Computer and Information Security Handbook
Edited by John R. Vacca
ШШШ
ЗИЯШР^ ^^НЯЯ •jfciflliWfcE c , „ n , , r D El^oilVlllK
AMSTERDAM • BOSTON • HEIDELBERG • LONDON • NEW YORK OXFORD • PARIS • SAN DIEGO • SAN FRANCISCO SINGAPORE • SYDNEY • TOKYO Morgan Kaufmann Publishers is an imprint of Elsevier
| W l В ^ ^ И
fЖ IV^I
MORGAN K A U F M A N N PUBLISHERS
Foreword Preface Acknowledgments About the Editor Contributors
2.
Famous Cryptographic Devices The Lorenz Cipher Enigma 3. Ciphers The Substitution Cipher The Shift Cipher The Polyalphabetic Cipher The Kasiski/Kerckhoff Method 4. Modern Cryptography The Vernam Cipher (Stream Cipher) The One-Time Pad Cracking Ciphers The XOR Cipher and Logical Operands Block Ciphers 5. The Computer Age Data Encryption Standard Theory of Operation Implementation Rivest, Shamir, and Adleman (RSA) Advanced Encryption Standard (AES or Rijndael)
XXI
xxiii xxv ii xxix xxxi
Parti Overview of System and Network Security: A Comprehensive Introduction 1.
Building a Secure Organization John Mallery 1.
Obstacles to Security 3 Security Is Inconvenient 3 Computers Are Powerful and Complex 3 Computer Users Are Unsophisticated 4 Computers Created Without a Thought to Security 4 Current Trend Is to Share, Not Protect 4 Data Accessible from Anywhere 4 Security Isn't About Hardware and Software 5 5 The Bad Guys Are Very Sophisticated Management Sees Security as a Drain 5 on the Bottom Line 2. Ten Steps to Building a Secure Organization 6 6 A. Evaluate the Risks and Threats B. Beware of Common Misconceptions 8 С Provide Security Training for 9 IT Staff—Now and Forever D. Think "Outside the Box" 10 E. Train Employees: Develop a Culture of Security 12 F. Identify and Utilize Built-in Security Features of the Operating System and Applications 14 16 G. Monitor Systems 17 H. Hire a Third Party to Audit Security 19 I. Don't Forget the Basics 20 J. Patch, Patch, Patch
2.
A Cryptography Primer What is Cryptography? What is Encryption? How Is Cryptography Done?
Preventing System Intrusions
1. 2. 3. 4. 5. 6. 7. 8.
9. 10.
11.
12. 23 24
38
39
Michael West
:23
Scott R. Ellis 1.
•i
24 24 24 25 25 26 29 30 31 31 32 33 34 35 36 36 37 38 38
So, What is an Intrusion? Sobering Numbers Know Your Enemy: Hackers Versus Crackers Motives Tools of the Trade Bots Symptoms of Intrusions What Can You Do? Know Today's Network Needs Network Security Best Practices Security Policies Risk Analysis Vulnerability Testing Audits Recovery Tools of Your Trade Firewalls Intrusion Prevention Systems Application Firewalls Access Control Systems Unified Threat Management Controlling User Access Authentication, Authorization, and Accounting What the User Knows
39 40 40 41 41 42 43 43 44 45 45 46 46 47 47 47 47 47 48 48 49 49 49 49
Contents
13.
What the User Has The User Is Authenticated, But Is She Authorized? Accounting Keeping Current Conclusion
Guarding Against Network Intrusions
50 50 51 51 51
6.
6.
53 56 57 58 59
Unix and Linux Security
67
59 59 60 60 61 62 62 63 63 64 64 64 65 65 65 65 66 66
1.
2.
3.
7.
2.
4.
5.
79
Introduction to Linux and Unix What Is Unix? What Is Linux? System Architecture Hardening Linux and Unix Network Hardening Host Hardening Systems Management Security Proactive Defense for Linux and Unix Vulnerability Assessment Incident Response Preparation Organizational Considerations
Internet Security
79 79 80 82 84 84 88 90 90 90 91 92
93
Jesse Walker Internet Protocol Architecture Communications Architecture Basics Getting More Specific An Internet Threat Model The Dolev-Yao Adversary Model Layer Threats Defending Against Attacks on the Internet Layer Session Defenses Session Startup Defenses Conclusion
Gerald Beuchelt Unix and Security The Aims of System Security Achieving Unix Security Basic Unix Security Traditional Unix Systems Standard File and Device Access Semantics Protecting User Accounts and Strengthening Authentication Establishing Secure Account Use The Unix Login Process Controlling Account Access Noninteractive Access Other Network Authentication Mechanisms Risks of Trusted Hosts and Networks Replacing Telnet, rlogin, and FTP Servers and Clients with SSH Reducing Exposure to Threats by Limiting Superuser Privileges Controlling Root Access
76
Mario San tana
1. Traditional Reconnaissance and Attacks 2. Malicious Software Lures and "Pull" Attacks 3. Defense in Depth 4. Preventive Measures Access Control Vulnerability Testing and Patching Closing Ports Firewalls Antivirus and Antispyware Tools Spam Filtering Honeypots Network Access Control Intrusion Monitoring and Detection Host-Based Monitoring Traffic Monitoring Signature-Based Detection Behavior Anomalies Intrusion Prevention Systems 6. Reactive Measures Quarantine Traceback 7. Conclusions
1.
