CHAPTER 1 Introduction 1
1.1 Attacks,Services,and Mechanisms 4
1.2 Security Attacks 6
1.3 Security Services 9
1.4 A Model for Internetwork Security 11
1.5 Internet Standards and RFCs 13
1.6 Recommended Reading 16
Appendix 1A:Internet and Web Resources 16
PART ONE CRYPTOGRAPHY 19
CHAPTER 2 Conventional Encryption and Message Confidentiality 21
2.1 Conventional Encryption Principles 22
2.2 Conventional Encryption Algorithms 28
2.3 Cipher Block Modes of Operation 37
2.4 Location of Encryption Devices 39
2.5 Key Distribution 42
2.6 Recommended Reading 44
2.7 Problems 44
CHAPTER 3 Public-Key Cryptography and Message Authentication 47
3.1 Approaches to Message Authentication 48
3.2 Secure Hash Functions and HMAC 52
3.3 Public Key Cryptography Principles 62
3.4 Public-Key Cryptography Algorithms 66
3.5 Digital Signatures 72
3.6 Key Management 73
3.7 Recommended Reading 75
3.8 Problems 75
Appendix 3A:Prime Numbers and Modular Arithmetic 77
PART TWO NETWORK SECURITY APPLICATIONS 81
CHAPTER 4 Authentication Applications 83
4.1 Kerberos 84
4.2 X.509 Directory Authentication Service 101
4.3 Recommended Reading and Web Sites 110
4.4 Problems 110
Appendix 4A:Kerberos Encryption Techniques 111
CHAPTER 5 Electronic Mail Security 117
5.1 Pretty Good Privacy(PGP) 118
5.2 S/MIME 136
5.3 Recommended Web Sites 152
5.4 Problems 152
Appendix 5A:Data Compression Using ZIP 153
Appendix 5B:Radix-64 Conversion 155
Appendix 5C:PGP Random Number Generation 157
CHAPTER 6 IP Security 161
6.1 IP Security Overview 162
6.2 IP Security Architecture 165
6.3 Authentication Header 171
6.4 Encapsulating Security Payload 176
6.5 Combining Security Associations 181
6.6 Key Management 184
6.7 Recommended Reading and Web Sites 193
Appendix 6A:Internetworking and Internet Protocols 194
6.8 Problems 194
CHAPTER 7 Web Security 203
7.1 Web Security Requirements 204
7.2 Secure Sockets Layer(SSL)and Transport Layer Security(TLS) 206
7.3 Secure Electronic Transaction(SET) 223
7.4 Recommended Reading and Web Sites 235
7.5 Problems 235
CHAPTER 8 Network Management Security 237
8.1 Basic Concepts of SNMP 238
8.2 SNMPv1 Community Facility 246
8.3 SNMPv3 248
8.4 Recommended Reading and Web Sites 273
8.5 Problems 274
PART THREE SYSTEM SECURITY 277
CHAPTER 9 Intruders and Viruses 279
9.1 Intruders 280
9.2 Viruses and Related Threats 303
9.3 Recommended Reading and Web Sites 316
9.4 Problems 317
CHAPTER 10 Firewalls 319
10.1 Firewall Design Principles 320
10.2 Trusted Systems 330
10.3 Recommended Reading 336
10.4 Problems 336
APPENDIX A RFCs Cited in this Book 337
APPENDIX B Projects for Teaching Network Security 339
B.1 Research Projects 339
B.2 Programming Projects 340
B.3 Reading/Report Assignments 340
GLOSSARY 341
REFERENCES 347
INDEX 353