Computer and Information Security Handbook - Willkommen

Foreword Preface Acknowledgments About the Editor Contributors XXI xxiii xxv ii xxix xxxi Parti Overview of System and Network Security: A Comprehensi...

6 downloads 828 Views 5MB Size
Computer and Information Security Handbook

Edited by John R. Vacca

ШШШ

ЗИЯШР^ ^^НЯЯ •jfciflliWfcE c , „ n , , r D El^oilVlllK

AMSTERDAM • BOSTON • HEIDELBERG • LONDON • NEW YORK OXFORD • PARIS • SAN DIEGO • SAN FRANCISCO SINGAPORE • SYDNEY • TOKYO Morgan Kaufmann Publishers is an imprint of Elsevier

| W l В ^ ^ И

fЖ IV^I

MORGAN K A U F M A N N PUBLISHERS

Foreword Preface Acknowledgments About the Editor Contributors

2.

Famous Cryptographic Devices The Lorenz Cipher Enigma 3. Ciphers The Substitution Cipher The Shift Cipher The Polyalphabetic Cipher The Kasiski/Kerckhoff Method 4. Modern Cryptography The Vernam Cipher (Stream Cipher) The One-Time Pad Cracking Ciphers The XOR Cipher and Logical Operands Block Ciphers 5. The Computer Age Data Encryption Standard Theory of Operation Implementation Rivest, Shamir, and Adleman (RSA) Advanced Encryption Standard (AES or Rijndael)

XXI

xxiii xxv ii xxix xxxi

Parti Overview of System and Network Security: A Comprehensive Introduction 1.

Building a Secure Organization John Mallery 1.

Obstacles to Security 3 Security Is Inconvenient 3 Computers Are Powerful and Complex 3 Computer Users Are Unsophisticated 4 Computers Created Without a Thought to Security 4 Current Trend Is to Share, Not Protect 4 Data Accessible from Anywhere 4 Security Isn't About Hardware and Software 5 5 The Bad Guys Are Very Sophisticated Management Sees Security as a Drain 5 on the Bottom Line 2. Ten Steps to Building a Secure Organization 6 6 A. Evaluate the Risks and Threats B. Beware of Common Misconceptions 8 С Provide Security Training for 9 IT Staff—Now and Forever D. Think "Outside the Box" 10 E. Train Employees: Develop a Culture of Security 12 F. Identify and Utilize Built-in Security Features of the Operating System and Applications 14 16 G. Monitor Systems 17 H. Hire a Third Party to Audit Security 19 I. Don't Forget the Basics 20 J. Patch, Patch, Patch

2.

A Cryptography Primer What is Cryptography? What is Encryption? How Is Cryptography Done?

Preventing System Intrusions

1. 2. 3. 4. 5. 6. 7. 8.

9. 10.

11.

12. 23 24

38

39

Michael West

:23

Scott R. Ellis 1.

•i

24 24 24 25 25 26 29 30 31 31 32 33 34 35 36 36 37 38 38

So, What is an Intrusion? Sobering Numbers Know Your Enemy: Hackers Versus Crackers Motives Tools of the Trade Bots Symptoms of Intrusions What Can You Do? Know Today's Network Needs Network Security Best Practices Security Policies Risk Analysis Vulnerability Testing Audits Recovery Tools of Your Trade Firewalls Intrusion Prevention Systems Application Firewalls Access Control Systems Unified Threat Management Controlling User Access Authentication, Authorization, and Accounting What the User Knows

39 40 40 41 41 42 43 43 44 45 45 46 46 47 47 47 47 47 48 48 49 49 49 49

Contents

13.

What the User Has The User Is Authenticated, But Is She Authorized? Accounting Keeping Current Conclusion

Guarding Against Network Intrusions

50 50 51 51 51

6.

6.

53 56 57 58 59

Unix and Linux Security

67

59 59 60 60 61 62 62 63 63 64 64 64 65 65 65 65 66 66

1.

2.

3.

7.

2.

4.

5.

79

Introduction to Linux and Unix What Is Unix? What Is Linux? System Architecture Hardening Linux and Unix Network Hardening Host Hardening Systems Management Security Proactive Defense for Linux and Unix Vulnerability Assessment Incident Response Preparation Organizational Considerations

Internet Security

79 79 80 82 84 84 88 90 90 90 91 92

93

Jesse Walker Internet Protocol Architecture Communications Architecture Basics Getting More Specific An Internet Threat Model The Dolev-Yao Adversary Model Layer Threats Defending Against Attacks on the Internet Layer Session Defenses Session Startup Defenses Conclusion

Gerald Beuchelt Unix and Security The Aims of System Security Achieving Unix Security Basic Unix Security Traditional Unix Systems Standard File and Device Access Semantics Protecting User Accounts and Strengthening Authentication Establishing Secure Account Use The Unix Login Process Controlling Account Access Noninteractive Access Other Network Authentication Mechanisms Risks of Trusted Hosts and Networks Replacing Telnet, rlogin, and FTP Servers and Clients with SSH Reducing Exposure to Threats by Limiting Superuser Privileges Controlling Root Access

