computer and information security handbook
TRANSCRIPT
Computer and Information Security Handbook
Edited by John R. Vacca
ШШШ З И Я Ш Р ^ AMSTERDAM • BOSTON • HEIDELBERG • LONDON • NEW YORK | W l fЖ ^ ^ Н Я Я OXFORD • PARIS • SAN DIEGO • SAN FRANCISCO В ^ ^ И I V ^ I •jfciflliWfcE SINGAPORE • SYDNEY • TOKYO c , „ n , , r D MORGAN KAUFMANN E l ^ o i l V l l l K Morgan Kaufmann Publishers is an imprint of Elsevier PUBLISHERS
Foreword Preface Acknowledgments About the Editor Contributors
XXI
xxiii xxv ii xxix xxxi
Parti Overview of System and Network Security: A Comprehensive Introduction 1. Building a Secure Organization
John Mallery
1 . Obstacles to Security Security Is Inconvenient Computers Are Powerful and Complex Computer Users Are Unsophisticated Computers Created Without a Thought
to Security Current Trend Is to Share, Not Protect Data Accessible from Anywhere Security Isn't About Hardware
and Software The Bad Guys Are Very Sophisticated Management Sees Security as a Drain
on the Bottom Line 2. Ten Steps to Building a Secure Organization
A. Evaluate the Risks and Threats B. Beware of Common Misconceptions С Provide Security Training for
IT Staff—Now and Forever D. Think "Outside the Box" E. Train Employees: Develop a Culture
of Security F. Identify and Utilize Built-in Security
Features of the Operating System and Applications
G. Monitor Systems H. Hire a Third Party to Audit Security I. Don't Forget the Basics J. Patch, Patch, Patch
2. A Cryptography Primer : Scott R. Ellis
1 . What is Cryptography? What is Encryption? How Is Cryptography Done?
2. Famous Cryptographic Devices 24 The Lorenz Cipher 24 Enigma 24
3. Ciphers 25 The Substitution Cipher 25 The Shift Cipher 26 The Polyalphabetic Cipher 29 The Kasiski/Kerckhoff Method 30
4. Modern Cryptography 31 The Vernam Cipher (Stream Cipher) 31 The One-Time Pad 32 Cracking Ciphers 33 The XOR Cipher and Logical Operands 34 Block Ciphers 35
5. The Computer Age 36 Data Encryption Standard 36 Theory of Operation 37
3 3 3 4
4 4 • 4
5 5
5 6 6 8
9 10
12
14 16 17 19 20
23
23 24
Implementation Rivest, Shamir, and Adleman (RSA) Advanced Encryption Standard
(AES or Rijndael)
i Preventing System Intrusions
Michael West
1. 2. 3.
4. 5. 6. 7. 8.
9. 10.
11.
12.
So, What is an Intrusion? Sobering Numbers Know Your Enemy: Hackers Versus Crackers Motives Tools of the Trade Bots Symptoms of Intrusions What Can You Do? Know Today's Network Needs Network Security Best Practices Security Policies Risk Analysis Vulnerability Testing Audits Recovery Tools of Your Trade Firewalls Intrusion Prevention Systems Application Firewalls Access Control Systems Unified Threat Management Controlling User Access Authentication, Authorization,
and Accounting What the User Knows
38 38
38
39
39 40
40 41 41 42 43 43 44 45 45 46 46 47 47 47 47 47 48 48 49 49
49 49
Contents
13.
What the User Has The User Is Authenticated,
But Is She Authorized? Accounting Keeping Current Conclusion
50
50 51 51 51
Guarding Against Network Intrusions
Tom Chen and Patrick J. Walsh
1. 2.
3. 4.
6.
7.
Traditional Reconnaissance and Attacks Malicious Software Lures and "Pull" Attacks Defense in Depth Preventive Measures Access Control Vulnerability Testing and Patching Closing Ports Firewalls Antivirus and Antispyware Tools Spam Filtering Honeypots Network Access Control Intrusion Monitoring and Detection Host-Based Monitoring Traffic Monitoring Signature-Based Detection Behavior Anomalies Intrusion Prevention Systems Reactive Measures Quarantine Traceback Conclusions
5. Unix and Linux Security
Gerald Beuchelt
1. Unix and Security The Aims of System Security Achieving Unix Security
2. Basic Unix Security Traditional Unix Systems Standard File and Device Access
Semantics 4. Protecting User Accounts
and Strengthening Authentication Establishing Secure Account Use The Unix Login Process Controlling Account Access Noninteractive Access Other Network Authentication
Mechanisms Risks of Trusted Hosts and Networks Replacing Telnet, rlogin, and FTP
Servers and Clients with SSH 5. Reducing Exposure to Threats by
Limiting Superuser Privileges Controlling Root Access
53
53 56 57 58 59 59 59 60 60 61 62 62 63 63 64 64 64 65 65 65 65 66 66
67
67 67 67 68 68
69
71 71 71 71 72
73 73
73
74 74
6.