76
Eliminating the Security Weakness of Linux and Unix Operating
Systems
53
Tom Chen and Patrick J. Walsh
5.
Safeguarding Vital Data by Securing Local and Network File Systems Directory Structure and Partitioning for Security
93 94 95 100 101 101 105 106 113 117
67 67 67 68 68
69 71 71 71 71 72 73 73 73 74 74
8.
The Botnet Problem
119
Xinyuan Wang and Daniel Ramsbrock Introduction Botnet Overview Origins of Botnets Botnet Topologies and Protocols 3. Typical Bot Life Cycle 4. The Botnet Business Model 5. Botnet Defense Detecting and Removing Individual Bots Detecting C&C Traffic Detecting and Neutralizing the C&C Servers Attacking Encrypted C&C Channels Locating and Identifying the Botmaster Botmaster Traceback Traceback Challenges
119 120 120 120 122 123 124 124 125 125 126 128 128 129
7.
Traceback Beyond the Internet Summary
Intranet Security
18.
130 132
19. 20. 21.
133
Bill Mansoor 1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. 13. 14.
Plugging the Gaps: NAC and Access Control Measuring Risk: Audits Guardian at the Gate: Authentication and Encryption Wireless Network Security Shielding the Wire: Network Protection Weakest Link in Security: User Training Documenting the Network: Change Management Rehearse the Inevitable: Disaster Recovery Controlling Hazards: Physical and Environmental Protection Know Your Users: Personnel Security Protecting Data Flow: Information and System Integrity Security Assessments Risk Assessments Conclusion
Local Area Network Security
22. 23. 24.
136 137 138 139 141 142
11.
2. 3. 4. 5. 6. 7. 8. 9. 10. 11.
12.
13. 14. 15. 16. 17.
Identify network threats Disruptive Unauthorized Access Establish Network Access Controls Risk Assessment Listing Network Resources Threats Security Policies The Incident-handling Process Secure Design Through Network Access Controls Ids Defined NIDS: Scope and Limitations A Practical Illustration of NIDS UDP Attacks TCP SYN (Half-Open) Scanning Some Not-So-Robust Features of NIDS Firewalls Firewall Security Policy Configuration Script for sf Router Dynamic Nat Configuration The Perimeter Access List Details Types of Firewalls Packet Filtering: IP Filtering Routers
Wireless Network Security
142
Chunming Rong and Erdal Cayirci
143
1.
145 146 146 147 148 148
149
Dr. Pramod Pandya 1.
Application-layer Firewalls: Proxy Servers Stateful Inspection Firewalls NIDS Complements Firewalls Monitor and Analyze System Activities Analysis Levels Signature Analysis Statistical Analysis Signature Algorithms Pattern Matching Stateful Pattern Matching Protocol Decode-based Analysis Heuristic-Based Analysis Anomaly-Based Analysis
150 150 150 150 151 151 151 151 152 152 153 154 154 154 155 156 158 159 160 160 160 162 162 162
12.
163 163 163 163 164 164 164 164 164 165 165 166 166
169
Cellular Networks Cellular Telephone Networks 802.11 Wireless LANs 2. Wireless Ad Hoc Networks Wireless Sensor Networks Mesh Networks 3. Security Protocols WEP WPA and WPA2 SPINS: Security Protocols for Sensor Networks 4. Secure Routing SEAD Ariadne ARAN SLSP 5. Key Establishment Bootstrapping Key Management References
169 170 170 171 171 171 172 172 173 173 175 175 176 176 177 177 177 178 181
Cellular Network Security
183
Peng Liu, Thomas F. LaPorta and Kameswari Kotapati 1. 2.
Introduction Overview of Cellular Networks Overall Cellular Network Architecture Core Network Organization Call Delivery Service 3. The State of the Art of Cellular Network Security Security in the Radio Access Network Security in Core Network Security Implications of Internet Connectivity Security Implications of PSTN Connectivity
183 184 184 185 185 186 186 187 188 188
Contents
4.
Cellular Network Attack Taxonomy Abstract Model Abstract Model Findings Three-Dimensional Attack Taxonomy 5. Cellular Network Vulnerability Analysis Cellular Network Vulnerability Assessment Toolkit (CAT) Advanced Cellular Network Vulnerability Assessment Toolkit (aCAT) Cellular Network Vulnerability Assessment Toolkit for evaluation (eCAT) 6. Discussion References
13.