76

Mario San tana

1. Traditional Reconnaissance and Attacks 2. Malicious Software Lures and "Pull" Attacks 3. Defense in Depth 4. Preventive Measures Access Control Vulnerability Testing and Patching Closing Ports Firewalls Antivirus and Antispyware Tools Spam Filtering Honeypots Network Access Control Intrusion Monitoring and Detection Host-Based Monitoring Traffic Monitoring Signature-Based Detection Behavior Anomalies Intrusion Prevention Systems 6. Reactive Measures Quarantine Traceback 7. Conclusions

1.

76

Eliminating the Security Weakness of Linux and Unix Operating

Systems

53

Tom Chen and Patrick J. Walsh

5.

Safeguarding Vital Data by Securing Local and Network File Systems Directory Structure and Partitioning for Security

93 94 95 100 101 101 105 106 113 117

67 67 67 68 68

69 71 71 71 71 72 73 73 73 74 74

8.

The Botnet Problem

119

Xinyuan Wang and Daniel Ramsbrock Introduction Botnet Overview Origins of Botnets Botnet Topologies and Protocols 3. Typical Bot Life Cycle 4. The Botnet Business Model 5. Botnet Defense Detecting and Removing Individual Bots Detecting C&C Traffic Detecting and Neutralizing the C&C Servers Attacking Encrypted C&C Channels Locating and Identifying the Botmaster Botmaster Traceback Traceback Challenges

119 120 120 120 122 123 124 124 125 125 126 128 128 129

7.

Traceback Beyond the Internet Summary

Intranet Security

18.

130 132

19. 20. 21.

133

Bill Mansoor 1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. 13. 14.

Plugging the Gaps: NAC and Access Control Measuring Risk: Audits Guardian at the Gate: Authentication and Encryption Wireless Network Security Shielding the Wire: Network Protection Weakest Link in Security: User Training Documenting the Network: Change Management Rehearse the Inevitable: Disaster Recovery Controlling Hazards: Physical and Environmental Protection Know Your Users: Personnel Security Protecting Data Flow: Information and System Integrity Security Assessments Risk Assessments Conclusion

Local Area Network Security

22. 23. 24.

136 137 138 139 141 142

11.

2. 3. 4. 5. 6. 7. 8. 9. 10. 11.

12.

13. 14. 15. 16. 17.

Identify network threats Disruptive Unauthorized Access Establish Network Access Controls Risk Assessment Listing Network Resources Threats Security Policies The Incident-handling Process Secure Design Through Network Access Controls Ids Defined NIDS: Scope and Limitations A Practical Illustration of NIDS UDP Attacks TCP SYN (Half-Open) Scanning Some Not-So-Robust Features of NIDS Firewalls Firewall Security Policy Configuration Script for sf Router Dynamic Nat Configuration The Perimeter Access List Details Types of Firewalls Packet Filtering: IP Filtering Routers

Wireless Network Security

142

Chunming Rong and Erdal Cayirci

143

1.

145 146 146 147 148 148

149

Dr. Pramod Pandya 1.

Application-layer Firewalls: Proxy Servers Stateful Inspection Firewalls NIDS Complements Firewalls Monitor and Analyze System Activities Analysis Levels Signature Analysis Statistical Analysis Signature Algorithms Pattern Matching Stateful Pattern Matching Protocol Decode-based Analysis Heuristic-Based Analysis Anomaly-Based Analysis

150 150 150 150 151 151 151 151 152 152 153 154 154 154 155 156 158 159 160 160 160 162 162 162

12.

163 163 163 163 164 164 164 164 164 165 165 166 166

169

Cellular Networks Cellular Telephone Networks 802.11 Wireless LANs 2. Wireless Ad Hoc Networks Wireless Sensor Networks Mesh Networks 3. Security Protocols WEP WPA and WPA2 SPINS: Security Protocols for Sensor Networks 4. Secure Routing SEAD Ariadne ARAN SLSP 5. Key Establishment Bootstrapping Key Management References

169 170 170 171 171 171 172 172 173 173 175 175 176 176 177 177 177 178 181

Cellular Network Security

183

Peng Liu, Thomas F. LaPorta and Kameswari Kotapati 1. 2.

Introduction Overview of Cellular Networks Overall Cellular Network Architecture Core Network Organization Call Delivery Service 3. The State of the Art of Cellular Network Security Security in the Radio Access Network Security in Core Network Security Implications of Internet Connectivity Security Implications of PSTN Connectivity

183 184 184 185 185 186 186 187 188 188

Contents

4.