6. Safeguarding Vital Data by Securing Local and Network File Systems 76 Directory Structure and Partitioning
for Security 76
Eliminating the Security Weakness of Linux and Unix Operating Systems 79
Mario San tana
1 . Introduction to Linux and Unix 79 What Is Unix? 79 What Is Linux? 80 System Architecture 82
2. Hardening Linux and Unix 84 Network Hardening 84 Host Hardening 88 Systems Management Security 90
3. Proactive Defense for Linux and Unix 90 Vulnerability Assessment 90 Incident Response Preparation 91 Organizational Considerations 92
7. Internet Security 93
Jesse Walker
Internet Protocol Architecture Communications Architecture Basics Getting More Specific An Internet Threat Model The Dolev-Yao Adversary Model Layer Threats Defending Against Attacks on the Internet Layer Session Defenses Session Startup Defenses Conclusion
93 94 95
100 101 101
105 106 113 117
8. The Botnet Problem
Xinyuan Wang and Daniel Ramsbrock
3. 4. 5.
Introduction Botnet Overview Origins of Botnets Botnet Topologies and Protocols Typical Bot Life Cycle The Botnet Business Model Botnet Defense Detecting and Removing
Individual Bots Detecting C&C Traffic Detecting and Neutralizing
the C&C Servers Attacking Encrypted C&C Channels Locating and Identifying the Botmaster Botmaster Traceback Traceback Challenges
119
119 120 120 120 122 123 124
124 125
125 126 128 128 129
7. Traceback Beyond the Internet Summary
130 132
Intranet Security
Bill Mansoor
1.
2. 3.
4. 5.
6.
7.
8.
9.
10.
11.
12. 13. 14.
Plugging the Gaps: NAC and Access Control Measuring Risk: Audits Guardian at the Gate: Authentication and Encryption Wireless Network Security Shielding the Wire: Network Protection Weakest Link in Security: User Training Documenting the Network: Change Management Rehearse the Inevitable: Disaster Recovery Controlling Hazards: Physical and Environmental Protection Know Your Users: Personnel Security Protecting Data Flow: Information and System Integrity Security Assessments Risk Assessments Conclusion
133
136 137
138 139
141
142
142
143
145
146
146 147 148 148
Local Area Network Security 149
Dr. Pramod Pandya
1.
2. 3. 4. 5. 6. 7. 8.
9. 10. 11.
12.
13. 14. 15. 16. 17.
Identify network threats Disruptive Unauthorized Access Establish Network Access Controls Risk Assessment Listing Network Resources Threats Security Policies The Incident-handling Process Secure Design Through Network Access Controls Ids Defined NIDS: Scope and Limitations A Practical Illustration of NIDS UDP Attacks TCP SYN (Half-Open) Scanning Some Not-So-Robust Features
of NIDS Firewalls Firewall Security Policy Configuration Script for sf Router Dynamic Nat Configuration The Perimeter Access List Details Types of Firewalls Packet Filtering: IP Filtering Routers
150 150 150 150 151 151 151 151 152
152 153 154 154 154 155
156 158 159 160 160 160 162 162 162
18.
19. 20. 21.
22. 23. 24.
Application-layer Firewalls: Proxy Servers Stateful Inspection Firewalls NIDS Complements Firewalls Monitor and Analyze System Activities Analysis Levels Signature Analysis Statistical Analysis Signature Algorithms Pattern Matching Stateful Pattern Matching Protocol Decode-based Analysis Heuristic-Based Analysis Anomaly-Based Analysis
163 163 163
163 164 164 164 164 164 165 165 166 166
11. Wireless Network Security 169
Chunming Rong and Erdal Cayirci
1. Cellular Networks 169 Cellular Telephone Networks 170 802.11 Wireless LANs 170
2. Wireless Ad Hoc Networks 171 Wireless Sensor Networks 171 Mesh Networks 171
3. Security Protocols 172 WEP 172 WPA and WPA2 173 SPINS: Security Protocols for
Sensor Networks 173 4. Secure Routing 175
SEAD 175 Ariadne 176 ARAN 176 SLSP 177
5. Key Establishment 177 Bootstrapping 177 Key Management 178
References 181
12. Cellular Network Security 183
Peng Liu, Thomas F. LaPorta and Kameswari Kotapati
1. Introduction 2. Overview of Cellular Networks
Overall Cellular Network Architecture
Core Network Organization Call Delivery Service
3. The State of the Art of Cellular Network Security Security in the Radio Access
Network Security in Core Network Security Implications of Internet Connectivity Security Implications of PSTN
Connectivity
183 184
184 185 185
186
186 187
188
188
Contents
4. Cellular Network Attack Taxonomy 189 Abstract Model 189 Abstract Model Findings 189 Three-Dimensional Attack
Taxonomy 192 5. Cellular Network Vulnerability
Analysis 193 Cellular Network Vulnerability
Assessment Toolkit (CAT) 195 Advanced Cellular Network
Vulnerability Assessment Toolkit (aCAT) 198
Cellular Network Vulnerability Assessment Toolkit for evaluation (eCAT) 199
6. Discussion 201 References 202
13. RFID Security 205
Chunming Rong and Erdal Cayirci
1. RFID Introduction 205 RFID System Architecture 205 RFID Standards 207 RFID Applications 208
2. RFID Challenges 209 Counterfeiting 209 Sniffing 209 Tracking 209 Denial of Service 210 Other Issues 210 Comparison of All Challenges 212
3. RFID Protections 212 Basic RFID System 212 RFID System Using Symmetric-Key
Cryptography 215 RFID System Using Public-key
Cryptography 217 References 219
Part II Managing Information Security
14. Information Security Essentials for IT Managers, Protecting Mission-Critical Systems
Albert Caballero
1. Information Security Essentials for IT Managers, Overview Scope of Information Security
Management CISSPTen Domains of Information
Security What is a Threat? Common Attacks
15.
