Scribd
Upload
2K views

Computer Security Principles and Practice 5th Edition PDF

Computer Security Principles and Practice 5th Edition

Uploaded by

pihidaw541
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
2K views

Computer Security Principles and Practice 5th Edition PDF

Computer Security Principles and Practice 5th Edition

Uploaded by

pihidaw541
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 74

Find the original Textbook (pdf) in the link below:

CLICK HERE
Pearson’s Commitment to Diversity, Equity, and
Inclusion......................................................8
Preface......................................................................
................................................................10
What’s New in the Fifth
Edition ......................................................................
....................10
Background ...............................................................
...........................................................11
Objectives.................................................................
............................................................11
Support of ACM/IEEE Cybersecurity Curricula
2017 ........................................................11
Table
P.1 ............................................................................
...........................................12
Coverage of CSEC2017 Cybersecurity
Curricula ........................................................12
Coverage of CISSP Subject
Areas ........................................................................
...............13
Support for NCAE-C
Certification ..............................................................
........................15
Plan of the
Text ...........................................................................
.........................................15
Student
Resources .................................................................
...............................................16
Instructor Support
Materials...................................................................
..............................16
Projects and Other Student
Exercises...................................................................
................17
Acknowledgments.....................................................
...........................................................18
Learning
Objectives .................................................................
............................................37
1.1 Computer Security
Concepts ..................................................................
...........................39
A Definition of Computer
Security.....................................................................
.................39
Figure 1.1 Essential Network and Computer Security
Requirements ..........................40
Examples...................................................................
...........................................................41
Confidentiality ...........................................................
.......................................................41
Integrity ....................................................................
........................................................41
An example of a low-integrity requirement is an
anonymous online poll. Many websites,
such as news organizations, offer these polls to their
users with very few safeguards.
However, the inaccuracy and unscientific nature of
such polls is well
understoodAvailability ...............................................
......................................................42
The Challenges of Computer
Security ....................................................................
.............43
Table
1.1 ............................................................................
...........................................44
Computer Security
Terminology ..............................................................
....................44
1.2 Threats, Attacks, and
Assets.......................................................................
.......................47
Threats and
Attacks......................................................................
........................................47
Confidentiality ...........................................................
.......................................................50
Integrity ....................................................................
........................................................50
Availability ................................................................
.......................................................51
Threats and
Attacks......................................................................
........................................52
Table 1.2 Threat Consequences and the Types of
Threat Actions that Cause Each
Consequence ............................................................
.....................................................52
Threats and
Assets.......................................................................
.........................................55
Figure 1.3 Scope of Computer
Security.....................................................................
...55

Page 24 of 1641

Table 1.3 Computer and Network Assets, with


Examples of Threats..........................55
Hardware ..................................................................
........................................................56
Software....................................................................
........................................................56
Data..........................................................................
.........................................................56
Communication Lines and
Networks...................................................................
............57
1.3 Security Functional
Requirements............................................................
.........................59
1.4 Fundamental Security Design
Principles..................................................................
.........62
1.5 Attack Surfaces and Attack
Trees.........................................................................
.............66
Attack
Surfaces ...................................................................
.................................................67
Figure 1.4 Defense in Depth and Attack
Surface .........................................................67
Attack
Trees ........................................................................
.................................................68
1.6 Computer Security
Strategy.....................................................................
..........................71
Security
Policy ........................................................................
.............................................72
Assurance and
Evaluation .................................................................
...................................73
1.7
Standards..................................................................
..........................................................74
1.8 Key Terms, Review Questions, and
Problems...................................................................
75
Key
Terms........................................................................
....................................................75
Review
Questions..................................................................
...............................................77
Problems...................................................................
............................................................78
2.1 Confidentiality with Symmetric
Encryption.................................................................
.....82
Symmetric
Encryption.................................................................
.........................................83
Figure
2.1 ............................................................................
..........................................83
Simplified Model of Symmetric
Encryption.................................................................
83
Symmetric Block Encryption
Algorithms.................................................................
...........84
Data Encryption
Standard....................................................................
.............................85
Triple
DES...........................................................................
.............................................86
Advanced Encryption
Standard ...................................................................
.....................87
Practical Security
Issues........................................................................
...........................87
Stream
Ciphers......................................................................
...............................................88
2.2 Message Authentication and Hash
Functions..................................................................
..90
Authentication Using Symmetric
Encryption ................................................................
......90
Message Authentication without Message
Encryption ........................................................91
Message Authentication
Code .........................................................................
.................92
One-Way Hash
Function ...................................................................
...............................94
Secure Hash
Functions..................................................................
.......................................97
Hash Function
Requirements............................................................
................................98
Security of Hash
Functions..................................................................
.............................99
Secure Hash Function
Algorithms.................................................................
...................99