Cellular Network Attack Taxonomy Abstract Model Abstract Model Findings Three-Dimensional Attack Taxonomy 5. Cellular Network Vulnerability Analysis Cellular Network Vulnerability Assessment Toolkit (CAT) Advanced Cellular Network Vulnerability Assessment Toolkit (aCAT) Cellular Network Vulnerability Assessment Toolkit for evaluation (eCAT) 6. Discussion References

13.

RFID Security

189 189 189 192 193 195

198

199 201 202

205

Chunming Rong and Erdal Cayirci 1.

RFID Introduction RFID System Architecture RFID Standards RFID Applications 2. RFID Challenges Counterfeiting Sniffing Tracking Denial of Service Other Issues Comparison of All Challenges 3. RFID Protections Basic RFID System RFID System Using Symmetric-Key Cryptography RFID System Using Public-key Cryptography References

205 205 207 208 209 209 209 209 210 210 212 212 212

14.

Information Security Essentials for IT Managers, Protecting Mission-Critical Systems

15.

251 251 252

Security Management Systems

255

1. 2. 3. 4. 5. 6. 7. 8. 9. 10.

217 219

16.

Information Security Essentials for IT Managers, Overview Scope of Information Security Management CISSPTen Domains of Information Security What is a Threat? Common Attacks

236 236 237 239 241 242 246 247 248 249 250

Security Management System Standards Training Requirements Principles of Information Security Roles and Responsibilities of Personnel Security Policies Security Controls Network Access Risk Assessment Incident Response Summary

255 256 256 256 256 257 257 257 258 258

Information Technology Security Management 259 Rahul Bhaskerand Bhushan Kapoor

125

1.

Albert Caballero 1.

231 231 231 231 233 233

Voe Wright and Jim Harmening

215

Part II Managing Information Security

Impact of Security Breaches Protecting Mission-critical Systems Information Assurance Information Risk Management Defense in Depth Contingency Planning 3. Information Security from the Ground Up Physical Security Data Security Systems and Network Security Business Communications Security Wireless Security Web and Application Security Security Policies and Procedures Security Employee Training and Awareness 4. Security Monitoring and Effectiveness Security Monitoring Mechanisms Incidence Response and Forensic Investigations Validating Security Effectiveness References 2.

225 225 225 227 228

2.

3.

Information Security Management Standards Federal Information Security Management Act International Standards Organization Other Organizations Involved in Standards Information Technology security aspects Security Policies and Procedures IT Security Processes Conclusion

259 259 260 260 260 261 263 267

ents

Identity Management

269

Dr. Jean-Marc Seigneur and Dr. Tewfiq El Malika Introduction Evolution of Identity Management Requirements Digital Identity Definition Identity Management Overview Privacy Requirement User-Centricity Usability Requirement The Requirements Fulfilled by Current Identity Management Technologies Evolution of Identity Management Identity 2.0 Identity 2.0 for Mobile Users Mobile Web 2.0 Mobility Evolution of Mobile Identity The Future of Mobile User-Centric Identity Management in an Ambient Intelligence World Research Directions Conclusion

Intrusion Prevention and Detection Systems

19.

Computer Forensics Scott R. Ellis

269 269 270 270 272 272 273

1 2

3 4 5

274 274 278 286 286 287 287

290 292 292

293

Christopher Day 1.

2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. 13. 14. 15. 16. 17.

What is an "Intrusion," Anyway? Physical Theft Abuse of Privileges (The Insider Threat) Unauthorized Access by an Outsider Malware Infection The Role of the "0-day" The Rogue's Gallery: Attackers and Motives A Brief Introduction to TCP/IP The TCP/IP data Architecture and Data Encapsulation Survey of Intrusion Detection and Prevention Technologies Anti-Malware Software Network-based Intrusion Detection Systems Network-based Intrusion Prevention Systems Host-based Intrusion Prevention Systems Security Information Management Systems Network Session Analysis Digital Forensics System Integrity Validation Putting it all Together

307

293 293 293 294 294 295

5, 6

296 297 298 300 301 302 7. 303 304 304 304 305 306 306

8

What is Computer Forensics? Analysis of Data Computer Forensics and Ethics, Green Home Plate Gallery View Database Reconstruction Computer Forensics in the Court System Understanding Internet History Temporary Restraining Orders and Labor Disputes Divorce Patent I nfri ngement When to Acquire, When to Capture Acquisition Creating Forensic Images Using Software and Hardware Write Blockers Live Capture of Relevant Files Redundant Array of Independent (or Inexpensive) Disks (RAID) File System Analyses NTFS The Role of the Forensic Examiner in Investigations and File Recovery Password Recovery File Carving Things to Know: How Time stamps Work Experimental Evidence Email Headers and Time stamps, Email Receipts, and Bounced Messages Steganography "Covered Writing" First Principles Hacking a Windows XP Password Net User Password Hack Lanman Hashes and Rainbow Tables Password Reset Disk Memory Analysis and the Trojan Defense User Artifact Analysis Recovering Lost and Deleted Files Email Internet History Network Analysis Protocols Analysis Computer Forensics Applied Tracking. Inventory, Location of Files, Paperwork, Backups, and So On Testimonial Experience Needed Job Description, Technologist