Impact of Security Breaches 231 2. Protecting Mission-critical Systems 231
Information Assurance 231 Information Risk Management 231 Defense in Depth 233 Contingency Planning 233
3. Information Security from the Ground Up 236 Physical Security 236 Data Security 237 Systems and Network Security 239 Business Communications Security 241 Wireless Security 242 Web and Application Security 246 Security Policies and Procedures 247 Security Employee Training
and Awareness 248 4. Security Monitoring
and Effectiveness 249 Security Monitoring Mechanisms 250 Incidence Response and Forensic Investigations 251 Validating Security Effectiveness 251
References 252
Security Management Systems 255
Voe Wright and Jim Harmening
1.
2. 3. 4.
5. 6. 7. 8. 9.
10.
Security Management System Standards Training Requirements Principles of Information Security Roles and Responsibilities of Personnel Security Policies Security Controls Network Access Risk Assessment Incident Response Summary
255 256 256
256 256 257 257 257 258 258
16. Information Technology Security Management
Rahul Bhaskerand Bhushan Kapoor
259
125
225
225
225 227 228
1.
2.
3.
Information Security Management Standards Federal Information Security
Management Act International Standards Organization Other Organizations Involved
in Standards Information Technology security aspects Security Policies and Procedures IT Security Processes Conclusion
259
259 260
260
260 261 263 267
ents
Identity Management
Dr. Jean-Marc Seigneur and Dr. Tewfiq El Malika
Introduction Evolution of Identity Management Requirements Digital Identity Definition Identity Management Overview Privacy Requirement User-Centricity Usability Requirement The Requirements Fulfilled by Current Identity Management Technologies Evolution of Identity Management Identity 2.0 Identity 2.0 for Mobile Users Mobile Web 2.0 Mobility Evolution of Mobile Identity The Future of Mobile User-Centric
Identity Management in an Ambient Intelligence World
Research Directions Conclusion
269
269 270 270 272 272 273
274 274 278 286 286 287 287
290 292 292
1 2
3
4 5
Intrusion Prevention and Detection Systems
Christopher Day
1. What is an "Intrusion," Anyway? 293 Physical Theft 293 Abuse of Privileges (The Insider Threat) 293
2. Unauthorized Access by an
3. 4. 5.
6. 7.
8.
9. 10.
11.
12.
13.
14. 15. 16. 17.
Outsider Malware Infection The Role of the "0-day" The Rogue's Gallery: Attackers and Motives A Brief Introduction to TCP/IP The TCP/IP data Architecture and Data Encapsulation Survey of Intrusion Detection and Prevention Technologies Anti-Malware Software Network-based Intrusion Detection Systems Network-based Intrusion Prevention Systems Host-based Intrusion Prevention Systems Security Information Management Systems Network Session Analysis Digital Forensics System Integrity Validation Putting it all Together
294 294 295
296 297
298
300 301
302
303
304
304 304 305 306 306
5, 6
7.
8
269 19. Computer Forensics 307
Scott R. Ellis
What is Computer Forensics? 307 Analysis of Data 308 Computer Forensics and Ethics,
Green Home Plate Gallery View 309 Database Reconstruction 310 Computer Forensics in the Court System 310 Understanding Internet History 312 Temporary Restraining Orders and Labor Disputes 312 Divorce 313 Patent I nfri ngement 313 When to Acquire, When to
Capture Acquisition 313 Creating Forensic Images Using
Software and Hardware Write Blockers 313
Live Capture of Relevant Files 314 Redundant Array of Independent
(or Inexpensive) Disks (RAID) 314 File System Analyses 314 NTFS 315 The Role of the Forensic Examiner
in Investigations and File Recovery 315
Password Recovery 317 File Carving 318 Things to Know: How Time stamps
Work 320 Experimental Evidence 321 Email Headers and Time stamps,
Email Receipts, and Bounced Messages 322
Steganography "Covered Writing" 324 First Principles 325 Hacking a Windows XP Password 325 Net User Password Hack 325 Lanman Hashes and Rainbow
Tables 325 Password Reset Disk 326 Memory Analysis and the Trojan
Defense 326 User Artifact Analysis 326 Recovering Lost and Deleted Files 327 Email 327 Internet History 327 Network Analysis 328 Protocols 328 Analysis 328 Computer Forensics Applied 329 Tracking. Inventory, Location
of Files, Paperwork, Backups, and So On 329
Testimonial 329 Experience Needed 329 Job Description, Technologist 329
293
Contents
9.
