Amazon cover image
Image from Amazon.com
Image from Google Jackets

Security of e-systems and computer networks / Mohammad Obaidat, Noureddine Boudriga.

By: Contributor(s): Material type: TextTextPublication details: Cambridge : Cambridge University Press, 2007.Description: xvii, 357 p. : ill. ; 25 cmISBN:
  • 0521837642
  • 9780521837644
Subject(s): DDC classification:
  • 005.8   22
Contents:
Preface -- E-security -- Introduction to e-security -- Introduction -- Security costs -- The CSI/FBI computer crime and security survey -- Australian computer crime and security survey -- Security services -- Security services -- Security attacks -- Threats and vulnerabilities -- Basics of protection -- Security management -- Security policies -- Protections of users and networks -- Protection of employees -- Protection of networks -- Security planning -- Risk analysis -- Security plans -- Legal issues in system security -- Summary -- References -- Public key cryptosystems -- Introduction -- Symmetric encryption -- Secret key encryption features -- Secret key distribution -- Public key cryptosystems -- Trapdoor function model -- Conventional public key encryption -- Comparing cryptosystems -- Public key main algorithms -- RSA algorithm -- ElGamel algorithm -- Public key management -- Key management life cycle -- Key distribution -- Key recovery -- Attacks against public key cryptosystems -- Conclusion -- References -- Authentication and digital signature -- Introduction -- Weak authentication schemes -- Password-based authentication -- PIN-based authentication -- Strong authentication schemes -- Challenge-response by cryptosystems -- Challenge-response by zero-knowledge techniques -- Device-based authentication -- Attacks on authentication -- Digital signature frameworks -- The RSA signature scheme -- The DSA signature scheme -- One-time signature -- Hash functions -- Examples of hash functions -- Security of hash functions -- Message authentication -- Authentication applications -- X.509 Authentication service -- Kerberos service -- Authentication network services -- IP authentication header protocol -- Authentication in wireless networks -- Conclusion -- References -- E-system and network security tools -- Public key infrastructure (PKI) systems -- Introduction -- The PKIX architecture model -- Main PKI components -- PKI documents -- PKIX management functions -- Public key certificates -- Certificate format -- CRL format -- Trust hierarchical models -- Hierarchical model -- Mesh PKIs -- Bridge certification authority architecture -- Certification path processing -- Path construction -- Path validation -- Deploying the enterprise's PKI -- Assessing the needs -- PKI deployment -- Conclusion -- References -- Biometric-based security systems -- Introduction -- Biometrics techniques -- Accuracy of biometric techniques -- Issues and challenges -- Concluding remarks -- References -- Trust management in communication networks -- Introduction -- Trust definition -- A model for trust -- Delegation of trust -- Digital credentials -- Active credentials -- SPKI certificates -- Authorization and access control systems -- Access control systems -- Authorization systems -- Trust policy -- Trust management systems -- PolicyMaker -- Referee -- Trust-management applications -- Clinical information systems -- E-payment systems -- Distribute firewalls -- Concluding remarks -- References -- E-security applications -- E-services security -- Introduction -- E-service basic concepts and roles -- Examples of e-services -- Basic technologies for e-services -- The UDDI/SOAP/WSDL initiative -- ebXML Initiative -- Technical challenges and security -- Message protection mechanisms -- Security needs -- SOAP message security -- Securing registry services -- ebXML registry security -- Service-side protection of registries -- Conclusion -- References -- E-government security -- Introduction -- E-government: concepts and practices -- E-government assets -- Challenges, limits, and obstacles to e-government -- Authentication in e-government -- Privacy in e-government -- E-voting security -- E-voting requirements -- E-voting limits -- E-voting solution -- Engineering secured e-government -- E-government model -- E-security model -- Implementing e-government -- Monitoring e-government security -- Security monitoring life cycle -- Monitoring tools -- Advanced issues in e-government -- Response support system -- From e-government to m-government -- Conclusion -- References -- E-commerce security -- Introduction -- E-commerce security requirements -- General form of the e-commerce process -- Security requirements -- Available security protocols -- Transaction security with SSL/TLS -- SSL/TLS features -- Security limitations of SSL/TLS -- Transaction security with SET -- Protocol overview -- SET process and security -- Certificate operation -- Securing electronic payment -- Payment classification.
Summary: E-based systems are ubiquitous in the modern world with applications spanning e-commerce, WLANs, health care and government organisations. The secure transfer of information has therefore become a critical area of research, development, and investment. This book presents the fundamental concepts and tools of e-based security and its range of applications. The core areas of e-based security - authentication of users; system integrity; confidentiality of communication; availability of business service; and non-repudiation of transactions - are covered in detail. Throughout the book the major trends, challenges and applications of e-security are presented, with emphasis on public key infrastructure (PKI) systems, biometric-based security systems, trust management systems, and the e-service paradigm. Intrusion detection technologies, virtual private networks (VPNs), malware, and risk management are also discussed. Technically oriented with many practical examples, this book is suitable for practitioners in network security, as well as graduate students and researchers in telecommunications and computer science.Summary: Secure transfer of information across e-based systems is a critical area of research. This book presents the fundamental concepts and tools of e-based security and a range of applications. The core areas of security - authentication of users; system integrity; confidentiality of communication; availability of business service; and non-repudiation of transactions - are covered in detail and the major trends, challenges and applications discussed. Technically oriented with many practical examples, this book is suitable for practitioners in network security, as well as graduate students and researchers in telecommunications and computer science.
Tags from this library: No tags from this library for this title. Log in to add tags.
Star ratings
    Average rating: 0.0 (0 votes)
Holdings
Item type Current library Call number Copy number Status Date due Barcode
Books Books Main library General Stacks 005.8 / OB.S 2007 (Browse shelf(Opens below)) 1 Available 001093

Includes bibliographical references and index.