Page 25 of 1641

Other Applications of Hash


Functions..................................................................
.............100
2.3 Public-Key
Encryption.................................................................
....................................101
Public-Key Encryption
Structure ...................................................................
....................102
Applications for Public-Key
Cryptosystems...........................................................
...........105
Requirements for Public-Key
Cryptography.............................................................
.........106
Asymmetric Encryption
Algorithms.................................................................
.................107
RSA ...........................................................................
.....................................................108
Diffie–Hellman Key
Agreement ................................................................
....................108
Digital Signature
Standard....................................................................
..........................108
Elliptic Curve
Cryptography ............................................................
..............................108
2.4 Digital Signatures and Key
Management .............................................................
...........110
Digital
Signature ..................................................................
..............................................110
Public-Key
Certificates ...............................................................
.......................................112
Symmetric Key Exchange Using Public-Key
Encryption .................................................114
Digital
Envelopes..................................................................
.............................................115
2.5 Random and Pseudorandom
Numbers...................................................................
..........118
The Use of Random
Numbers...................................................................
.........................118
Randomness.............................................................
.......................................................119
Unpredictability .........................................................
.....................................................120
Random versus
Pseudorandom .........................................................
.................................120
2.6 Practical Application: Encryption of Stored
Data ...........................................................121
2.7 Key Terms, Review Questions, and
Problems.................................................................1
23
Key
Terms........................................................................
..................................................123
Review
Questions..................................................................
.............................................125
Problems...................................................................
..........................................................126
A Model for Digital User
Authentication ..........................................................
................132
Means of
Authentication ..........................................................
..........................................134
Multifactor
Authentication...........................................................
......................................134
Assurance Levels for User
Authentication...........................................................
..............136
3.2 Password-Based
Authentication ..........................................................
............................137
The Vulnerability of
Passwords.................................................................
........................138
The Use of Hashed
Passwords.................................................................
..........................140
UNIX
Implementations .......................................................
...........................................143
Password Cracking of User-Chosen
Passwords.................................................................
143
Traditional
Approaches ..............................................................
....................................144
Modern
Approaches ..............................................................
.........................................145
Password File Access
Control......................................................................
......................146
Password Selection
Strategies..................................................................
..........................147