10.
Job Description Management Commercial Uses Solid Background Education/Certification Programming and Experience Publications Testifying as an Expert Degrees of Certainty Certainty Without Doubt Beginning to End in Court Defendants, Plaintiffs,
and Prosecutors Pretrial Motions Trial: Direct and Cross-Examination Rebuttal Surrebuttal Testifying: Rule 702. Testimony
by Experts Correcting Mistakes: Putting Your
Head in the Sand
Network Forensics
Yong Guan
1. 2. 3.
4. 5.
Scientific Overview The Principles of Network Forensics Attack Traceback and Attribution IP Traceback Stepping-Stone Attack Attribution Critical Needs Analysis Research Directions
330 330 330 330 331 331 332 332 334 334
334 335 335 335 335
335
336
339
339 340 341 341 344 346 346
VoIP Attribution
Firewalls
346
349
Dr. Errin W. Fulp
1. 2.
3.
4.
5.
6.
7. 8.
9. 10.
Network Firewalls Firewall Security Policies Rule-Match Policies A Simple Mathematical Model for Policies, Rules, and Packets First-match Firewall Policy Anomalies Policy Optimization Policy Reordering Combining Rules Default Accept or Deny? Firewall Types Packet Filter Stateful Packet Firewalls Application Layer Firewalls Host and Network Firewalls Software and Hardware Firewall Implementations Choosing the Correct Firewall Firewall Placement and Network Topology Demilitarized Zones Perimeter Networks
349 350 351
351
352 352 352 353 353 353 354 354 354 355
355 355
356 357 357
11.
12.
13.
14.
15.
16. 17.
18.
19.
20. 21.
Two-Router Configuration Dual-Homed Host Network Configuration Summary Firewall Installation and Configuration Supporting Outgoing Services Through Firewall Configuration Forms of State Payload Inspection Secure External Services Provisioning Network Firewalls for Voice and Video Applications Packet Filtering H.323 Firewalls and Important Administrative Service Protocols Routing Protocols Internet Control Message
Protocol Network Time Protocol Central Log File Management Dynamic Host Configuration
Protocol Internal IP Services Protection Firewall Remote Access Configuration Load Balancing and Firewall Arrays Load Balancing in Real Life How to Balance the Load Advantages and Disadvantages
of Load Balancing Highly Available Firewalls Load Balancer Operation Interconnection of Load Balancers
and Firewalls Firewall Management Conclusion
357 358 358
358
359 359 360
X ' 360
360 361
361 361
362 362 362
363 363
364
365 365 365
366 366 366
366 367 367
22. Penetration Testing 369
San jay Bavisi
1. 2.
3. 4.
5. 6. 7.
8.
9. 10. 11.
What is Penetration Testing? How does Penetration Testing Differ from an Actual "Hack?" Types of Penetration Testing Phases of Penetration Testing The Pre-Attack Phase The Attack Phase The Post-Attack Phase Defining What's Expected The Need for a Methodology Penetration Testing Methodologies Methodology in Action EC-Council LPT Methodology Penetration Testing Risks Liability Issues Legal Consequences
369
370 371 373 373 373 373 374 375
375 376 376 378 378 379
Contents XIII
12. 13. 14. 15. 16. 17.
18.
"Get out of jail free" Card Penetration Testing Consultants Required Skill Sets Accomplishments Hiring a Penetration Tester Why Should a Company Hire You? Qualifications Work Experience Cutting-Edge Technical Skills Communication Skills Attitude Team Skills Company Concerns All's Well that Ends Well
379 379 380 380 380
381 381 381 381 381 381 381 381 382
23. What Is Vulnerability Assessment? 383
Almantas Kakareka
1. 2. 3. 4.
5. 6. 7. 8. 9.
10.
11. 12. 13. 14.
15.
16.
17.
18. 19.