RFID Security
189 189 189 192 193 195
198
199 201 202
205
Chunming Rong and Erdal Cayirci 1.
RFID Introduction RFID System Architecture RFID Standards RFID Applications 2. RFID Challenges Counterfeiting Sniffing Tracking Denial of Service Other Issues Comparison of All Challenges 3. RFID Protections Basic RFID System RFID System Using Symmetric-Key Cryptography RFID System Using Public-key Cryptography References
205 205 207 208 209 209 209 209 210 210 212 212 212
14.
Information Security Essentials for IT Managers, Protecting Mission-Critical Systems
15.
251 251 252
Security Management Systems
255
1. 2. 3. 4. 5. 6. 7. 8. 9. 10.
217 219
16.
Information Security Essentials for IT Managers, Overview Scope of Information Security Management CISSPTen Domains of Information Security What is a Threat? Common Attacks
236 236 237 239 241 242 246 247 248 249 250
Security Management System Standards Training Requirements Principles of Information Security Roles and Responsibilities of Personnel Security Policies Security Controls Network Access Risk Assessment Incident Response Summary
255 256 256 256 256 257 257 257 258 258
Information Technology Security Management 259 Rahul Bhaskerand Bhushan Kapoor
125
1.
Albert Caballero 1.
231 231 231 231 233 233
Voe Wright and Jim Harmening
215
Part II Managing Information Security
Impact of Security Breaches Protecting Mission-critical Systems Information Assurance Information Risk Management Defense in Depth Contingency Planning 3. Information Security from the Ground Up Physical Security Data Security Systems and Network Security Business Communications Security Wireless Security Web and Application Security Security Policies and Procedures Security Employee Training and Awareness 4. Security Monitoring and Effectiveness Security Monitoring Mechanisms Incidence Response and Forensic Investigations Validating Security Effectiveness References 2.
225 225 225 227 228
2.
3.
Information Security Management Standards Federal Information Security Management Act International Standards Organization Other Organizations Involved in Standards Information Technology security aspects Security Policies and Procedures IT Security Processes Conclusion
259 259 260 260 260 261 263 267
ents
Identity Management
269
Dr. Jean-Marc Seigneur and Dr. Tewfiq El Malika Introduction Evolution of Identity Management Requirements Digital Identity Definition Identity Management Overview Privacy Requirement User-Centricity Usability Requirement The Requirements Fulfilled by Current Identity Management Technologies Evolution of Identity Management Identity 2.0 Identity 2.0 for Mobile Users Mobile Web 2.0 Mobility Evolution of Mobile Identity The Future of Mobile User-Centric Identity Management in an Ambient Intelligence World Research Directions Conclusion
Intrusion Prevention and Detection Systems
19.
Computer Forensics Scott R. Ellis
269 269 270 270 272 272 273
1 2
3 4 5
274 274 278 286 286 287 287
290 292 292
293
Christopher Day 1.
2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. 13. 14. 15. 16. 17.
What is an "Intrusion," Anyway? Physical Theft Abuse of Privileges (The Insider Threat) Unauthorized Access by an Outsider Malware Infection The Role of the "0-day" The Rogue's Gallery: Attackers and Motives A Brief Introduction to TCP/IP The TCP/IP data Architecture and Data Encapsulation Survey of Intrusion Detection and Prevention Technologies Anti-Malware Software Network-based Intrusion Detection Systems Network-based Intrusion Prevention Systems Host-based Intrusion Prevention Systems Security Information Management Systems Network Session Analysis Digital Forensics System Integrity Validation Putting it all Together
307
293 293 293 294 294 295
5, 6
296 297 298 300 301 302 7. 303 304 304 304 305 306 306
8
What is Computer Forensics? Analysis of Data Computer Forensics and Ethics, Green Home Plate Gallery View Database Reconstruction Computer Forensics in the Court System Understanding Internet History Temporary Restraining Orders and Labor Disputes Divorce Patent I nfri ngement When to Acquire, When to Capture Acquisition Creating Forensic Images Using Software and Hardware Write Blockers Live Capture of Relevant Files Redundant Array of Independent (or Inexpensive) Disks (RAID) File System Analyses NTFS The Role of the Forensic Examiner in Investigations and File Recovery Password Recovery File Carving Things to Know: How Time stamps Work Experimental Evidence Email Headers and Time stamps, Email Receipts, and Bounced Messages Steganography "Covered Writing" First Principles Hacking a Windows XP Password Net User Password Hack Lanman Hashes and Rainbow Tables Password Reset Disk Memory Analysis and the Trojan Defense User Artifact Analysis Recovering Lost and Deleted Files Email Internet History Network Analysis Protocols Analysis Computer Forensics Applied Tracking. Inventory, Location of Files, Paperwork, Backups, and So On Testimonial Experience Needed Job Description, Technologist