Page 26 of 1641

Rule
Enforcement..............................................................
.............................................149
Password
Checker.....................................................................
......................................149
Bloom
Filter..........................................................................
..........................................150
3.3 Token-Based
Authentication ..........................................................
.................................150
Memory
Cards........................................................................
............................................151
Smart
Cards........................................................................
................................................152
Electronic Identity
Cards........................................................................
............................154
Eid
Functions..................................................................
................................................155
Password Authenticated Connection Establishment
(PACE) ........................................157
Hardware Authentication
Tokens.......................................................................
................158
Authentication Using a Mobile
Phone .......................................................................
........161
3.4 Biometric
Authentication...........................................................
......................................163
Physical Characteristics Used in Biometric
Applications..................................................164
Operation of a Biometric Authentication
System ..............................................................166
Figure 3.8 A Generic Biometric
System.....................................................................
167
Biometric
Accuracy...................................................................
.........................................167
3.5 Remote User
Authentication...........................................................
.................................171
Password
Protocol.....................................................................
.........................................172
Figure 3.12 Basic Challenge-Response Protocols for
Remote User Authentication..172
Token
Protocol ....................................................................
...............................................173
Static Biometric
Protocol ....................................................................
...............................174
Dynamic Biometric
Protocol.....................................................................
.........................175
3.6 Security Issues for User
Authentication ..........................................................
................176
3.7 Practical Application: An Iris Biometric
System.............................................................179
3.8 Case Study: Security Problems for ATM
Systems..........................................................182
3.9 Key Terms, Review Questions, and
Problems.................................................................1
84
Key
Terms........................................................................
..................................................184
Review
Questions..................................................................
.............................................185
Problems...................................................................
..........................................................186
Learning
Objectives .................................................................
..........................................189
4.1 Access Control
Principles..................................................................
..............................191
Access Control
Context.....................................................................
.................................192
Figure 4.1 Relationship among Access Control and
Other Security Functions .........192
Access Control
Policies......................................................................
................................194
4.2 Subjects, Objects, and Access
Rights .......................................................................
.......195
4.3 Discretionary Access
Control .....................................................................
.....................196
Figure 4.2 Example of Access Control
Structures......................................................196
Table 4.2 Authorization Table for Files in Figure
4.2 ................................................198

Page 27 of 1641

An Access Control
Model........................................................................
..........................199
Figure 4.3 Extended Access Control
Matrix...............................................................199
Figure 4.4 An Organization of the Access Control
Function .....................................200
Table 4.3 Access Control System
Commands............................................................20
1
The ability of one subject to create another subject
and to have ‘owner’ access right to
that subject can be used to define a hierarchy of
subjects. For example, in Figure 4.3,
owns and so and are subordinate to By the rules of
Table 4.3, can grant and delete to
access rights that already has. Thus, a subject can
create another subject with a subset
of its own access rights. This might be useful, for
example, if a subject is invoking an
application that is not fully trusted and does not want
that application to be able to
transfer access rights to other
subjects....................................................................
....202
Protection
Domains....................................................................
........................................203
4.4 Example: UNIX File Access
Control .....................................................................
.........204
Traditional UNIX File Access
Control .....................................................................
.........205
Figure 4.5 UNIX File Access
Control .....................................................................
...205
Access Control Lists in
UNIX .........................................................................
..................207
4.5 Mandatory Access
Control .....................................................................
.........................208
Bell-LaPadula (BLP)
Model .......................................................................
.......................209
4.6 Role-Based Access
Control .....................................................................
........................210
Figure 4.7 Access Control Matrix Representation of
RBAC .....................................212
4.6 Role Base Access
Control......................................................................
......................212
RBAC Reference
Models......................................................................
.............................212
Figure 4.8 A Family of Role-Based Access Control
Models .....................................213
Base
Model—.....................................................................
............................................213
Role
Hierarchies— ............................................................
.............................................214
Figure 4.9 Example of Role
Hierarchy ..................................................................
.....214
Constraints—............................................................
......................................................215
4.7 Attribute-Based Access
Control .....................................................................
.................217
Attributes..................................................................
..........................................................218
ABAC Logical
Architecture...............................................................
................................219
Figure 4.10 ABAC
Scenario ...................................................................
....................219
ABAC
Policies......................................................................
.............................................222
4.8 Identity, Credential, and Access
Management .............................................................
...225
Figure 4.12 Identity, Credential, and Access
Management (ICAM)..........................225
Identity
Management..............................................................
............................................226
Credential
Management .............................................................
........................................227
Access
Management..............................................................
.............................................228
Identity
Federation ................................................................
.............................................229
4.9 Trust
Frameworks...............................................................
.............................................230
Traditional Identity Exchange
Approach ..................................................................
.........231

