Available:*
Library | Item Barcode | Call Number | Material Type | Item Category 1 | Status |
|---|---|---|---|---|---|
Searching... | 30000004876607 | TK5105.875.I57 O67 2002 | Open Access Book | Book | Searching... |
Searching... | 30000010020084 | TK5105.875.I57 O67 2002 | Open Access Book | Book | Searching... |
On Order
Summary
Summary
This extensively revised, new edition of the 1998 Artech House classic, Internet and Intranet Security, offers professionals an up-to-date and comprehensive understanding of the technologies that are available to secure TCP/IP-based networks, such as corporate intranets or the Internet, and their associated applications. It addresses firewall technologies to help practitioners provide access control service, and discusses the cryptographic protocols used to provide today's communication security services.
Author Notes
Rolf Oppliger received his M.Sc. and Ph.D. in Computer Science from the University of Berne, Switzerland, and the Venia Legendi in Computer Science from the University of Zürich, Switzerland.
Oppliger is the founder and owner of eSECURITY Technologies Rolf Oppliger (www.esecurity.ch) and works for the Swiss Federal Strategy Unit for Information Technology (FSUIT) . He is also the author of Security Technologies for the World Wide Web (Artech House, 1999) , Internet and Intranet Security (Artech House, 1998), and Authentication Systems for Secure Networks (Artech House, 1996). Dr. Oppliger is the computer security series editor at Artech House.
050
Table of Contents
| Preface | p. xv |
| References | p. xxi |
| Acknowledgments | p. xxiii |
| I Fundamentals | p. 1 |
| 1 Terminology | p. 3 |
| References | p. 10 |
| 2 TCP/IP Networking | p. 11 |
| 2.1 History and Development | p. 12 |
| 2.2 Internet | p. 15 |
| 2.3 Internet Standardization | p. 17 |
| 2.4 Internet Model | p. 35 |
| References | p. 52 |
| 3 Attacks | p. 55 |
| 3.1 Passive Attacks | p. 56 |
| 3.2 Active Attacks | p. 58 |
| References | p. 66 |
| 4 OSI Security Architecture | p. 69 |
| 4.1 Introduction | p. 69 |
| 4.2 Security Services | p. 72 |
| 4.3 Security Mechanisms | p. 75 |
| 4.4 Security Management | p. 78 |
| References | p. 79 |
| 5 Cryptographic Techniques | p. 81 |
| 5.1 Introduction | p. 81 |
| 5.2 Cryptographic Hash Functions | p. 84 |
| 5.3 Secret Key Cryptography | p. 87 |
| 5.4 Public Key Cryptography | p. 90 |
| 5.5 Digital Envelopes | p. 98 |
| 5.6 Protection of Cryptographic Keys | p. 101 |
| 5.7 Generation of Pseudorandom Bit Sequences | p. 102 |
| 5.8 Legal Issues | p. 103 |
| 5.9 Notation | p. 107 |
| References | p. 109 |
| 6 Authentication and Key Distribution | p. 111 |
| 6.1 Authentication | p. 111 |
| 6.2 Key Distribution | p. 119 |
| References | p. 122 |
| II Access Control | p. 125 |
| 7 Overview | p. 127 |
| 7.1 Introduction | p. 128 |
| 7.2 Basic Components | p. 133 |
| 7.3 Sources for Further Information | p. 139 |
| References | p. 140 |
| 8 Packet Filtering | p. 141 |
| 8.1 Introduction | p. 141 |
| 8.2 Packet-Filtering Rules | p. 145 |
| 8.3 Packet-Filtering Products | p. 151 |
| 8.4 Stateful Inspection | p. 156 |
| 8.5 Conclusions | p. 157 |
| References | p. 160 |
| 9 Circuit-Level Gateways | p. 161 |
| 9.1 Introduction | p. 161 |
| 9.2 SOCKS | p. 163 |
| 9.3 Conclusions | p. 168 |
| References | p. 169 |
| 10 Application-Level Gateways | p. 171 |
| 10.1 Introduction | p. 171 |
| 10.2 User Authentication and Authorization | p. 175 |
| 10.3 Proxy Servers | p. 177 |
| 10.4 Conclusions | p. 178 |
| References | p. 180 |
| 11 Firewall Configurations | p. 181 |
| 11.1 Dual-Homed Firewall Configurations | p. 181 |
| 11.2 Screened Host Firewall Configurations | p. 185 |
| 11.3 Screened Subnet Firewall Configurations | p. 186 |
| 11.4 Network Address Translation | p. 188 |
| 11.5 Protection Against Denial of Service | p. 190 |
| 11.6 Firewall Certification | p. 192 |
| References | p. 193 |
| 12 Conclusions and Outlook | p. 195 |
| References | p. 201 |
| III Communication Security | p. 203 |
| 13 Network Access Layer Security Protocols | p. 205 |
| 13.1 Introduction | p. 205 |
| 13.2 Layer 2 Forwarding Protocol | p. 209 |
| 13.3 Point-to-Point Tunneling Protocol | p. 210 |
| 13.4 Layer 2 Tunneling Protocol | p. 218 |
| 13.5 Conclusions | p. 219 |
| References | p. 220 |
| 14 Internet Layer Security Protocols | p. 223 |
| 14.1 Previous Work | p. 224 |
| 14.2 IETF Standardization | p. 226 |
| 14.3 IP Security Architecture | p. 227 |
| 14.4 IPsec Protocols | p. 230 |
| 14.5 Key Management Protocols | p. 236 |
| 14.6 Implementations | p. 245 |
| 14.7 Conclusions | p. 246 |
| References | p. 247 |
| 15 Transport Layer Security Protocols | p. 251 |
| 15.1 Previous Work | p. 251 |
| 15.2 SSL Protocol | p. 252 |
| 15.3 TLS Protocol | p. 269 |
| 15.4 Firewall Tunneling | p. 274 |
| 15.5 Conclusions | p. 277 |
| References | p. 279 |
| 16 Application Layer Security Protocols | p. 283 |
| 16.1 Security-Enhanced Application Protocols | p. 284 |
| 16.2 Authentication and Key Distribution Systems | p. 295 |
| 16.3 Conclusions | p. 307 |
| References | p. 308 |
| 17 Message Security Protocols | p. 313 |
| 17.1 Introduction | p. 313 |
| 17.2 Secure Messaging Protocols | p. 314 |
| 17.3 Conclusions | p. 325 |
| References | p. 326 |
| 18 Conclusions and Outlook | p. 329 |
| Reference | p. 333 |
| IV Discussion | p. 335 |
| 19 Public Key Infrastructures | p. 337 |
| 19.1 Introduction | p. 337 |
| 19.2 Public Key Certificates | p. 339 |
| 19.3 Attribute Certificates | p. 342 |
| 19.4 IETF PKIX WG | p. 345 |
| 19.5 Certificate Revocation | p. 348 |
| 19.6 Conclusions | p. 352 |
| References | p. 356 |
| 20 Electronic Commerce | p. 361 |
| References | p. 366 |
| 21 Risk Management | p. 369 |
| 21.1 Introduction | p. 369 |
| 21.2 Formal Risk Analysis | p. 371 |
| 21.3 Alternative Approaches and Technologies | p. 373 |
| 21.4 Conclusions | p. 375 |
| References | p. 376 |
| Epilogue | p. 379 |
| References | p. 381 |
| Abbreviations and Acronyms | p. 383 |
| About the Author | p. 393 |
| Index | p. 395 |