307 308 309 310 310 312 312 313 313 313

313 314 314 314 315

315 317 318 320 321

322 324 325 325 325 325 326 326 326 327 327 327 328 328 328 329

329 329 329 329

Contents

Job Description Management Commercial Uses Solid Background Education/Certification Programming and Experience Publications 9. Testifying as an Expert Degrees of Certainty Certainty Without Doubt 10. Beginning to End in Court Defendants, Plaintiffs, and Prosecutors Pretrial Motions Trial: Direct and Cross-Examination Rebuttal Surrebuttal Testifying: Rule 702. Testimony by Experts Correcting Mistakes: Putting Your Head in the Sand

Network Forensics

330 330 330 330 331 331 332 332 334 334

Two-Router Configuration Dual-Homed Host Network Configuration Summary 11. Firewall Installation and Configuration 12. Supporting Outgoing Services Through Firewall Configuration Forms of State Payload Inspection 13. Secure External Services Provisioning 14. Network Firewalls for Voice and Video Applications Packet Filtering H.323 15. Firewalls and Important Administrative Service Protocols Routing Protocols Internet Control Message Protocol Network Time Protocol Central Log File Management Dynamic Host Configuration Protocol 16. Internal IP Services Protection 17. Firewall Remote Access Configuration 18. Load Balancing and Firewall Arrays Load Balancing in Real Life How to Balance the Load Advantages and Disadvantages of Load Balancing 19. Highly Available Firewalls Load Balancer Operation Interconnection of Load Balancers and Firewalls 20. Firewall Management 21. Conclusion

334 335 335 335 335 335 336

339

Yong Guan 1. Scientific Overview 2. The Principles of Network Forensics 3. Attack Traceback and Attribution IP Traceback Stepping-Stone Attack Attribution 4. Critical Needs Analysis 5. Research Directions VoIP Attribution

Firewalls

339 340 341 341 344 346 346 346

349

Dr. Errin W. Fulp 1. 2.

Network Firewalls Firewall Security Policies Rule-Match Policies 3. A Simple Mathematical Model for Policies, Rules, and Packets 4. First-match Firewall Policy Anomalies 5. Policy Optimization Policy Reordering Combining Rules Default Accept or Deny? 6. Firewall Types Packet Filter Stateful Packet Firewalls Application Layer Firewalls 7. Host and Network Firewalls 8. Software and Hardware Firewall Implementations 9. Choosing the Correct Firewall 10. Firewall Placement and Network Topology Demilitarized Zones Perimeter Networks

349 350 351 351 352 352 352 353 353 353 354 354 354 355

22.

Penetration Testing

357 358 358 358 359 359 360 X' 360 360 361 361 361 362 362 362 363 363 364 365 365 365 366 366 366 366 367 367

369

Sanjay Bavisi 1. 2. 3. 4.

5. 6. 7.

355 355

8.

356 357 357

9. 10. 11.

What is Penetration Testing? How does Penetration Testing Differ from an Actual "Hack?" Types of Penetration Testing Phases of Penetration Testing The Pre-Attack Phase The Attack Phase The Post-Attack Phase Defining What's Expected The Need for a Methodology Penetration Testing Methodologies Methodology in Action EC-Council LPT Methodology Penetration Testing Risks Liability Issues Legal Consequences

369 370 371 373 373 373 373 374 375 375 376 376 378 378 379

Contents

12. 13. 14. 15. 16. 17.

18.

23.

XIII

"Get out of jail free" Card Penetration Testing Consultants Required Skill Sets Accomplishments Hiring a Penetration Tester Why Should a Company Hire You? Qualifications Work Experience Cutting-Edge Technical Skills Communication Skills Attitude Team Skills Company Concerns All's Well that Ends Well

What Is Vulnerability Assessment?

379 379 380 380 380 381 381 381 381 381 381 381 381 382

383

Almantas Kakareka 1. Reporting 2. The "It Won't Happen to Us" Factor 3. Why Vulnerability Assessment? 4. Penetration Testing Versus Vulnerability Assessment 5. Vulnerability Assessment Goal 6. Mapping the Network 7. Selecting the Right Scanners 8. Central Scans Versus Local Scans 9. Defense in Depth Strategy 10. Vulnerability Assessment Tools Nessus GFI LANguard Retina Core Impact ISS Internet Scanner X-Scan Sara QualysGuard SAINT MBSA 11. Scanner Performance 12. Scan Verification 13. Scanning Cornerstones 14. Network Scanning Countermeasures 15. Vulnerability Disclosure Date Find Security Holes Before They Become Problems 16. Proactive Security Versus Reactive Security 17. Vulnerability Causes Password Management Flaws Fundamental Operating System Design Flaws Software Bugs Unchecked User Input 18. DIY Vulnerability Assessment 19. Conclusion

383 383 384 384 385 385 386 387 388 388 388 389 389 389 389 389 389 389 389 389 390 390 390 390 391 391 392 392 392 392 392 392 393 393

Part III Encryption Technology 24.