Page 28 of 1641

Figure 4.13 Identity Information Exchange


Approaches............................................231
Open Identity Trust
Framework................................................................
.........................234
4.10 Case Study: RBAC System for a
Bank..........................................................................
237
Table 4.5 Functions and Roles for Banking
Example ................................................237
Figure 4.14 Example of Access Control
Administration............................................239
4.11 Key Terms, Review Questions, and
Problems...............................................................24
0
Key
Terms........................................................................
..................................................240
Review
Questions..................................................................
.............................................242
Problems...................................................................
..........................................................243
Figure 4.15 VAX/VMS Access
Modes ......................................................................
244
Learning
Objectives .................................................................
..........................................246
5.1 The Need for Database
Security ....................................................................
..................248
5.2 Database Management
Systems....................................................................
...................249
5.3 Relational
Databases.................................................................
.......................................251
Elements of a Relational Database
System .....................................................................
...253
Table 5.1 Basic Terminology for Relational
Databases .............................................253
Structured Query
Language ..................................................................
.............................255
5.4 SQL Injection
Attacks......................................................................
................................256
A Typical SQLi
Attack .......................................................................
...............................257
The Injection
Technique..................................................................
...................................259
SQLi Attack Avenues and
Types.........................................................................
..............260
SQLi
Countermeasures .....................................................
.................................................262
5.5 Database Access
Control .....................................................................
............................263
SQL-Based Access
Definition ..................................................................
.........................264
Cascading
Authorizations ...........................................................
.......................................266
Figure 5.6 Teri Revokes Privilege from
David...........................................................266
Role-Based Access
Control......................................................................
..........................268
Table 5.2 Fixed Roles in Microsoft SQL
Server ........................................................268
5.6
Inference ..................................................................
........................................................271
Figure 5.7 Indirect Information Access via Inference
Channel..................................271
5.7 Database
Encryption ................................................................
........................................275
Figure 5.10 Encryption Scheme for Database of Figure
5.3.......................................277
5.8 Data Center
Security ....................................................................
....................................280
Data Center
Elements...................................................................
......................................281
Figure 5.11 Key Data Center
Elements ..................................................................
....281
Data Center Security
Considerations ..........................................................
.......................282
Figure 5.12 Data Center Security
Model ....................................................................28
3
TIA-
492............................................................................
..................................................283

Page 29 of 1641

Table 5.4 Data Center Tiers Defined in TIA-


942 .......................................................284
5.9 Key Terms, Review Questions, and
Problems.................................................................2
86
Key
Terms........................................................................
..................................................286
Review
Questions..................................................................
.............................................287
Problems...................................................................
..........................................................288
Learning
Objectives .................................................................
..........................................294
Learning
Objectives .................................................................
..........................................297
A Broad Classification of
Malware....................................................................
................301
Attack
Kits............................................................................
..............................................302
Attack
Sources.....................................................................
...............................................303
Macro and Scripting
Viruses......................................................................
........................310
A Brief History of Worm
Attacks......................................................................
................321
State of Worm
Technology ...............................................................
.................................324
Mobile
Code.........................................................................
..............................................325
Clickjacking ..............................................................
.........................................................328
6.5 Propagation—Social Engineering—Spam E-Mail,
Trojans............................................329
Trojan
Horses.......................................................................
..............................................332
Mobile Phone
Trojans......................................................................
..................................334
Figure 8.9 Snort
Architecture ..............................................................
.......................468
Circuit-Level
Gateway ...................................................................
....................................497
Figure 13.11 IoT Gateway Security
Functions...........................................................771
Figure 14.5 Judgment about Risk
Treatment..............................................................81
9
Review
Questions..................................................................
.............................................864
Problems...................................................................
..........................................................865
Table 16.1 Characteristics of Natural
Disasters..........................................................871
Table 16.3 Saffir/Simpson Hurricane
Scale................................................................873
Table 16.4 Temperature Thresholds for Damage to
Computing Resources...............875
Figure 16.1 Standard Fire Temperature–Time Relations
Used for Testing of Building
Elements...................................................................
...................................................877
Table 16.6 Degrees of Security and Control for
Protected Areas [ARMY10]...........896
Table 17.1 Comparative
Framework ................................................................
..........908
Table 17.3 Examples of Possible Information Flow to
and from the Incident-Handling
Service......................................................................
...................................................935
Table 18.1 Security Audit Terminology (RFC
4949).................................................943
Figure 18.1 Security Audit and Alarms Model
(X.816).............................................946
Figure 18.2 Distributed Audit Trail Model
(X.816) ...................................................947
Figure 18.3 Common Criteria Security Audit Class
Decomposition .........................949
Table 18.2 Auditable Items Suggested in
X.816 ........................................................954