307 308 309 310 310 312 312 313 313 313
313 314 314 314 315
315 317 318 320 321
322 324 325 325 325 325 326 326 326 327 327 327 328 328 328 329
329 329 329 329
Contents
Job Description Management Commercial Uses Solid Background Education/Certification Programming and Experience Publications 9. Testifying as an Expert Degrees of Certainty Certainty Without Doubt 10. Beginning to End in Court Defendants, Plaintiffs, and Prosecutors Pretrial Motions Trial: Direct and Cross-Examination Rebuttal Surrebuttal Testifying: Rule 702. Testimony by Experts Correcting Mistakes: Putting Your Head in the Sand
Network Forensics
330 330 330 330 331 331 332 332 334 334
Two-Router Configuration Dual-Homed Host Network Configuration Summary 11. Firewall Installation and Configuration 12. Supporting Outgoing Services Through Firewall Configuration Forms of State Payload Inspection 13. Secure External Services Provisioning 14. Network Firewalls for Voice and Video Applications Packet Filtering H.323 15. Firewalls and Important Administrative Service Protocols Routing Protocols Internet Control Message Protocol Network Time Protocol Central Log File Management Dynamic Host Configuration Protocol 16. Internal IP Services Protection 17. Firewall Remote Access Configuration 18. Load Balancing and Firewall Arrays Load Balancing in Real Life How to Balance the Load Advantages and Disadvantages of Load Balancing 19. Highly Available Firewalls Load Balancer Operation Interconnection of Load Balancers and Firewalls 20. Firewall Management 21. Conclusion
334 335 335 335 335 335 336
339
Yong Guan 1. Scientific Overview 2. The Principles of Network Forensics 3. Attack Traceback and Attribution IP Traceback Stepping-Stone Attack Attribution 4. Critical Needs Analysis 5. Research Directions VoIP Attribution
Firewalls
339 340 341 341 344 346 346 346
349
Dr. Errin W. Fulp 1. 2.
Network Firewalls Firewall Security Policies Rule-Match Policies 3. A Simple Mathematical Model for Policies, Rules, and Packets 4. First-match Firewall Policy Anomalies 5. Policy Optimization Policy Reordering Combining Rules Default Accept or Deny? 6. Firewall Types Packet Filter Stateful Packet Firewalls Application Layer Firewalls 7. Host and Network Firewalls 8. Software and Hardware Firewall Implementations 9. Choosing the Correct Firewall 10. Firewall Placement and Network Topology Demilitarized Zones Perimeter Networks
349 350 351 351 352 352 352 353 353 353 354 354 354 355
22.
Penetration Testing
357 358 358 358 359 359 360 X' 360 360 361 361 361 362 362 362 363 363 364 365 365 365 366 366 366 366 367 367
369
Sanjay Bavisi 1. 2. 3. 4.
5. 6. 7.
355 355
8.
356 357 357
9. 10. 11.
What is Penetration Testing? How does Penetration Testing Differ from an Actual "Hack?" Types of Penetration Testing Phases of Penetration Testing The Pre-Attack Phase The Attack Phase The Post-Attack Phase Defining What's Expected The Need for a Methodology Penetration Testing Methodologies Methodology in Action EC-Council LPT Methodology Penetration Testing Risks Liability Issues Legal Consequences
369 370 371 373 373 373 373 374 375 375 376 376 378 378 379
Contents
12. 13. 14. 15. 16. 17.
18.
23.
XIII
"Get out of jail free" Card Penetration Testing Consultants Required Skill Sets Accomplishments Hiring a Penetration Tester Why Should a Company Hire You? Qualifications Work Experience Cutting-Edge Technical Skills Communication Skills Attitude Team Skills Company Concerns All's Well that Ends Well
What Is Vulnerability Assessment?
379 379 380 380 380 381 381 381 381 381 381 381 381 382
383
Almantas Kakareka 1. Reporting 2. The "It Won't Happen to Us" Factor 3. Why Vulnerability Assessment? 4. Penetration Testing Versus Vulnerability Assessment 5. Vulnerability Assessment Goal 6. Mapping the Network 7. Selecting the Right Scanners 8. Central Scans Versus Local Scans 9. Defense in Depth Strategy 10. Vulnerability Assessment Tools Nessus GFI LANguard Retina Core Impact ISS Internet Scanner X-Scan Sara QualysGuard SAINT MBSA 11. Scanner Performance 12. Scan Verification 13. Scanning Cornerstones 14. Network Scanning Countermeasures 15. Vulnerability Disclosure Date Find Security Holes Before They Become Problems 16. Proactive Security Versus Reactive Security 17. Vulnerability Causes Password Management Flaws Fundamental Operating System Design Flaws Software Bugs Unchecked User Input 18. DIY Vulnerability Assessment 19. Conclusion
383 383 384 384 385 385 386 387 388 388 388 389 389 389 389 389 389 389 389 389 390 390 390 390 391 391 392 392 392 392 392 392 393 393
Part III Encryption Technology 24.
