Home Page Icon
Home Page
Table of Contents for
Thinking Security: Stopping Next Year’s Hackers
Close
Thinking Security: Stopping Next Year’s Hackers
by Steven M. Bellovin
Thinking Security: Stopping Next Year’s Hackers
About This eBook
Title Page
Copyright Page
Dedication Page
Contents
Preface
Protecting the Right Things
Doing the Right Thing
Security: Not Too Big, Not Too Small, Just Right
A Guide to the Perplexed
A Note on Link Rot
Acknowledgments
Part I: Defining the Problem
Chapter 1. Introduction
1.1 Changes
1.2 Adapting to Change
1.3 Security Analysis
1.4 A Few Words on Terminology
Chapter 2. Thinking About Security
2.1 The Security Mindset
2.2 Know Your Goals
2.3 Security as a Systems Problem
2.4 Thinking Like the Enemy
Chapter 3. Threat Models
3.1 Who’s Your Enemy?
3.2 Classes of Attackers
3.3 Advanced Persistent Threats
3.4 What’s at Risk?
3.5 The Legacy Problem
Part II: Technologies
Chapter 4. Antivirus Software
4.1 Characteristics
4.2 The Care and Feeding of Antivirus Software
4.3 Is Antivirus Always Needed?
4.4 Analysis
Chapter 5. Firewalls and Intrusion Detection Systems
5.1 What Firewalls Don’t Do
5.2 A Theory of Firewalls
5.3 Intrusion Detection Systems
5.4 Intrusion Prevention Systems
5.5 Extrusion Detection
5.6 Analysis
Chapter 6. Cryptography and VPNs
6.1 Cryptography, the Wonder Drug
6.2 Key Distribution
6.3 Transport Encryption
6.4 Object Encryption
6.5 VPNs
6.6 Protocol, Algorithm, and Key Size Recommendations
6.7 Analysis
Chapter 7. Passwords and Authentication
7.1 Authentication Principles
7.2 Passwords
7.3 Storing Passwords: Users
7.4 Password Compromise
7.5 Forgotten Passwords
7.6 Biometrics
7.7 One-Time Passwords
7.8 Cryptographic Authentication
7.9 Tokens and Mobile Phones
7.10 Single-Sign-On and Federated Authentication
7.11 Storing Passwords: Servers
7.12 Analysis
Chapter 9. Wireless Access
9.1 Wireless Insecurity Myths
9.2 Living Connected
9.3 Living Disconnected
9.4 Smart Phones, Tablets, Toys, and Mobile Phone Access
9.5 Analysis
Chapter 10. Clouds and Virtualization
10.1 Distribution and Isolation
10.2 Virtual Machines
10.3 Sandboxes
10.4 The Cloud
10.5 Security Architecture of Cloud Providers
10.6 Cloud Computing
10.7 Cloud Storage
10.8 Analysis
Part III: Secure Operations
Chapter 11. Building Secure Systems
11.1 Correct Coding
11.2 Design Issues
11.3 External Links
11.4 Trust Patterns
11.5 Legacy Systems
11.6 Structural Defenses
11.7 Security Evaluations
Chapter 12. Selecting Software
12.1 The Quality Problem
12.2 Selecting Software Wisely
Chapter 13. Keeping Software Up to Date
13.1 Holes and Patches
13.2 The Problem with Patches
13.3 How to Patch
Chapter 14. People
14.1 Employees, Training, and Education
14.2 Users
14.3 Social Engineering
14.4 Usability
14.5 The Human Element
Chapter 15. System Administration
15.1 Sysadmins: Your Most Important Security Resource
15.2 Steering the Right Path
15.3 System Administration Tools and Infrastructure
15.4 Outsourcing System Administration
15.5 The Dark Side Is Powerful
Chapter 16. Security Process
16.1 Planning
16.2 Security Policies
16.3 Logging and Reporting
16.4 Incident Response
Part IV: The Future
Chapter 17. Case Studies
17.1 A Small Medical Practice
17.2 An E-Commerce Site
17.3 A Cryptographic Weakness
17.4 The Internet of Things
Chapter 18. Doing Security Properly
18.1 Obsolescence
18.2 New Devices
18.3 New Threats
18.4 New Defenses
18.5 Thinking about Privacy
18.6 Putting It All Together
References
Index
Credits
Colophon
Code Snippets
Search in book...
Toggle Font Controls
Playlists
Add To
Create new playlist
Name your new playlist
Playlist description (optional)
Cancel
Create playlist
Sign In
Email address
Password
Forgot Password?
Create account
Login
or
Continue with Facebook
Continue with Google
Sign Up
Full Name
Email address
Confirm Email Address
Password
Login
Create account
or
Continue with Facebook
Continue with Google
Prev
Previous Chapter
Colophon
Next
Next Chapter
Thinking Security: Stopping Next Year’s Hackers
Add Highlight
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click
here
login for view all page.
Day Mode
Cloud Mode
Night Mode
Reset