Page 30 of 1641

Monitoring Areas Suggested in ISO


27002 ................................................................955
Figure 18.4 Examples of Audit
Trails.........................................................................
956
Table 18.4 Windows Event Schema
Elements ...........................................................961
Figure 18.5 Windows System Log Entry
Example ....................................................963
Figure
18.6 ..........................................................................
........................................967
Examples of Syslog
Messages..................................................................
..................967
Table 18.5 UNIX Syslog Facilities and Severity
Levels............................................968
Figure 18.9 Run-Time Environment for Application
Auditing ..................................976
Table
19.1 ..........................................................................
.........................................996
Cybercrimes Cited in the Convention on
Cybercrime ................................................996
Table 19.2 CERT 2007 E-Crime Watch Survey
Results............................................999
Figure 19.2 DRM
Components..............................................................
...................1011
Figure 19.4 Common Criteria Privacy Class
Decomposition...................................1019
Figure 19.6 ACM Code of Ethics and Professional
Conduct ...................................1030
Figure 19.8 AITP Standard of
Conduct ....................................................................
1032
Table 20.1 Types of Attacks on Encrypted
Messages..............................................1048
Triple
DES...........................................................................
.............................................1056
Figure 20.2 Triple
DES...........................................................................
..................1056
The SHA Secure Hash
Function ...................................................................
...................1103
Table
21.1 ..........................................................................
.......................................1104
Comparison of SHA
Parameters................................................................
...............1104
HMAC
Algorithm ..................................................................
..........................................1112
Figure 21.4 HMAC
Structure ...................................................................
................1112
Figure 21.5 OCB Encryption and
Authentication.....................................................111
8
Figure
21.6 ..........................................................................
......................................1122
OCB
Algorithms.................................................................
......................................1122
Description of the
Algorithm ..................................................................
.........................1124
Figure 21.8 Example of RSA
Algorithm ..................................................................
1126
Timing
Attacks .....................................................................
........................................1129
21.5 Diffie-hellman and Other Asymmetric
Algorithms.....................................................1132
Diffie-Hellman Key
Exchange...................................................................
......................1132
21.5 Diffie-hellman and Other Asymmetric
Algorithms.....................................................1132
Diffie-Hellman Key
Exchange...................................................................
......................1132
The
Algorithm ..................................................................
............................................1133
Figure 21.9 The Diffie-Hellman Key Exchange
Algorithm .....................................1134
Key Exchange
Protocols...................................................................
............................1135
Figure
21.10 ........................................................................
......................................1135
Other Public-Key Cryptography
Algorithms.................................................................
..1140