Data Encryption

397

Dr. Bhushan Kapoor and Dr. Pramod Pandya Need for Cryptography Authentication Confidentiality Integrity Nonrepudiation Mathematical Prelude to Cryptography Mapping or Function Probability Complexity Classical Cryptography The Euclidean Algorithm The Extended Euclidean Algorithm Modular Arithmetic Congruence Residue Class Inverses Fundamental Theorem of Arithmetic Congruence Relation Defined Substitution Cipher Transposition Cipher Modern Symmetric Ciphers S-Box P-Boxes Product Ciphers Algebraic Structure Definition Group Definitions of Finite and Infinite Groups (Order of a Group) Definition Abelian Group Examples of a Group Definition: Subgroup Definition: Cyclic Group Rings Definition: Field Finite Fields GF(2n) Modular Polynomial Arithmetic Over CF(2) Using a Generator to Represent the Elements of GF(2n) GF(23) Is a Finite Field The Internal Functions of Rijndael in AES Implementation Mathematical Preliminaries State Use of Modern Block Ciphers The Electronic Code Book (ECB) Cipher-Block Chaining (CBC) Public-key Cryptography Review: Number Theory Cryptanalysis of RSA Factorization Attack

398 398 398 398 398 398 398 398 398 399 399 399 399 400 400 400 400 401 401 402 402 403 403 404 404 404 404 404 404 405 405 405 405 405 406 406 407 407 408 408 412 412 412 412 412 416 416

Con tents

ю. Diffie-Hellman Algorithm п . Elliptic Curve Cryptosystems

An Example Example of Elliptic Curve Addition EC Security 12. Message Integrity and Authentication Cryptographic Hash Functions Message Authentication Digital Signature Message Integrity Uses a Hash Function in Signing the Message RSA Digital Signature Scheme RSA Digital Signature and the Message Digest 13. Summary References

25.

Satellite Encryption

417 417 418 418 419

10. 11.

419 419 420 420

12. 13. 14. 15. 16.

420 420 420 421 421

17.

423

Daniel S. Soper

27.

1.

The Need for Satellite Encryption

423

2.

Satellite Encryption Policy

425

3.

Implementing Satellite Encryption General Satellite Encryption Issues Uplink Encryption Extraplanetary Link Encryption Downlink Encryption

426 426 428 428 429

Instant-Messaging Security

26.

Public Key Infrastructure

2. 3. 4.

430

433

5.

Terence Süies 1.

Cryptographic Background Digital Signatures Public Key Encryption 2. Overview of PKI 3. The X.509 Model The History of X.509 The X.509 Certificate Model 4. X.509 Implementation Architectures 5. X.509 Certificate Validation Validation Step 1: Construct the Chain and Validate Signatures Validation Step 2: Check Validity Dates, Policy and Key Usage Validation Step 3: Consult Revocation Authorities 6. X.509 Certificate Revocation Online Certificate Status Protocol 7. Server-based Certificate Validity Protocol 8. X.509 Bridge Certification Systems Mesh PKIs and Bridge CAs 9. X.509 Certificate Format X.509 V1 andV2 Format

433 433 434 435 436 436 436 437 439

6.

439 439 440 440 441 442 443 443 444 445

445 445 446 446 447 448 448 448 448 449 449 449 450 450 450 450 450 450

453

Samuel J.J. Curry 1.

4. The Future of Satellite Encryption

X.509 V3 Format X.509 Certificate Extensions Policy Extensions Certificate Policy PKI Policy Description PKI Standards Organizations IETF PKIX SDSI/SPKI IETF OpenPGP PGP Certificate Formats PGP PKI Implementations W3C Alternative PKI Architectures Modified X.509 Architectures Perlman and Kaufman's User-Centric PKI Gutmann's Plug and Play PKI Callas's Self-Assembling PKI Alternative Key Management Models

7. 8.

Why Should I Care About Instant Messaging? What is Instant Messaging? The Evolution of Networking Technologies Game Theory and Instant Messaging Your Workforce Generational Gaps Transactions The Nature of the Threat Malicious Threat Vulnerabilities Man-in-the-Middle Attacks Phishing and Social Engineering Knowledge Is the Commodity Data and Traffic Analysis Unintentional Threats Regulatory Concerns Common IM Applications Consumer Instant Messaging Enterprise Instant Messaging Instant-Messaging Aggregators Backdoors: Instant Messaging Via Other Means (HTML) Mobile Dimension Defensive Strategies Instant-messaging Security Maturity and Solutions Asset Management Built-in Security Content Filtering Classic Security Compliance Data Loss Prevention

Logging Archival

453 453 454 455 455 456 457 457 458 459 459 459 459 460 460 461 461 461 461 462 462 462 462 463 463 463 463 463 464 464 464 464

on tents

9.