Reporting The "It Won't Happen to Us" Factor Why Vulnerability Assessment? Penetration Testing Versus Vulnerability Assessment Vulnerability Assessment Goal Mapping the Network Selecting the Right Scanners Central Scans Versus Local Scans Defense in Depth Strategy Vulnerability Assessment Tools Nessus GFI LANguard Retina Core Impact ISS Internet Scanner X-Scan Sara QualysGuard SAINT MBSA Scanner Performance Scan Verification Scanning Cornerstones Network Scanning Countermeasures Vulnerability Disclosure Date Find Security Holes Before
They Become Problems Proactive Security Versus Reactive Security Vulnerability Causes Password Management Flaws Fundamental Operating
System Design Flaws Software Bugs Unchecked User Input DIY Vulnerability Assessment Conclusion
383 383 384
384 385 385 386 387 388 388 388 389 389 389 389 389 389 389 389 389 390 390 390
390 391
391
392 392 392
392 392 392 393 393
Part III Encryption Technology
24. Data Encryption 397
Dr. Bhushan Kapoor and Dr. Pramod Pandya
Need for Cryptography Authentication Confidentiality Integrity Nonrepudiation Mathematical Prelude to Cryptography Mapping or Function Probability Complexity Classical Cryptography The Euclidean Algorithm The Extended Euclidean Algorithm Modular Arithmetic Congruence Residue Class Inverses Fundamental Theorem
of Arithmetic Congruence Relation Defined Substitution Cipher Transposition Cipher Modern Symmetric Ciphers S-Box P-Boxes Product Ciphers Algebraic Structure Definition Group Definitions of Finite and Infinite
Groups (Order of a Group) Definition Abelian Group Examples of a Group Definition: Subgroup Definition: Cyclic Group Rings Definition: Field Finite Fields GF(2n) Modular Polynomial Arithmetic
Over CF(2) Using a Generator to Represent
the Elements of GF(2n) GF(23) Is a Finite Field The Internal Functions of Rijndael in AES Implementation Mathematical Preliminaries State Use of Modern Block Ciphers The Electronic Code Book (ECB) Cipher-Block Chaining (CBC) Public-key Cryptography Review: Number Theory Cryptanalysis of RSA Factorization Attack
398 398 398 398 398 398 398 398 398 399 399 399 399 400 400 400
400 401 401 402 402 403 403 404 404 404
404 404 404 405 405 405 405 405
406
406 407
407 408 408 412 412 412 412 412 416 416
26.
ю. п .
12.
Diffie-Hellman Algorithm Elliptic Curve Cryptosystems An Example Example of Elliptic Curve Addition EC Security Message Integrity and Authentication Cryptographic Hash Functions Message Authentication Digital Signature Message Integrity Uses a Hash
Function in Signing the Message RSA Digital Signature Scheme RSA Digital Signature and
the Message Digest 13. Summary References
25. Satellite Encryption
Daniel S. Soper
1. The Need for Satellite Encryption
2. Satellite Encryption Policy
417 417 418 418 419
419 419 420 420
420 420
420 421 421
423
423
425
10. 11.
12. 13. 14. 15. 16.
17.
Con
X.509 V3 Format X.509 Certificate Extensions Policy Extensions Certificate Policy PKI Policy Description PKI Standards Organizations IETF PKIX SDSI/SPKI IETF OpenPGP PGP Certificate Formats PGP PKI Implementations W3C Alternative PKI Architectures Modified X.509 Architectures Perlman and Kaufman's User-Centric
PKI Gutmann's Plug and Play PKI Callas's Self-Assembling PKI Alternative Key Management Models
tents
445 445 446 446 447 448 448 448 448 449 449 449 450 450
450 450 450 450
27. Instant-Messaging Security
Samuel J.J. Curry
453
3.
4.
Implementing Satellite Encryption General Satellite Encryption Issues Uplink Encryption Extraplanetary Link Encryption Downlink Encryption
The Future of Satellite Encryption
Public Key Infrastructure
Terence Süies
1.
2. 3.
4. 5.
6.
7.
8.
9.
Cryptographic Background Digital Signatures Public Key Encryption Overview of PKI The X.509 Model The History of X.509 The X.509 Certificate Model X.509 Implementation Architectures X.509 Certificate Validation Validation Step 1: Construct the
Chain and Validate Signatures Validation Step 2: Check Validity
Dates, Policy and Key Usage Validation Step 3: Consult
Revocation Authorities X.509 Certificate Revocation Online Certificate Status Protocol Server-based Certificate Validity Protocol X.509 Bridge Certification Systems Mesh PKIs and Bridge CAs X.509 Certificate Format X.509 V1 andV2 Format
426 426 428 428 429
430
433
433 433 434 435 436 436 436 437 439
439
439
440 440 441
442
443 443 444 445
1. Why Should I Care About Instant Messaging?
2. What is Instant Messaging? 3. The Evolution of Networking
Technologies 4. Game Theory and Instant Messaging
Your Workforce Generational Gaps Transactions
5. The Nature of the Threat Malicious Threat Vulnerabilities Man-in-the-Middle Attacks Phishing and Social Engineering Knowledge Is the Commodity Data and Traffic Analysis Unintentional Threats Regulatory Concerns
6. Common IM Applications Consumer Instant Messaging Enterprise Instant Messaging Instant-Messaging Aggregators Backdoors: Instant Messaging
Via Other Means (HTML) Mobile Dimension
7. Defensive Strategies 8. Instant-messaging Security Maturity
and Solutions Asset Management Built-in Security Content Filtering Classic Security Compliance Data Loss Prevention Logging Archival
453 453
454 455 455 456 457 457 458 459 459 459 459 460 460 461 461 461 461 462
462 462 462
463 463 463 463 463 464 464 464 464
on tents
9.
