Preface

The second edition of this comprehensive handbook serves as a professional reference to provide today's most complete and concise view of computer security and privacy available in one volume. It offers in-depth coverage of computer security theory, technology, and practice as they relate to established technologies as well as recent advancements. It explores practical solutions to a wide range of security issues. Individual chapters are authored by leading experts in the field and address the immediate and long-term challenges in the authors' respective areas of expertise.

The primary audience for this handbook consists of researchers and practitioners in industry and academia as well as security technologists and engineers working with or interested in computer security. This comprehensive reference will also be of value to students in upper-division undergraduate and graduate-level courses in computer security.

Organization of this Book

The book is organized into ten parts composed of 70 contributed chapters by leading experts in their fields, as well as 12 appendices, including an extensive glossary (available online) of computer security terms and acronyms.

Part 1: Overview of System and Network Security: A Comprehensive Introduction

Part 1 discusses how to build a secure organization; generate cryptography; how to detect system intrusions; how to prevent system intrusions; secure cloud computing systems; fault tolerance and resilience in cloud computing environments; how to secure web applications, services and servers; UNIX and Linux security; eliminate the security weakness of Linux and UNIX Operating systems; Internet and intranet security; the botnet problem; LAN security; wireless network security; wireless sensor network security; cellular network security, RFID security; optical network security; and, optical wireless network security. For instance:

Chapter 1, "Building a Secure Organization," sets the stage for the rest of the book by presenting insight into where to start building a secure organization.

Chapter 2, "A Cryptography Primer," provides an overview of cryptography. It shows how communications may be encrypted and transmitted.

Chapter 3, "Detecting System Intrusions," describes the characteristics of the DSI technologies and provides recommendations for designing, implementing, configuring, securing, monitoring, and maintaining them.

Chapter 4, "Preventing System Intrusions," discusses how to prevent system intrusions and where an unauthorized penetration of a computer in your enterprise or an address in your assigned domain can occur.

Chapter 5, "Guarding Against Network Intrusions," shows how to guard against network intrusions by understanding the variety of attacks, from exploits to malware and social engineering.

Chapter 6, "Securing Cloud Computing Systems," discusses various cloud computing environments and methods to make them more secure for hosting companies and their customers.

Chapter 7, "Fault Tolerance and Resilience in Cloud Computing Environments," focuses on characterizing the recurrent failures in a typical Cloud computing environment, analyzing the effects of failures on user's applications, and surveying fault tolerance solutions corresponding to each class of failures.

Chapter 8, "Securing Web Applications, Services and Servers," provides a general overview of the breadth of web service security, an introduction to the subject area, and guides the reader to sources with deeper information.

Chapter 9, "UNIX and Linux Security," discusses how to scan for vulnerabilities; reduce denial-of-service (DoS) attacks; deploy firewalls to control network traffic; and build network firewalls.

Chapter 10, "Eliminating the Security Weakness of Linux and UNIX Operating Systems," presents an introduction to securing UNIX in general and Linux in particular, providing some historical context and describing some fundamental aspects of the secure operating system architecture.

Chapter 11, "Internet Security," shows you how cryptography can be used to address some of the security issues besetting communications protocols.

Chapter 12, "The Botnet Problem," describes the botnet threat and the countermeasures available to network security professionals.

Chapter 13, "Intranet Security," covers internal security strategies and tactics; external security strategies and tactics; network access security; and Kerberos.

Chapter 14, "Local Area Network Security," discusses network design and security deployment as well as ongoing management and auditing.

Chapter 15, "Wireless Network Security," presents an overview of wireless network security technology; how to design wireless network security and plan for wireless network security; how to install, deploy, and maintain wireless network security; information warfare countermeasures: the wireless network security solution; and wireless network security solutions and future directions.

Chapter 16, "Wireless Sensor Network Security," helps organizations design, implement and evaluate wireless sensor intrusion detection systems, which aim at transferring the computational load of the operation from the sensors to the base station.

Chapter 17, "Cellular Network Security," addresses the security of the cellular network; educates readers on the current state of security of the network and its vulnerabilities; outlines the cellular network specific attack taxonomy, also called three-dimensional attack taxonomy; discusses the vulnerability assessment tools for cellular networks; and provides insights into why the network is so vulnerable and why securing it can prevent communication outages during emergencies.

Chapter 18, "RFID Security," describes the RFID tags and RFID reader and back-end database in detail.

Chapter 19, "Optical Network Security," presents an analysis of attack and protection problems in optical networks. It also proposes a conceptual framework for modeling attack problems and protection schemes for optical networks.

Chapter 20, "Optical Wireless Network Security," focuses on free space optics (FSO) and the security that has been developed to protect its transmissions, as well as an overview of the basic technology.

Part 2: Managing Information Security

Part 2 discusses how to protect mission-critical systems; deploy security management systems, policy-driven system management, IT security management, online identity and user management services, intrusion detection and prevention systems, TCP/IP packet analysis, intruder's genesis, firewalls, penetration testing; conduct vulnerability assessments and security metrics. For instance:

Chapter 21, "Information Security Essentials for IT Managers: Protecting Mission-Critical Systems," discusses how security goes beyond technical controls and encompasses people, technology, policy, and operations in a way that few other business objectives do.

Chapter 22, "Security Management Systems," examines documentation requirements and maintaining an effective security system as well as conducting assessments.

Chapter 23, "Policy-driven System Management," focuses particularly on PBM's use for securing computing systems according to high-level security goals.

Chapter 24, "Information Technology Security Management," discusses the processes that are supported with enabling organizational structure and technology to protect an organization's information technology operations and IT assets against internal and external threats, intentional or otherwise.

Chapter 25, "Online Identity and User Management Services," presents the evolution of identity management requirements. It also surveys how the most advanced identity management technologies fulfill present-day requirements. It discusses how mobility can be achieved in the field of identity management in an ambient intelligent/ubiquitous computing world.

Chapter 26, "Intrusion Detection and Prevention Systems," discusses the nature of computer system intrusions, the people who commit these attacks, and the various technologies that can be utilized to detect and prevent them.

Chapter 27, "TCP/IP Packet Analysis," discusses how TCP/IP packets are constructed, and analyzed to interpret the applications that use the TCP/IP stack.

Chapter 28, "The Enemy (The Intruder's Genesis)," discusses process of creating a formal set of governance to define the CYBERSECURITY, and course of actions to be taken to defend against the CYBERATTACKS.

Chapter 29, "Firewalls," provides an overview of firewalls: policies, designs, features, and configurations. Of course, technology is always changing, and network firewalls are no exception. However, the intent of this chapter is to describe aspects of network firewalls that tend to endure over time.

Chapter 30, "Penetration Testing," describes how testing differs from an actual "hacker attack" as well as some of the ways penetration tests are conducted, how they're controlled, and what organizations might look for when choosing a...