.pdf

android 毕设参考文献英语