10.
Processes Instant-Messaging Activation
and Provisioning Application Review People Revise Audit Conclusion Example Answers to Key Factors
464
464 464 464 464 464 465 466
Part IV Privacy and Access Management
28. NET Privacy 469
Marco Cremonini, Chiara Braghin and Claudio Agostino Ardagna
Privacy in the Digital Society The Origins, The Debate Privacy Threats The Economics of Privacy The Value of Privacy Privacy and Business Privacy-Enhancing Technologies Languages for Access Control
and Privacy Preferences Data Privacy Protection Privacy for Mobile Environments Network Anonymity Onion Routing Anonymity Services Conclusion
469 469 471 474 474 475 476
476 478 480 482 483 484 485 5.
29. Personal Privacy Policies
Dr. George Yee and Larry Korba
1 . Introduction 2. Content of Personal Privacy Policies
Privacy Legislation and Directives Requirements from Privacy Principles Privacy Policy Specification
3. Semiautomated Derivation of Personal Privacy Policies An Example Retrieval from a Community of Peers
4. Specifying Well-formed Personal Privacy Policies Unexpected Outcomes Outcomes From the Way the
Matching Policy Was Obtained 5. Preventing Unexpected Negative
Outcomes Definition 1 Definition 2 Rules for Specifying Near
Well-Formed Privacy Policies
487
487 488 488 488 490
490 492 493
494 494
494
496 496 496
496
6.
7. 8.
Approach for Obtaining Near Well-Formed Privacy Policies
The Privacy Management Model How Privacy Policies Are Used Personal Privacy Policy Negotiation Personal Privacy Policy Compliance Discussion and Related Work Conclusions and Future Work
30. Virtual Private Networks
Jim Harmening and Joe Wright
4.
5. 6. 7. 8. 9.
History Who is in Charge? VPN Types IPsec L2TP L2TPv3 L2F PPTPVPN MPLS MPVPN™ SSH SSL-VPN TLS Authentication Methods Hashing HMAC MD5 SHA-1 Symmetric Encryption Asymmetric Cryptography Edge Devices Passwords Hackers and Crackers
31. Identity Theft
Markus Jacobsson and Alex Tsow
1. Experimental Design Authentic Payment Notification:
Plain Versus Fancy Layout Strong Phishing Message: Plain
Versus Fancy Layout Authentic Promotion: Effect of
Small Footers Weak Phishing Message Authentic Message Login Page Login Page: Strong and Weak
Content Alignment Login Page: Authentic and Bogus
(But Plausible) URLs Login Page: Hard and Soft
Emphasis on Security Bad URL, with and without SSL
and Endorsement Logo High-Profile Recall Notice
497 497 497 499 502 502 505
507
508 511 512 512 512 513 513 513 514 514 514 514 514 515 515 515 515 515 516 516 516 516 517
519
520
522
525
525 527 528 528
529
532
532
535 535
Contents
Low-Profile Class-Action Lawsuit 535 2. Results and Analysis 535 3. Implications for Crimeware 546
Example: Vulnerability of Web-Based Update Mechanisms 547 Example: The Unsubscribe Spam Attack 547 The Strong Narrative Attack 548
4. Conclusion 548
32. VoIP Security 551
Dan Wing and Harsh Kupwade Patil
1.
2.
3.
4.
5.
PartV
Introduction VoIP Basics Overview of Threats Taxonomy of Threats Reconnaissance of VoIP Networks Denial of Service Loss of Privacy Exploits Security in VoIP Preventative Measures Reactive Future Trends Forking Problem in SIP Security in Peer-to-Peer SIP End-to-End Identity with SBCs Conclusion
Storage Security
33. SAN Security
John McGowan, Jeffrey Bardin and John McDonald
1.
2.
3. 4. 5. 6. 7. 8. 9.
10.
Organizational Structure AAA Restricting Access to Storage Access Control Lists (ACL) and Policies Data Integrity Field (DIF) Physical Access Change Management Password Policies Defense in Depth Vendor Security Review Data Classification Security Management Security Setup Unused Capabilities Auditing Updates Monitoring Security Maintenance
551 551 553 553 553 554 555 557 558 558 559 560 560 561 563 564
567
567 568 569
570 570 571 571 571 571 571 571 572 572 572 572 572 572 572
34.
35.
