Principles of distributed computing and networks - the network computing revolution, focus and objective, secure distributed processing, distributed systems elements structure for this book, distribution; the need for network security - information services and value, classified information, proprietary and sensitive information, total dependence, economics; the network security challenge - the fundamental paradox, reclusive and tightly held science, inadequate funding and management commitment, organizational opposition, operational opposition and costs, technical complexity and rapid change, a moving target, the lack of network security standards, legal inadequacies; network security services - security control objectives, continuity of operations services, integrity services, authentication services, access control services, confidentiality services, nonrepudiation services, assurance; network security disciplines - introduction - security engineering disciplines, physical security, personnel security, information security, TEMPEST, network and computer security, communications security, industrial security, operations security, life-cycle security engineering; network security approaches and mechanisms - the ISO/OSI reference model, network security services revisited, network security mechanisms, layering and placement of network security services and mechanisms, an example of a network security implementation; personal computer networking-security issues and approaches - introduction - the PC networking revolution, practical guidance for PC networking, PC physical security concerns, identification and authentication-network operating systems, application protection in a PC networking environment; controlling viruses and trojan horses - viruses, trojan horses, techniques for introducing a trojan horse into systems, exploitation, examples of trojan horses, identification of trojan horses, prevention, maintaining "Trojan Horse-Free" code; covert channels - the covert channel threat, general concepts, covert channel taxonomy, exploitation of covert channels, system vulnerabilities exploited by covert channels, covert channel analysis and measurement techniques, practice and examples, guidance to developers and evaluators, countermeasures, elimination of covert channels, damage confinement; practical approaches to network security - practical network security objectives, senior management commitment, network risk analysis, network security policy, security management personnel, network security-policies and procedures, maximize inherent security capabilities in design; advanced network security strategies - integrity - the new network security frontier, denial of service - dependence and reliability, maintainability, and availability, accountability, network security integration, network security standards, security overhead and transparency, high-performance systems. (Part contents).