Data Encryption
397
Dr. Bhushan Kapoor and Dr. Pramod Pandya Need for Cryptography Authentication Confidentiality Integrity Nonrepudiation Mathematical Prelude to Cryptography Mapping or Function Probability Complexity Classical Cryptography The Euclidean Algorithm The Extended Euclidean Algorithm Modular Arithmetic Congruence Residue Class Inverses Fundamental Theorem of Arithmetic Congruence Relation Defined Substitution Cipher Transposition Cipher Modern Symmetric Ciphers S-Box P-Boxes Product Ciphers Algebraic Structure Definition Group Definitions of Finite and Infinite Groups (Order of a Group) Definition Abelian Group Examples of a Group Definition: Subgroup Definition: Cyclic Group Rings Definition: Field Finite Fields GF(2n) Modular Polynomial Arithmetic Over CF(2) Using a Generator to Represent the Elements of GF(2n) GF(23) Is a Finite Field The Internal Functions of Rijndael in AES Implementation Mathematical Preliminaries State Use of Modern Block Ciphers The Electronic Code Book (ECB) Cipher-Block Chaining (CBC) Public-key Cryptography Review: Number Theory Cryptanalysis of RSA Factorization Attack
398 398 398 398 398 398 398 398 398 399 399 399 399 400 400 400 400 401 401 402 402 403 403 404 404 404 404 404 404 405 405 405 405 405 406 406 407 407 408 408 412 412 412 412 412 416 416
Con tents
ю. Diffie-Hellman Algorithm п . Elliptic Curve Cryptosystems
An Example Example of Elliptic Curve Addition EC Security 12. Message Integrity and Authentication Cryptographic Hash Functions Message Authentication Digital Signature Message Integrity Uses a Hash Function in Signing the Message RSA Digital Signature Scheme RSA Digital Signature and the Message Digest 13. Summary References
25.
Satellite Encryption
417 417 418 418 419
10. 11.
419 419 420 420
12. 13. 14. 15. 16.
420 420 420 421 421
17.
423
Daniel S. Soper
27.
1.
The Need for Satellite Encryption
423
2.
Satellite Encryption Policy
425
3.
Implementing Satellite Encryption General Satellite Encryption Issues Uplink Encryption Extraplanetary Link Encryption Downlink Encryption
426 426 428 428 429
Instant-Messaging Security
26.
Public Key Infrastructure
2. 3. 4.
430
433
5.
Terence Süies 1.
Cryptographic Background Digital Signatures Public Key Encryption 2. Overview of PKI 3. The X.509 Model The History of X.509 The X.509 Certificate Model 4. X.509 Implementation Architectures 5. X.509 Certificate Validation Validation Step 1: Construct the Chain and Validate Signatures Validation Step 2: Check Validity Dates, Policy and Key Usage Validation Step 3: Consult Revocation Authorities 6. X.509 Certificate Revocation Online Certificate Status Protocol 7. Server-based Certificate Validity Protocol 8. X.509 Bridge Certification Systems Mesh PKIs and Bridge CAs 9. X.509 Certificate Format X.509 V1 andV2 Format
433 433 434 435 436 436 436 437 439
6.
439 439 440 440 441 442 443 443 444 445
445 445 446 446 447 448 448 448 448 449 449 449 450 450 450 450 450 450
453
Samuel J.J. Curry 1.
4. The Future of Satellite Encryption
X.509 V3 Format X.509 Certificate Extensions Policy Extensions Certificate Policy PKI Policy Description PKI Standards Organizations IETF PKIX SDSI/SPKI IETF OpenPGP PGP Certificate Formats PGP PKI Implementations W3C Alternative PKI Architectures Modified X.509 Architectures Perlman and Kaufman's User-Centric PKI Gutmann's Plug and Play PKI Callas's Self-Assembling PKI Alternative Key Management Models
7. 8.
Why Should I Care About Instant Messaging? What is Instant Messaging? The Evolution of Networking Technologies Game Theory and Instant Messaging Your Workforce Generational Gaps Transactions The Nature of the Threat Malicious Threat Vulnerabilities Man-in-the-Middle Attacks Phishing and Social Engineering Knowledge Is the Commodity Data and Traffic Analysis Unintentional Threats Regulatory Concerns Common IM Applications Consumer Instant Messaging Enterprise Instant Messaging Instant-Messaging Aggregators Backdoors: Instant Messaging Via Other Means (HTML) Mobile Dimension Defensive Strategies Instant-messaging Security Maturity and Solutions Asset Management Built-in Security Content Filtering Classic Security Compliance Data Loss Prevention
Logging Archival
453 453 454 455 455 456 457 457 458 459 459 459 459 460 460 461 461 461 461 462 462 462 462 463 463 463 463 463 464 464 464 464
on tents
9.