11 . Management Access: Separation of Functions 573 Limit Tool Access 573 Secure Management Interfaces 573
12. Host Access: Partitioning 573 SJD Checking 574
13. Data Protection: Replicas 574 Erasure 574 Potential Vulnerabilities and Threats 575 Physical Attacks 575 Management Control Attacks 575 Host Attacks 575 World Wide Name Spoofing 576 Man-in-the-Middle Attacks 576 E-Port Replication Attack 576 Denial-of-Service Attacks 577 Session Hijacking Attacks 577
15. Encryption in Storage 577 The Process 577 Encryption Algorithms 578 Key Management 579 Configuration Management 580
16. Application of Encryption 580 Risk Assessment and Management 580 Modeling Threats 580 Use Cases for Protecting Data
at Rest 581 Use Considerations 582 Deployment Options 582
17. Conclusion 588 References 589
Storage Area Networking Devices Security 591
Robert Rounsavall
1. What is a SAN? 2. SAN Deployment Justifications 3. The Critical Reasons for SAN Security
Why Is SAN Security Important? 4. SAN Architecture and Components
SAN Switches 5. SAN General Threats and Issues
SAN Cost: A Deterrent to Attackers Physical Level Threats, Issues,
and Risk Mitigation Logical Level Threats, Vulnerabilities,
and Risk Mitigation 6. Conclusion
Risk Management
Sokratis K. Katsikas
1 . The Concept of Risk 2. Expressing and Measuring Risk 3. The Risk Management Methodology
Context Establishment
591 591 592 592 593 593 594 594
594
596 603
605
606 606 609 609
Contents
Risk Assessment Risk Treatment Risk Communication Risk Monitoring and Review Integrating Risk Management into the
System Development Life Cycle Critique of Risk Management
as a Methodology Risk Management Methods Risk Management Laws and Regulations Risk Management Standards Summary
610 612 614 614
614
615 616
620 623 -5 0-625
4.
5.
Authentication Identification Security Considerations Error Rates Doddington's Zoo Birthday Attacks Comparing Technologies Storage of Templates Conclusion
Homeland Security
Ra hul Bhaskar Ph.D. and Bhushan Ki
653 654 655 655 656 656 657 658 659
661
ЮООГ
5. 6.
Part VI Physical Security
36. Physical Security Essentials
William Stallings
1. Overview 2. Physical Security Threats
Natural Disasters Environmental Threats Technical Threats Human-Caused Physical Threats
3. Physical Security Prevention and Mitigation Measures Environmental Threats Technical Threats Human-Caused Physical Threats
4. Recovery from Physical Security Breaches
5. Threat Assessment, Planning, and Plan Implementation Threat Assessment Planning and Implementation
6. Example: A Corporate Physical Security Policy
7. Integration of Physical and Logical Security
References
37. Biometrics
Luther Martin
1. Relevant Standards 2. Biometrie System Architecture
Data Capture Signal Processing Matching Data Storage Decision Adaptation
3. Using Biometrie Systems Enrollment
629
629 630 630 631 633 634
634 634 635 635
636
636 636 637
637
639 6 4 3 39.
645
646 647 648 648 649 649 649 652 652 652
1. Statutory Authorities The USA PATRIOT Act of 2001
(PL 107-56) The Aviation and Transporation
Security Act of 2001 (PL 107-71) Enhanced Border Security and
Visa Entry Reform Act of 2002 (PL 107-173)
Public Health Security, Bioterrorism Preparedness & Response Act of 2002 (PL 107-188)
Homeland Security Act of 2002 (PL 107-296)
E-Government Act of 2002 (PL 107-347)
2. Homeland Security Presidential Directives
3. Organizational Actions Department of Homeland
Security Subcomponents State and Federal Organizations The Governor's Office of Homeland
Security California Office of Information
Security and Privacy Protection Private Sector Organizations
for Information Sharing 4. Conclusion
Information Warfare
Jan Eloff and Anna Granova
1. 2. 3. 4.
Information Warfare Model Information Warfare Defined IW: Myth or Reality? Information Warfare: Making IW Possible Offensive Strategies Preventative Strategies Legal Aspects of IW Terrorism and Sovereignty Liability Under International Law Remedies Under International Law Developing Countries Response
661
661
663
663
664
665
666
667 669
669 669
670
670
670 674
677
677 678 678
680 680 685 686 686 686 687 689
Contents
7. Holistic View of Information Warfare
8. Conclusion
Part VII Advanced Security
40. Security Through Diversity
Kevin Noble
689 690
693
1. 2. 3. 4. 5. 6. 7. 8.
9. 10.
Ubiquity Example Attacks Against Uniformity Attacking Ubiquity With Antivirus Tools The Threat of Worms Automated Network Defense Diversity and the Browser Sandboxing and Virtualization DNS Example of Diversity through Security Recovery from Disaster is Survival Conclusion
693 694 694 695 697 698 698
699 699 700
4.
5. 6.
4 1 . Reputation Management
Dr. Jean-Marc Seigneur
701
1.
2.
3. 4.
5.