Page 31 of 1641
Digital Signature
Standard....................................................................
........................1034
Elliptic-Curve
Cryptography ............................................................
............................1034
Post-Quantum
Cryptography.............................................................
...........................1034
21.6 Key Terms, Review Questions, and
Problems.............................................................114
1
Key
Terms........................................................................
................................................1141
Problems...................................................................
........................................................1143
MIME.........................................................................
......................................................1150
S/MIME......................................................................
......................................................1151
Table 22.1 S/MIME Content
Types.........................................................................
.1152
Figure 22.1 Simplified S/MIME Functional
Flow....................................................1153
Signed and Clear-Signed
Data..........................................................................
............1154
Enveloped
Data..........................................................................
...................................1155
Public-Key
Certificates................................................................
.................................1155
22.2 Domainkeys Identified
Mail ..........................................................................
..............1156
Internet Mail
Architecture...............................................................
.................................1157
Figure 22.2 Function Modules and Standardized
Protocols Used Between Them in the
Internet Mail
Architecture...............................................................
..........................1159
DKIM
Strategy.....................................................................
............................................1161
Figure 22.3 Simple Example of DKIM
Deployment................................................1162
22.3 Secure Sockets Layer (SSL) and Transport Layer
Security (TLS)..............................1164
TLS
Architecture...............................................................
...............................................1165
Figure 22.4 SSL/TLS Protocol
Stack........................................................................
1165
TLS
Protocols...................................................................
................................................1167
Record
Protocol ....................................................................
........................................1167
Figure 22.5 TLS Record Protocol
Operation............................................................116
7
Change Cipher Spec
Protocol.....................................................................
..................1168
Alert
Protocol ....................................................................
...........................................1168
Handshake
Protocol.....................................................................
.................................1169
Figure 22.6 Handshake Protocol
Action...................................................................11
70
Heartbeat
Protocol ....................................................................
....................................1172
SSL/TLS
Attacks......................................................................
........................................1174
Attack
Categories ................................................................
.........................................1174
Heartbleed................................................................
.....................................................1176
Figure 22.7 The Heartbleed
Exploit.......................................................................
...1177
22.4
HTTPS .......................................................................
..................................................1179
Connection
Initiation....................................................................
....................................1180
Connection
Closure .....................................................................
.....................................1181
22.5 IPv4 and IPv6
Security ....................................................................
............................1182

Page 32 of 1641

IP Security
Overview ...................................................................
....................................1182
Applications of
IPsec.........................................................................
...........................1183
Benefits of
IPsec.........................................................................
..................................1184
Routing
Applications..............................................................
......................................1184
The Scope of
IPsec.........................................................................
..................................1186
Security
Associations..............................................................
.........................................1187
Encapsulating Security
Payload .....................................................................
..................1189
Figure 22.8 IPsec ESP
Format.......................................................................
...........1190
Transport and Tunnel
Modes .......................................................................
....................1191
Transport
Mode ........................................................................
....................................1191
Tunnel
Mode.........................................................................
........................................1191
22.6 Key Terms, Review Questions, and
Problems.............................................................119
3
Key
Terms........................................................................
................................................1193
Review
Questions..................................................................
...........................................1194
Figure 22.9 Antireplay
Mechanism ...............................................................
...........1196
Chapter 23Internet Authentication AChapter 23
Internet Authentication Applicationsications
.................................................................................
.............................................................1198
Learning
Objectives .................................................................
........................................1198
23.1
Kerberos....................................................................
...................................................1199
The Kerberos
Protocol ....................................................................
.................................1200
Figure 23.1 Overview of
Kerberos ...................................................................
........1201
Kerberos Realms and Multiple
Kerberi ......................................................................
.....1207
Figure 23.2 Request for Service in Another
Realm..................................................1208
Version 4 and Version
5................................................................................
...................1210
Performance
Issues........................................................................
...................................1211
23.2
X.509.........................................................................
...................................................1212
Figure 23.3 X.509
Formats.....................................................................
..................1213
Public Key Infrastructure X.509
(PKIX) ........................................................................
.1217
Figure 23.4 PKIX Architectural
Model ....................................................................12
18
23.4 Key Terms, Review Questions, and
Problems.............................................................122
0
Key
Terms........................................................................
................................................1220
Review
Questions..................................................................
...........................................1221
Problems...................................................................
.......................................................1222
ChapterChapter
24 .............................................................................
..................................1225
Wireless Network Securityeless Network
Security .............................................................1225
Learning
Objectives .................................................................
........................................1226
24.1 Wireless
Security ....................................................................
.....................................1227
Figure 24.1 Wireless Networking
Components........................................................122
8