10.

Processes Instant-Messaging Activation and Provisioning Application Review People Revise Audit Conclusion Example Answers to Key Factors

464

Approach for Obtaining Near Well-Formed Privacy Policies 6. The Privacy Management Model How Privacy Policies Are Used Personal Privacy Policy Negotiation Personal Privacy Policy Compliance 7. Discussion and Related Work 8. Conclusions and Future Work

464 464 464 464 464 465 466

30.

NET Privacy

History Who is in Charge? VPN Types IPsec L2TP L2TPv3 L2F PPTPVPN MPLS MPVPN™ SSH SSL-VPN TLS 4. Authentication Methods Hashing HMAC MD5 SHA-1 5. Symmetric Encryption 6. Asymmetric Cryptography 7. Edge Devices 8. Passwords 9. Hackers and Crackers

469

Marco Cremonini, Chiara Braghin and Claudio Agostino Ardagna

5.

29.

Privacy in the Digital Society The Origins, The Debate Privacy Threats The Economics of Privacy The Value of Privacy Privacy and Business Privacy-Enhancing Technologies Languages for Access Control and Privacy Preferences Data Privacy Protection Privacy for Mobile Environments Network Anonymity Onion Routing Anonymity Services Conclusion

Personal Privacy Policies

507

Jim Harmening and Joe Wright

Part IV Privacy and Access Management 28.

Virtual Private Networks

497 497 497 499 502 502 505

469 469 471 474 474 475 476 476 478 480 482 483 484 485

487 31.

Identity Theft

508 511 512 512 512 513 513 513 514 514 514 514 514 515 515 515 515 515 516 516 516 516 517

519

Dr. George Yee and Larry Korba 1. 2.

3.

4.

5.

Introduction Content of Personal Privacy Policies Privacy Legislation and Directives Requirements from Privacy Principles Privacy Policy Specification Semiautomated Derivation of Personal Privacy Policies An Example Retrieval from a Community of Peers Specifying Well-formed Personal Privacy Policies Unexpected Outcomes Outcomes From the Way the Matching Policy Was Obtained Preventing Unexpected Negative Outcomes Definition 1 Definition 2 Rules for Specifying Near Well-Formed Privacy Policies

487 488 488 488 490 490 492 493 494 494 494 496 496 496 496

Markus Jacobsson and Alex Tsow 1.

Experimental Design Authentic Payment Notification: Plain Versus Fancy Layout Strong Phishing Message: Plain Versus Fancy Layout Authentic Promotion: Effect of Small Footers Weak Phishing Message Authentic Message Login Page Login Page: Strong and Weak Content Alignment Login Page: Authentic and Bogus (But Plausible) URLs Login Page: Hard and Soft Emphasis on Security Bad URL, with and without SSL and Endorsement Logo High-Profile Recall Notice

520 522 525 525 527 528 528 529 532 532 535 535

Contents

2. 3.

32.

Low-Profile Class-Action Lawsuit Results and Analysis Implications for Crimeware Example: Vulnerability of Web-Based Update Mechanisms Example: The Unsubscribe Spam Attack The Strong Narrative Attack

535 535 546

11.

Management Access: Separation of Functions Limit Tool Access Secure Management Interfaces 12. Host Access: Partitioning SJD Checking 13. Data Protection: Replicas Erasure Potential Vulnerabilities and Threats Physical Attacks Management Control Attacks Host Attacks World Wide Name Spoofing Man-in-the-Middle Attacks E-Port Replication Attack Denial-of-Service Attacks Session Hijacking Attacks 15. Encryption in Storage The Process Encryption Algorithms Key Management Configuration Management 16. Application of Encryption Risk Assessment and Management Modeling Threats Use Cases for Protecting Data at Rest Use Considerations Deployment Options 17. Conclusion References

547 547 548

4. Conclusion

548

VoIP Security

551

Dan Wing and Harsh Kupwade Patil 1. 2.

3.

4.

5.

Introduction VoIP Basics Overview of Threats Taxonomy of Threats Reconnaissance of VoIP Networks Denial of Service Loss of Privacy Exploits Security in VoIP Preventative Measures Reactive Future Trends Forking Problem in SIP Security in Peer-to-Peer SIP End-to-End Identity with SBCs Conclusion

551 551 553 553 553 554 555 557 558 558 559 560 560 561 563 564

PartV Storage Security 33.

SAN Security

34. 567

2.

3. 4. 5. 6. 7. 8. 9.

10.