The Human Notion of Reputation Reputation Applied to the Computing World State of the Art of Attack-resistant Reputation Computation Overview of Current Online Reputation Service eBay Opinity Rapleaf Venyo TrustPlus + Xing + Zoomlnfo +
SageFire Naymz + Trufina The GORB ReputationDefender Summarizing Table Conclusion
42. Content Filtering
Peter Nicoletti
702
704
708
711 711 713 714 715
716 717 719 720 720 720
723
The Problem with Content Filtering User Categories, Motivations, and Justifications Schools Commercial Business Financial Organizations Healthcare Organizations Internet Service Providers
723
724 725 725 725 725 725
U.S. Government 725 Other Governments 725 Libraries 725 Parents 726
Content Blocking Methods 726 Banned Word Lists 726 URL Block 726 Category Block 726 Bayesian Filters 727 Safe Search Integration to Search
Engines with Content Labeling 727 Content-Based Image Filtering
(CBIF) 727 Technology and Techniques for Content-Filtering Control 728 Internet Gateway-Based Products/
Unified Threat Appliances 728 Categories 732 Legal Issues 735 Federal Law: ECPA 735 CIPA: The Children's Internet
Protection Act 735 The Trump Card of Content
Filtering: The "National Security Letter" 736
ISP Content Filtering Might Be a "Five-Year Felony" 736
Issues and Problems with Content Filtering 737 Bypass and Circumvention 737 Client-Based Proxies 737 Open Proxies 739 HTTP Web-Based Proxies
(Public and Private) 739 Secure Public Web-Based Proxies 739 Process Killing 739 Remote PC Control Applications 739 Overblocking and Underblocking 740 Blacklist and Whitelist
Determination 740 Casual Surfing Mistake 740 Getting the List Updated 740 Time-of-Day Policy Changing 740 Override Authorization Methods 740 Hide Content in "Noise" or Use
Steganography 740 Nonrepudiation: Smart Cards,
ID Cards for Access 740 Warn and Allow Methods 740 Integration with Spam Filtering tools 740 Detect Spyware and Malware
in the HTTP Payload 740 Integration with Directory Servers 740 Language Support 741 Financial Considerations Are
Important 741 Scalability and Usability 741 Performance Issues 742 Reporting Is a Critical Requirement 742 Bandwidth Usage 742
Contents
Precision Percentage and Recall 742 9. Related Products 743
10. Conclusion 743
43. Data Loss Protection 745
Ken Perkins
1. 2. 3. 4. 5.
6. 7.
8.
9.
10.
Precursors of DLP What is DLP? Where to Begin? Data is Like Water You Don't Know What You Don't Know Precision versus Recall How Do DLP Applications Work? Eat Your Vegetables Data in Motion Data at Rest Data in Use It's a Family Affair, Not Just it Security's Problem Vendors, Vendors Everywhere! Who Do You Believe? Conclusion
Part VI11 Appenc I ices
747 748 753 754
755 756 756 757 757 758 758
760
762 762
6. Previous Logon Information Configuration Security Considerations
Appendix В Security Management and Resiliency
John R. Vacca
Appendix С List of Top Security Implementation and Deployment Companies
List of SAN Implementation and Deployment Companies
SAN Security Implementation and Deployment Companies:
Appendix D List of Security Products
Security Software
Appendix E List of Security Standards
773 774 774
775
Appendix F List of Miscellaneous Security Resources
777
778
778
781 781
783
785
Appendix A Configuring Authentication Service on Microsoft Windows Vista
John R. Vacca
1. Backup and Restore of Stored Usernames and Passwords Automation and Scripting Security Considerations
2. Credential Security Service Provider and SSO for Terminal Services Logon Requirements Configuration Security Considerations
3. TLS/SSL Cryptographic Enhancements AES Cipher Suites ECC Cipher Suites Schannel CNG Provider Model Default Cipher Suite Preference Previous Cipher Suites
4. Kerberos Enhancements AES Read-Only Domain Controller
and Kerberos Authentication 5. Smart Card Authentication Changes
Additional Changes to Common Smart Card Logon Scenarios
1
T ^ " r™ 765
765 765 765
765 766 766 766
766 766 767 768 769 769 769 769
770 770
771
Conferences Consumer Information Directories Help and Tutorials Mailing Lists News and Media Organizations Products and Tools Research Content Filtering Links Other Logging Resources
Appendix G Ensuring Built-in Frequency Hopping Spread Spectrum Wireless Network Security
Accomplishment Background Additional Information
Appendix H Configuring Wireless Internet Security Remote Access
Adding the Access Points as RADIUS Clients to IAS
Adding Access Points to the first IAS Server
785 785 786 786 786 787 787 788 790 791 791
793 793 793 793
795
795
795
Contents
Scripting the Addition of Access Points to Appendix I Frequently Asked IAS Server (Alternative Procedure) 795 Ouestions 7 9 9
Configuring the Wireless Access Points 796 Enabling Secure WLAN Authentication A ,. . _ . „л „
on Access Points 796 Appendix) Glossary 801 Additional Settings to Secure
Wireless Access Points 797 Index 8 1 7 Replicating RADIUS Client Configuration
to Other IAS Servers 798