Page 33 of 1641
Wireless Network
Threats......................................................................
..........................1229
Wireless Security
Measures ..................................................................
...........................1231
Securing Wireless
Transmissions...........................................................
......................1231
Securing Wireless Access
Points........................................................................
..........1232
Securing Wireless
Networks ..................................................................
......................1232
24.2 Mobile Device
Security ....................................................................
...........................1233
Security
Threats......................................................................
..........................................1235
Lack of Physical Security
Controls ....................................................................
..........1235
Use of Untrusted Mobile
Devices .....................................................................
...........1235
Use of Untrusted
Networks ..................................................................
........................1236
Use of Untrusted
Applications ..............................................................
.......................1236
Interaction with Other
Systems ....................................................................
................1236
Use of Untrusted
Content ....................................................................
.........................1236
Use of Location
Services.....................................................................
.........................1237
Mobile Device Security
Strategy ....................................................................
.................1238
Figure 24.2 Mobile Device Security
Elements.........................................................1238
Device
Security.....................................................................
........................................1239
Traffic
Security.....................................................................
........................................1240
Barrier
Security.....................................................................
........................................1241
24.3 IEEE 802.11 Wireless LAN
Overview...................................................................
.....1242
Table 24.1 IEEE 802.11
Terminology...............................................................
.......1242
The Wi-Fi
Alliance.....................................................................
......................................1243
IEEE 802 Protocol
Architecture...............................................................
........................1244
Figure 24.3 IEEE 802.11 Protocol
Stack ..................................................................124
4
Physical
Layer .........................................................................
.....................................1245
Medium Access
Control .....................................................................
..........................1245
Figure 24.4 General IEEE 802 MPDU
Format.........................................................1246
Logical Link
Control .....................................................................
...............................1246
IEEE 802.11 Network Components and Architectural
Model.........................................1247
Figure 24.5 IEEE 802.11 Extended Service
Set .......................................................1248
IEEE 802.11
Services.....................................................................
..................................1251
Table 24.2 IEEE 802.11
Services ....................................................................
.........1251
Distribution of Messages Within a
DS .........................................................................12
52
Association-Related
Services ....................................................................
...................1252
24.4 IEEE 802.11i Wireless LAN
Security ....................................................................
.....1255
Figure 24.6 Elements of IEEE
802.11i .....................................................................
1257
IEEE 802.11i Phases of
Operation..................................................................
.................1259
Figure 24.7 IEEE 802.11i Phases of
Operation ........................................................1261

Page 34 of 1641

Discovery
Phase .......................................................................
........................................1263
Figure 24.8 IEEE 802.11i Phases of Operation:
Capability Discovery, Authentication,
and
Association................................................................
.........................................1263
Security
Capabilities...............................................................
......................................1264
MPDU
Exchange...................................................................
.......................................1265
Authentication
Phase........................................................................
................................1268
IEEE 802.1X Access Control
Approach ..................................................................
....1268
Figure 24.9 802.1X Access
Control......................................................................
....1269
MPDU
Exchange...................................................................
.......................................1269
EAP
Exchange...................................................................
...........................................1270
Key Management
Phase .......................................................................
............................1272
Figure 24.10 IEEE 802.11i Key
Hierarchies ............................................................1
272
Table 24.3 IEEE 802.11i Keys for Data Confidentiality
and Integrity Protocols ....1273
Pairwise
Keys..........................................................................
.....................................1275
Group
Keys..........................................................................
.........................................1276
Pairwise Key
Distribution ...............................................................
.............................1276
Figure 24.11 IEEE 802.11i Phases of Operation: 4-Way
Handshake and Group Key
Handshake................................................................
.................................................1278
Protected Data Transfer
Phase .......................................................................
..................1280
TKIP ..........................................................................
...................................................1280
CCMP........................................................................
...................................................1281
The IEEE 802.11i Pseudorandom
Function....................................................................
.1282
Figure 24.12 IEEE 802.11i Pseudorandom
Function ...............................................1283
24.5 Key Terms, Review Questions, and
Problems.............................................................128
4
Key
Terms........................................................................
................................................1284
Review
Questions..................................................................
...........................................1286
Problems...................................................................
........................................................1287
Figure 24.13 WEP
Authentication...........................................................
.................1288
Appendix A: Projects and Other Student Exercises for
Teaching Computer Security........1290
A.1 Hacking
Project.......................................................................
......................................1292
A.2 Laboratory
Exercises...................................................................
..................................1294
A.3 Security Education (Seed)
Projects.....................................................................
..........1295
Table A.1 Mapping of SEED Labs to Textbook
Chapters .......................................1296
A.4 Research
Projects.....................................................................
.....................................1299
A.5 Programming
Projects.....................................................................
..............................1300
A.6 Practical Security
Assessments.............................................................
........................1301
A.7 Firewall
Projects ....................................................................
.......................................1302
A.8 Case
Studies......................................................................
............................................1303
Page 35 of 1641