10.
Processes Instant-Messaging Activation and Provisioning Application Review People Revise Audit Conclusion Example Answers to Key Factors
464
Approach for Obtaining Near Well-Formed Privacy Policies 6. The Privacy Management Model How Privacy Policies Are Used Personal Privacy Policy Negotiation Personal Privacy Policy Compliance 7. Discussion and Related Work 8. Conclusions and Future Work
464 464 464 464 464 465 466
30.
NET Privacy
History Who is in Charge? VPN Types IPsec L2TP L2TPv3 L2F PPTPVPN MPLS MPVPN™ SSH SSL-VPN TLS 4. Authentication Methods Hashing HMAC MD5 SHA-1 5. Symmetric Encryption 6. Asymmetric Cryptography 7. Edge Devices 8. Passwords 9. Hackers and Crackers
469
Marco Cremonini, Chiara Braghin and Claudio Agostino Ardagna
5.
29.
Privacy in the Digital Society The Origins, The Debate Privacy Threats The Economics of Privacy The Value of Privacy Privacy and Business Privacy-Enhancing Technologies Languages for Access Control and Privacy Preferences Data Privacy Protection Privacy for Mobile Environments Network Anonymity Onion Routing Anonymity Services Conclusion
Personal Privacy Policies
507
Jim Harmening and Joe Wright
Part IV Privacy and Access Management 28.
Virtual Private Networks
497 497 497 499 502 502 505
469 469 471 474 474 475 476 476 478 480 482 483 484 485
487 31.
Identity Theft
508 511 512 512 512 513 513 513 514 514 514 514 514 515 515 515 515 515 516 516 516 516 517
519
Dr. George Yee and Larry Korba 1. 2.
3.
4.
5.
Introduction Content of Personal Privacy Policies Privacy Legislation and Directives Requirements from Privacy Principles Privacy Policy Specification Semiautomated Derivation of Personal Privacy Policies An Example Retrieval from a Community of Peers Specifying Well-formed Personal Privacy Policies Unexpected Outcomes Outcomes From the Way the Matching Policy Was Obtained Preventing Unexpected Negative Outcomes Definition 1 Definition 2 Rules for Specifying Near Well-Formed Privacy Policies
487 488 488 488 490 490 492 493 494 494 494 496 496 496 496
Markus Jacobsson and Alex Tsow 1.
Experimental Design Authentic Payment Notification: Plain Versus Fancy Layout Strong Phishing Message: Plain Versus Fancy Layout Authentic Promotion: Effect of Small Footers Weak Phishing Message Authentic Message Login Page Login Page: Strong and Weak Content Alignment Login Page: Authentic and Bogus (But Plausible) URLs Login Page: Hard and Soft Emphasis on Security Bad URL, with and without SSL and Endorsement Logo High-Profile Recall Notice
520 522 525 525 527 528 528 529 532 532 535 535
Contents
2. 3.
32.
Low-Profile Class-Action Lawsuit Results and Analysis Implications for Crimeware Example: Vulnerability of Web-Based Update Mechanisms Example: The Unsubscribe Spam Attack The Strong Narrative Attack
535 535 546
11.
Management Access: Separation of Functions Limit Tool Access Secure Management Interfaces 12. Host Access: Partitioning SJD Checking 13. Data Protection: Replicas Erasure Potential Vulnerabilities and Threats Physical Attacks Management Control Attacks Host Attacks World Wide Name Spoofing Man-in-the-Middle Attacks E-Port Replication Attack Denial-of-Service Attacks Session Hijacking Attacks 15. Encryption in Storage The Process Encryption Algorithms Key Management Configuration Management 16. Application of Encryption Risk Assessment and Management Modeling Threats Use Cases for Protecting Data at Rest Use Considerations Deployment Options 17. Conclusion References
547 547 548
4. Conclusion
548
VoIP Security
551
Dan Wing and Harsh Kupwade Patil 1. 2.
3.
4.
5.
Introduction VoIP Basics Overview of Threats Taxonomy of Threats Reconnaissance of VoIP Networks Denial of Service Loss of Privacy Exploits Security in VoIP Preventative Measures Reactive Future Trends Forking Problem in SIP Security in Peer-to-Peer SIP End-to-End Identity with SBCs Conclusion
551 551 553 553 553 554 555 557 558 558 559 560 560 561 563 564
PartV Storage Security 33.
SAN Security
34. 567
2.
3. 4. 5. 6. 7. 8. 9.
10.