Organizational Structure AAA Restricting Access to Storage Access Control Lists (ACL) and Policies Data Integrity Field (DIF) Physical Access Change Management Password Policies Defense in Depth Vendor Security Review Data Classification Security Management Security Setup Unused Capabilities Auditing Updates Monitoring Security Maintenance

1. What is a SAN? 2. SAN Deployment Justifications 3. The Critical Reasons for SAN Security Why Is SAN Security Important? 4. SAN Architecture and Components SAN Switches 5. SAN General Threats and Issues SAN Cost: A Deterrent to Attackers Physical Level Threats, Issues, and Risk Mitigation Logical Level Threats, Vulnerabilities, and Risk Mitigation 6. Conclusion

567 568 569 570 570 571 571 571 571 571 571 572 572 572 572 572 572 572

581 582 582 588 589

591

Robert Rounsavall

John McGowan, Jeffrey Bardin and John McDonald 1.

Storage Area Networking Devices Security

573 573 573 573 574 574 574 575 575 575 575 576 576 576 577 577 577 577 578 579 580 580 580 580

35.

Risk Management

591 591 592 592 593 593 594 594 594 596 603

605

Sokratis K. Katsikas 1. The Concept of Risk 2. Expressing and Measuring Risk 3. The Risk Management Methodology Context Establishment

606 606 609 609

Contents

5. 6.

Risk Assessment Risk Treatment Risk Communication Risk Monitoring and Review Integrating Risk Management into the System Development Life Cycle Critique of Risk Management as a Methodology Risk Management Methods Risk Management Laws and Regulations Risk Management Standards Summary

610 612 614 614

4.

614 615 616 620 623 625

5.

-50-

Homeland Security

1.

Physical Security Essentials

629

William Stallings 1. 2.

Overview Physical Security Threats Natural Disasters Environmental Threats Technical Threats Human-Caused Physical Threats 3. Physical Security Prevention and Mitigation Measures Environmental Threats Technical Threats Human-Caused Physical Threats 4. Recovery from Physical Security Breaches 5. Threat Assessment, Planning, and Plan Implementation Threat Assessment Planning and Implementation 6. Example: A Corporate Physical Security Policy 7. Integration of Physical and Logical Security References

37.

Biometrics

629 630 630 631 633 634

3.

Relevant Standards Biometrie System Architecture Data Capture Signal Processing Matching Data Storage Decision Adaptation Using Biometrie Systems Enrollment

2.

634 634 635 635

3.

636 636 636 637 637 4.

661

Statutory Authorities The USA PATRIOT Act of 2001 (PL 107-56) The Aviation and Transporation Security Act of 2001 (PL 107-71) Enhanced Border Security and Visa Entry Reform Act of 2002 (PL 107-173) Public Health Security, Bioterrorism Preparedness & Response Act of 2002 (PL 107-188) Homeland Security Act of 2002 (PL 107-296) E-Government Act of 2002 (PL 107-347) Homeland Security Presidential Directives Organizational Actions Department of Homeland Security Subcomponents State and Federal Organizations The Governor's Office of Homeland Security California Office of Information Security and Privacy Protection Private Sector Organizations for Information Sharing Conclusion

661 661 663

663

664 665 666 667 669 669 669 670 670 670 674

639 643

645

Luther Martin 1. 2.

653 654 655 655 656 656 657 658 659

Rahul Bhaskar Ph.D. and Bhushan ЮООГ Ki

Part VI Physical Security 36.

Authentication Identification Security Considerations Error Rates Doddington's Zoo Birthday Attacks Comparing Technologies Storage of Templates Conclusion

646 647

648 648 649 649 649 652 652 652

39.

Information Warfare

677

Jan Eloff and Anna Granova 1. 2. 3. 4.

Information Warfare Model Information Warfare Defined IW: Myth or Reality? Information Warfare: Making IW Possible Offensive Strategies Preventative Strategies Legal Aspects of IW Terrorism and Sovereignty Liability Under International Law Remedies Under International Law Developing Countries Response

677 678 678 680 680 685 686 686 686 687 689

Contents 7. 8.

Holistic View of Information Warfare Conclusion

689 690

Part VII Advanced Security 40.

Security Through Diversity

693

Kevin Noble 1. Ubiquity 2. Example Attacks Against Uniformity 3. Attacking Ubiquity With Antivirus Tools 4. The Threat of Worms 5. Automated Network Defense 6. Diversity and the Browser 7. Sandboxing and Virtualization 8. DNS Example of Diversity through Security 9. Recovery from Disaster is Survival 10. Conclusion

41.

Reputation Management

693 694 694 695 697 698 698 699 699 700

701

Dr. Jean-Marc Seigneur 1. 2. 3. 4.

5.

42.