A.9 Reading/Report
Assignments..............................................................
..........................1304
A.10 Writing
Assignments..............................................................
.....................................1305
Appendix B: Some Aspects of Number
Theory ..................................................................13
06
B.1 Prime and Relatively Prime
Numbers...................................................................
........1307
Divisors .....................................................................
.......................................................1308
Prime
Numbers...................................................................
..............................................1309
Relatively Prime
Numbers ...................................................................
............................1310
B.2 Modular
Arithmetic..................................................................
.....................................1311
Figure B.1 The
Relationship ..............................................................
......................1311
Modular Arithmetic
Operations ................................................................
.......................1313
Inverses.....................................................................
........................................................1314
(B.1)..........................................................................
................................................1314
(B.2)..........................................................................
................................................1314
B.3 Fermat’s and Euler’s
Theorems ..................................................................
..................1315
Fermat’s
Theorem ...................................................................
.........................................1316
(B.3)..........................................................................
................................................1316
Euler’s Totient
Function....................................................................
...............................1318
Appendix C: Standards and Standard-Setting
Organizations..............................................1323
C.1 The Importance of
Standards .................................................................
.......................1324
C.2 Internet Standards and the Internet
Society...................................................................13
26
The Internet Organizations and RFC
Publication ............................................................13
27
Table C.1 IETF
Areas.........................................................................
......................1328
The Standardization
Process .....................................................................
.......................1330
Figure C.1 Internet RFC Publication
Process...........................................................1331
Internet Standards
Categories.................................................................
..........................1333
Other RFC
Types ........................................................................
.....................................1334
C.3 The National Institute of Standards and
Technology....................................................1336
C.4 The International Telecommunication
Union ...............................................................1338
ITU Telecommunication Standardization
Sector.............................................................1339
Schedule ..................................................................
.........................................................1340
C.5 The International Organization for
Standardization......................................................13
41
C.6 Significant Security Standards and
Documents ............................................................1
344
International Organization for Standardization
(ISO)......................................................1345
National Institute of Standards and Technology
(NIST) .................................................1346

International Telecommunication Union


Telecommunication Standardization Sector (ITU-
T)...............................................................................
.......................................................1347

Internet Standards and the Internet


Society......................................................................
1349
Appendix D: Random and Pseudorandom Number
Generation..........................................1350

Page 36 of 1641

D.1 The Use of Random


Numbers...................................................................
....................1351
Randomness .............................................................
........................................................1352
Unpredictability.........................................................
.......................................................1354
D.2 Pseudorandom Number Generators
(PRNGS)..............................................................135
5
Linear Congruential
Generators................................................................
.......................1356
Cryptographically Generated Random
Numbers.............................................................135
9
Cyclic
Encryption ................................................................
.........................................1359
Figure D.1 Pseudorandom Number Generation from a
Counter ..............................1360
DES Output Feedback
Mode.........................................................................
...............1361
ANSI X9.17
PRNG ........................................................................
..............................1361
Figure D.2 ANSI X9.17 Pseudorandom Number
Generator ....................................1362
Blum Blum Shub
Generator..................................................................
...........................1364
D.3 True Random Number
Generators................................................................
................1367
Appendix E: Message Authentication Codes Based on
Block Ciphers...............................1369
E.1 Cipher-Based Message Authentication Code
(CMAC) ................................................1370

Find the original Textbook (PDF) in the link below:

CLICK HERE

You might also like