Organizational Structure AAA Restricting Access to Storage Access Control Lists (ACL) and Policies Data Integrity Field (DIF) Physical Access Change Management Password Policies Defense in Depth Vendor Security Review Data Classification Security Management Security Setup Unused Capabilities Auditing Updates Monitoring Security Maintenance
1. What is a SAN? 2. SAN Deployment Justifications 3. The Critical Reasons for SAN Security Why Is SAN Security Important? 4. SAN Architecture and Components SAN Switches 5. SAN General Threats and Issues SAN Cost: A Deterrent to Attackers Physical Level Threats, Issues, and Risk Mitigation Logical Level Threats, Vulnerabilities, and Risk Mitigation 6. Conclusion
567 568 569 570 570 571 571 571 571 571 571 572 572 572 572 572 572 572
581 582 582 588 589
591
Robert Rounsavall
John McGowan, Jeffrey Bardin and John McDonald 1.
Storage Area Networking Devices Security
573 573 573 573 574 574 574 575 575 575 575 576 576 576 577 577 577 577 578 579 580 580 580 580
35.
Risk Management
591 591 592 592 593 593 594 594 594 596 603
605
Sokratis K. Katsikas 1. The Concept of Risk 2. Expressing and Measuring Risk 3. The Risk Management Methodology Context Establishment
606 606 609 609
Contents
5. 6.
Risk Assessment Risk Treatment Risk Communication Risk Monitoring and Review Integrating Risk Management into the System Development Life Cycle Critique of Risk Management as a Methodology Risk Management Methods Risk Management Laws and Regulations Risk Management Standards Summary
610 612 614 614
4.
614 615 616 620 623 625
5.
-50-
Homeland Security
1.
Physical Security Essentials
629
William Stallings 1. 2.
Overview Physical Security Threats Natural Disasters Environmental Threats Technical Threats Human-Caused Physical Threats 3. Physical Security Prevention and Mitigation Measures Environmental Threats Technical Threats Human-Caused Physical Threats 4. Recovery from Physical Security Breaches 5. Threat Assessment, Planning, and Plan Implementation Threat Assessment Planning and Implementation 6. Example: A Corporate Physical Security Policy 7. Integration of Physical and Logical Security References
37.
Biometrics
629 630 630 631 633 634
3.
Relevant Standards Biometrie System Architecture Data Capture Signal Processing Matching Data Storage Decision Adaptation Using Biometrie Systems Enrollment
2.
634 634 635 635
3.
636 636 636 637 637 4.
661
Statutory Authorities The USA PATRIOT Act of 2001 (PL 107-56) The Aviation and Transporation Security Act of 2001 (PL 107-71) Enhanced Border Security and Visa Entry Reform Act of 2002 (PL 107-173) Public Health Security, Bioterrorism Preparedness & Response Act of 2002 (PL 107-188) Homeland Security Act of 2002 (PL 107-296) E-Government Act of 2002 (PL 107-347) Homeland Security Presidential Directives Organizational Actions Department of Homeland Security Subcomponents State and Federal Organizations The Governor's Office of Homeland Security California Office of Information Security and Privacy Protection Private Sector Organizations for Information Sharing Conclusion
661 661 663
663
664 665 666 667 669 669 669 670 670 670 674
639 643
645
Luther Martin 1. 2.
653 654 655 655 656 656 657 658 659
Rahul Bhaskar Ph.D. and Bhushan ЮООГ Ki
Part VI Physical Security 36.
Authentication Identification Security Considerations Error Rates Doddington's Zoo Birthday Attacks Comparing Technologies Storage of Templates Conclusion
646 647
648 648 649 649 649 652 652 652
39.
Information Warfare
677
Jan Eloff and Anna Granova 1. 2. 3. 4.
Information Warfare Model Information Warfare Defined IW: Myth or Reality? Information Warfare: Making IW Possible Offensive Strategies Preventative Strategies Legal Aspects of IW Terrorism and Sovereignty Liability Under International Law Remedies Under International Law Developing Countries Response
677 678 678 680 680 685 686 686 686 687 689
Contents 7. 8.
Holistic View of Information Warfare Conclusion
689 690
Part VII Advanced Security 40.
Security Through Diversity
693
Kevin Noble 1. Ubiquity 2. Example Attacks Against Uniformity 3. Attacking Ubiquity With Antivirus Tools 4. The Threat of Worms 5. Automated Network Defense 6. Diversity and the Browser 7. Sandboxing and Virtualization 8. DNS Example of Diversity through Security 9. Recovery from Disaster is Survival 10. Conclusion
41.
Reputation Management
693 694 694 695 697 698 698 699 699 700
701
Dr. Jean-Marc Seigneur 1. 2. 3. 4.
5.
42.
