Computer Security

Dieter Gollmann

Publisher: Wiley, 1999, 320 pages

ISBN: 0-471-97844-2

Keywords: IT Security

Last modified: July 1, 2021, 1:13 a.m.

A comprehensive and practical text and the perfect starting point for this subject…

'Is this system secure?' seems, on the face of it, a straightforward question. Yet how one arrives at an answer is a process which poses a wide range of more complex questions which require a basic understanding of security mechanisms. Questions, such as:

  • Should protection focus on data, operations or users?
  • Whilst taking cast iron measures to build in security at one level, what does one do to prevent attackers gaining entry from a lower level?

Starting with basic definitions and concepts, the first section of the book goes on to outline the mechanisms located at the heart of the computer system, mechanisms which provide the basis for techniques used in all other branches of the system. The second section examines the security features found in operating systems such as UNIX and Windows NT, catalogues security breaches, and introduces the topic of security evaluation. A third section is devoted to issues associated with distributed systems, such as network — and Web — security and considers cryptography as an essential technique for such environments. The final section of the book is constructed around database security, discussing problems in multi-level security, and examining security problems in specific settings.

Written for self-study and course use, this book will suit a variety of introductory and more advanced security programmes for students of computer science, engineering and related disciplines. It meets a real need for a comprehensive textbook on the subject. Technical and project managers will also find that the broad coverage offers a great starting point for discovering underlying issues and provides a means of orientation in a world populated by a bewildering array of competing security systems.

  • Part One: Fundamentals
    1. Setting the Scene
      1. Definitions
      2. The Fundamental Dilemma of Computer Security
      3. Data vs. Information
      4. Principles of Computer Security
      5. The Layer Below
      • Further Reading
      • Exercises
    2. Identification and Authentication
      1. Username and Password
      2. Choosing Passwords
      3. Spoofing Attacks
      4. Protecting the Password File
      5. Single Sign-on
      6. Alternative Approaches
      • Further Reading
      • Exercises
    3. Access Control
      1. Background
      2. Subjects and Objects
      3. Access Operations
      4. Ownership
      5. Access Control Structures
      6. Intermediate Controls
      7. The Lattice of Security Levels
      • Further Reading
      • Exercises
    4. Security Models
      1. State Machine Models
      2. The Bell-LaPadula Model
      3. The Harrison-Ruzzo-Ullman Model
      4. The Chinese Wall Model
      5. The Biba Model
      6. The Clark-Wilson Model
      7. Information-Flow Models
      • Further Reading
      • Exercises
    5. The Security Kernel
      1. Rationale
      2. Operating System Integrity
      3. Hardware Security Features
      4. Reference Monitor
      • Further Reading
      • Exercises
  • Part Two: Practice
    1. Unix Security
      1. Introduction
      2. Unix Security Architecture
      3. Login and User Accounts
      4. Access Control
      5. Instances of General Security Principles
      6. Audit Logs and Intrusion Detection
      7. Wrappers
      8. Installation and Configuration
      • Further Reading
      • Exercises
    2. Windows NT Security
      1. Introduction
      2. The Registry
      3. Identification and Authentication
      4. Access Control — Features
      5. Access Control — Management
      6. Audit
      7. Security Aspects of DLLs
      • Further Reading
      • Exercises
    3. How Things Go Wrong
      1. Introduction
      2. Change in Environment
      3. Bound and Syntax Checking
      4. Convenient Features
      5. Controlled Invocation
      6. Bypass
      7. Flawed Protocol Implementations
      8. Virus Attacks
      9. Anti-Virus Software
      • Further Reading
      • Exercises
    4. Security Evaluation
      1. Introduction
      2. The Orange Book
      3. TNI — The Trusted Network Interpretation
      4. Information Technology Security Evaluation Criteria
      5. The Common Criteria
      6. Quality Standards
      7. Effort Well Spent?
      • Further Reading
      • Exercises
  • Part Three: Distributed Systems
    1. Distributed Systems Security
      1. Introduction
      2. Authentication
      3. Security APIs
      4. CORBA Security
      • Further Reading
      • Exercises
    2. World Wide Web Security
      1. Background
      2. Web Browsers
      3. CGI Scripts
      4. Cookies
      5. Certified Code
      6. The Sandbox
      7. Intellectual Property Protection
      • Further Reading
      • Exercises
    3. Cryptography
      1. Introduction
      2. Cryptographic Mechanisms
      3. Key Establishment Protocols
      4. Certificates
      5. Strength of Mechanism
      • Further Reading
      • Exercises
    4. Network Security
      1. Introduction
      2. TCP/IP Security
      3. Network Boundaries
      4. Firewalls
      • Further Reading
      • Exercises
  • Part Four: Theory
    1. Database Security
      1. Introduction
      2. Relational Databases
      3. Access Control
      4. Statistical Database Security
      5. Integration with the Operating System
      • Further Reading
      • Exercises
    2. Multi-Level Secure Databases
      1. Rationale
      2. MAC in a Relational Database
      3. Polyinstantiation
      4. Insert Low
      5. Implementation Issues
      • Further Reading
      • Exercises
    3. Concurrency Control and Multi-Level Security
      1. Motivation
      2. Concurrency Control
      3. MLS Concurrency Control
      4. Non-serialisable Concurrency Control
      • Further Reading
      • Exercises
    4. Object-Oriented Security
      1. Rationale
      2. The Object Model
      3. Security in the Object Model
      4. MAC in Object-Oriented Systems
      • Further Reading
      • Exercises

Reviews

Computer Security

Reviewed by Roland Buresund

Very Good ******** (8 out of 10)

Last modified: Nov. 14, 2008, 12:12 p.m.

Increadibly good coverage of the subject. Should be standard-litterature.

Comments

There are currently no comments

New Comment

required

required (not published)

optional

required

captcha

required