The Human Notion of Reputation Reputation Applied to the Computing World State of the Art of Attack-resistant Reputation Computation Overview of Current Online Reputation Service eBay Opinity Rapleaf Venyo TrustPlus + Xing + Zoomlnfo + SageFire Naymz + Trufina The GORB ReputationDefender Summarizing Table Conclusion

Content Filtering

702 704 708 711 711 713 714 715 716 717 719 720 720 720

723

Peter Nicoletti The Problem with Content Filtering User Categories, Motivations, and Justifications

Schools Commercial Business Financial Organizations Healthcare Organizations Internet Service Providers

723 724 725 725 725 725 725

U.S. Government Other Governments Libraries Parents Content Blocking Methods Banned Word Lists URL Block Category Block Bayesian Filters Safe Search Integration to Search Engines with Content Labeling Content-Based Image Filtering (CBIF) 4. Technology and Techniques for Content-Filtering Control Internet Gateway-Based Products/ Unified Threat Appliances 5. Categories 6. Legal Issues Federal Law: ECPA CIPA: The Children's Internet Protection Act The Trump Card of Content Filtering: The "National Security Letter" ISP Content Filtering Might Be a "Five-Year Felony" Issues and Problems with Content Filtering Bypass and Circumvention Client-Based Proxies Open Proxies HTTP Web-Based Proxies (Public and Private) Secure Public Web-Based Proxies Process Killing Remote PC Control Applications Overblocking and Underblocking Blacklist and Whitelist Determination Casual Surfing Mistake Getting the List Updated Time-of-Day Policy Changing Override Authorization Methods Hide Content in "Noise" or Use Steganography Nonrepudiation: Smart Cards, ID Cards for Access Warn and Allow Methods Integration with Spam Filtering tools Detect Spyware and Malware in the HTTP Payload Integration with Directory Servers Language Support Financial Considerations Are Important Scalability and Usability Performance Issues Reporting Is a Critical Requirement Bandwidth Usage

725 725 725 726 726 726 726 726 727 727 727 728 728 732 735 735 735

736 736 737 737 737 739 739 739 739 739 740 740 740 740 740 740 740 740 740 740 740 740 741 741 741 742 742 742

Contents

9. 10.

43.

Precision Percentage and Recall Related Products Conclusion

Data Loss Protection

742 743 743

745

Ken Perkins 1. Precursors of DLP 2. What is DLP? 3. Where to Begin? 4. Data is Like Water 5. You Don't Know What You Don't Know Precision versus Recall 6. How Do DLP Applications Work? 7. Eat Your Vegetables Data in Motion Data at Rest Data in Use 8. It's a Family Affair, Not Just it Security's Problem 9. Vendors, Vendors Everywhere! Who Do You Believe? 10. Conclusion

6.

Previous Logon Information Configuration Security Considerations

Appendix В

747 748 753 754 755 756 756 757 757 758 758 760 762 762

Part VI11 Appenc I ices Configuring Authentication1 Service on Microsoft 7 Windows Vista 65 T ^ " r™

John R. Vacca 1.

2.

3.

4.

5.

Backup and Restore of Stored Usernames and Passwords Automation and Scripting Security Considerations Credential Security Service Provider and SSO for Terminal Services Logon Requirements Configuration Security Considerations TLS/SSL Cryptographic Enhancements AES Cipher Suites ECC Cipher Suites Schannel CNG Provider Model Default Cipher Suite Preference Previous Cipher Suites Kerberos Enhancements AES Read-Only Domain Controller and Kerberos Authentication Smart Card Authentication Changes Additional Changes to Common Smart Card Logon Scenarios

775

John R. Vacca

Appendix С

765 765 765

Appendix D

Appendix E List of Security Standards

770 770 771

List of Miscellaneous Security Resources

Conferences Consumer Information Directories Help and Tutorials Mailing Lists News and Media Organizations Products and Tools Research Content Filtering Links Other Logging Resources

Appendix G

769

List of Security Products

Security Software

765 766 766 766 766 766 767 768 769 769 769

List of Top Security Implementation and Deployment Companies 777

List of SAN Implementation and Deployment Companies SAN Security Implementation and Deployment Companies:

Appendix F

Appendix A

Security Management and Resiliency

773 774 774

Ensuring Built-in Frequency Hopping Spread Spectrum Wireless Network Security

Accomplishment Background Additional Information

Appendix H

Configuring Wireless Internet Security Remote Access

Adding the Access Points as RADIUS Clients to IAS Adding Access Points to the first IAS Server

778 778

781 781

783 785 785 785 786 786 786 787 787 788 790 791 791

793 793 793 793

795 795 795

Contents

Scripting the Addition of Access Points to IAS Server (Alternative Procedure) Configuring the Wireless Access Points Enabling Secure WLAN Authentication

on Access Points Additional Settings to Secure Wireless Access Points Replicating RADIUS Client Configuration to Other IAS Servers

Appendix I 795 796 A

796 797 798

,.

.

Appendix) Index

Frequently Asked Ouestions

799

_.

„л„

Glossary

801 817