The Human Notion of Reputation Reputation Applied to the Computing World State of the Art of Attack-resistant Reputation Computation Overview of Current Online Reputation Service eBay Opinity Rapleaf Venyo TrustPlus + Xing + Zoomlnfo + SageFire Naymz + Trufina The GORB ReputationDefender Summarizing Table Conclusion
Content Filtering
702 704 708 711 711 713 714 715 716 717 719 720 720 720
723
Peter Nicoletti The Problem with Content Filtering User Categories, Motivations, and Justifications
Schools Commercial Business Financial Organizations Healthcare Organizations Internet Service Providers
723 724 725 725 725 725 725
U.S. Government Other Governments Libraries Parents Content Blocking Methods Banned Word Lists URL Block Category Block Bayesian Filters Safe Search Integration to Search Engines with Content Labeling Content-Based Image Filtering (CBIF) 4. Technology and Techniques for Content-Filtering Control Internet Gateway-Based Products/ Unified Threat Appliances 5. Categories 6. Legal Issues Federal Law: ECPA CIPA: The Children's Internet Protection Act The Trump Card of Content Filtering: The "National Security Letter" ISP Content Filtering Might Be a "Five-Year Felony" Issues and Problems with Content Filtering Bypass and Circumvention Client-Based Proxies Open Proxies HTTP Web-Based Proxies (Public and Private) Secure Public Web-Based Proxies Process Killing Remote PC Control Applications Overblocking and Underblocking Blacklist and Whitelist Determination Casual Surfing Mistake Getting the List Updated Time-of-Day Policy Changing Override Authorization Methods Hide Content in "Noise" or Use Steganography Nonrepudiation: Smart Cards, ID Cards for Access Warn and Allow Methods Integration with Spam Filtering tools Detect Spyware and Malware in the HTTP Payload Integration with Directory Servers Language Support Financial Considerations Are Important Scalability and Usability Performance Issues Reporting Is a Critical Requirement Bandwidth Usage
725 725 725 726 726 726 726 726 727 727 727 728 728 732 735 735 735
736 736 737 737 737 739 739 739 739 739 740 740 740 740 740 740 740 740 740 740 740 740 741 741 741 742 742 742
Contents
9. 10.
43.
Precision Percentage and Recall Related Products Conclusion
Data Loss Protection
742 743 743
745
Ken Perkins 1. Precursors of DLP 2. What is DLP? 3. Where to Begin? 4. Data is Like Water 5. You Don't Know What You Don't Know Precision versus Recall 6. How Do DLP Applications Work? 7. Eat Your Vegetables Data in Motion Data at Rest Data in Use 8. It's a Family Affair, Not Just it Security's Problem 9. Vendors, Vendors Everywhere! Who Do You Believe? 10. Conclusion
6.
Previous Logon Information Configuration Security Considerations
Appendix В
747 748 753 754 755 756 756 757 757 758 758 760 762 762
Part VI11 Appenc I ices Configuring Authentication1 Service on Microsoft 7 Windows Vista 65 T ^ " r™
John R. Vacca 1.
2.
3.
4.
5.
Backup and Restore of Stored Usernames and Passwords Automation and Scripting Security Considerations Credential Security Service Provider and SSO for Terminal Services Logon Requirements Configuration Security Considerations TLS/SSL Cryptographic Enhancements AES Cipher Suites ECC Cipher Suites Schannel CNG Provider Model Default Cipher Suite Preference Previous Cipher Suites Kerberos Enhancements AES Read-Only Domain Controller and Kerberos Authentication Smart Card Authentication Changes Additional Changes to Common Smart Card Logon Scenarios
775
John R. Vacca
Appendix С
765 765 765
Appendix D
Appendix E List of Security Standards
770 770 771
List of Miscellaneous Security Resources
Conferences Consumer Information Directories Help and Tutorials Mailing Lists News and Media Organizations Products and Tools Research Content Filtering Links Other Logging Resources
Appendix G
769
List of Security Products
Security Software
765 766 766 766 766 766 767 768 769 769 769
List of Top Security Implementation and Deployment Companies 777
List of SAN Implementation and Deployment Companies SAN Security Implementation and Deployment Companies:
Appendix F
Appendix A
Security Management and Resiliency
773 774 774
Ensuring Built-in Frequency Hopping Spread Spectrum Wireless Network Security
Accomplishment Background Additional Information
Appendix H
Configuring Wireless Internet Security Remote Access
Adding the Access Points as RADIUS Clients to IAS Adding Access Points to the first IAS Server
778 778
781 781
783 785 785 785 786 786 786 787 787 788 790 791 791
793 793 793 793
795 795 795
Contents
Scripting the Addition of Access Points to IAS Server (Alternative Procedure) Configuring the Wireless Access Points Enabling Secure WLAN Authentication
on Access Points Additional Settings to Secure Wireless Access Points Replicating RADIUS Client Configuration to Other IAS Servers
Appendix I 795 796 A
796 797 798
,.
.
Appendix) Index
Frequently Asked Ouestions
799
_.
„л„
Glossary
801 817