Preface -- E-security -- Introduction to e-security -- Introduction -- Security costs -- The CSI/FBI computer crime and security survey -- Australian computer crime and security survey -- Security services -- Security services -- Security attacks -- Threats and vulnerabilities -- Basics of protection -- Security management -- Security policies -- Protections of users and networks -- Protection of employees -- Protection of networks -- Security planning -- Risk analysis -- Security plans -- Legal issues in system security -- Summary -- References -- Public key cryptosystems -- Introduction -- Symmetric encryption -- Secret key encryption features -- Secret key distribution -- Public key cryptosystems -- Trapdoor function model -- Conventional public key encryption -- Comparing cryptosystems -- Public key main algorithms -- RSA algorithm -- ElGamel algorithm -- Public key management -- Key management life cycle -- Key distribution -- Key recovery -- Attacks against public key cryptosystems -- Conclusion -- References -- Authentication and digital signature -- Introduction -- Weak authentication schemes -- Password-based authentication -- PIN-based authentication -- Strong authentication schemes -- Challenge-response by cryptosystems -- Challenge-response by zero-knowledge techniques -- Device-based authentication -- Attacks on authentication -- Digital signature frameworks -- The RSA signature scheme -- The DSA signature scheme -- One-time signature -- Hash functions -- Examples of hash functions -- Security of hash functions -- Message authentication -- Authentication applications -- X.509 Authentication service -- Kerberos service -- Authentication network services -- IP authentication header protocol -- Authentication in wireless networks -- Conclusion -- References -- E-system and network security tools -- Public key infrastructure (PKI) systems -- Introduction -- The PKIX architecture model -- Main PKI components -- PKI documents -- PKIX management functions -- Public key certificates -- Certificate format -- CRL format -- Trust hierarchical models -- Hierarchical model -- Mesh PKIs -- Bridge certification authority architecture -- Certification path processing -- Path construction -- Path validation -- Deploying the enterprise's PKI -- Assessing the needs -- PKI deployment -- Conclusion -- References -- Biometric-based security systems -- Introduction -- Biometrics techniques -- Accuracy of biometric techniques -- Issues and challenges -- Concluding remarks -- References -- Trust management in communication networks -- Introduction -- Trust definition -- A model for trust -- Delegation of trust -- Digital credentials -- Active credentials -- SPKI certificates -- Authorization and access control systems -- Access control systems -- Authorization systems -- Trust policy -- Trust management systems -- PolicyMaker -- Referee -- Trust-management applications -- Clinical information systems -- E-payment systems -- Distribute firewalls -- Concluding remarks -- References -- E-security applications -- E-services security -- Introduction -- E-service basic concepts and roles -- Examples of e-services -- Basic technologies for e-services -- The UDDI/SOAP/WSDL initiative -- ebXML Initiative -- Technical challenges and security -- Message protection mechanisms -- Security needs -- SOAP message security -- Securing registry services -- ebXML registry security -- Service-side protection of registries -- Conclusion -- References -- E-government security -- Introduction -- E-government: concepts and practices -- E-government assets -- Challenges, limits, and obstacles to e-government -- Authentication in e-government -- Privacy in e-government -- E-voting security -- E-voting requirements -- E-voting limits -- E-voting solution -- Engineering secured e-government -- E-government model -- E-security model -- Implementing e-government -- Monitoring e-government security -- Security monitoring life cycle -- Monitoring tools -- Advanced issues in e-government -- Response support system -- From e-government to m-government -- Conclusion -- References -- E-commerce security -- Introduction -- E-commerce security requirements -- General form of the e-commerce process -- Security requirements -- Available security protocols -- Transaction security with SSL/TLS -- SSL/TLS features -- Security limitations of SSL/TLS -- Transaction security with SET -- Protocol overview -- SET process and security -- Certificate operation -- Securing electronic payment -- Payment classification.

E-based systems are ubiquitous in the modern world with applications spanning e-commerce, WLANs, health care and government organisations. The secure transfer of information has therefore become a critical area of research, development, and investment. This book presents the fundamental concepts and tools of e-based security and its range of applications. The core areas of e-based security - authentication of users; system integrity; confidentiality of communication; availability of business service; and non-repudiation of transactions - are covered in detail. Throughout the book the major trends, challenges and applications of e-security are presented, with emphasis on public key infrastructure (PKI) systems, biometric-based security systems, trust management systems, and the e-service paradigm. Intrusion detection technologies, virtual private networks (VPNs), malware, and risk management are also discussed. Technically oriented with many practical examples, this book is suitable for practitioners in network security, as well as graduate students and researchers in telecommunications and computer science.

Secure transfer of information across e-based systems is a critical area of research. This book presents the fundamental concepts and tools of e-based security and a range of applications. The core areas of security - authentication of users; system integrity; confidentiality of communication; availability of business service; and non-repudiation of transactions - are covered in detail and the major trends, challenges and applications discussed. Technically oriented with many practical examples, this book is suitable for practitioners in network security, as well as graduate students and researchers in telecommunications and computer science.

1

There are no comments on this title.

to post a comment.