文件名称:Computer Security: Art and Science 计算机安全:艺术与科学 PDF版
文件大小:9.16MB
文件格式:PDF
更新时间:2017-03-22 10:02:03
计算机安全 理论 PDF
本书详尽地介绍了计算机安全的理论与实践,阐释了该领域最基本和最普遍的知识,包括计算机安全的本质和面临的挑战,策略与安全的关系,密码学的角色与应用,策略实现机制,保障技术和方法学,脆弱性分析和入侵检测等。同时把计算机系统、网络、人为因素和密码学等概念融为一体,本书可作为信息安全、计算机等相关专业本科生、研究生的教科书和学习参考书,也可作为维护网络和计算机系统安全的管理人员、信息安全技术开发人员的工具书和参考书。 The importance of computer security has increased dramatically during the past few years. Bishop provides a monumental reference for the theory and practice of computer security. This is a textbook intended for use at the advanced undergraduate and introductory graduate levels, non-University training courses, as well as reference and self-study for security professionals. Comprehensive in scope, this covers applied and practical elements, theory, and the reasons for the design of applications and security techniques. Bishop treats the management and engineering issues of computer. Excellent examples of ideas and mechanisms show how disparate techniques and principles are combined (or not) in widely-used systems. Features a distillation of a vast number of conference papers, dissertations and books that have appeared over the years, providing a valuable synthesis. This book is acclaimed for its scope, clear and lucid writing, and its combination of formal and theoretical aspects with real systems, technologies, techniques, and policies. Preface Goals Philosophy Organization Roadmap Dependencies Background UndergraduateLevel GraduateLevel Practitioners SpecialAcknowledgment Acknowledgments PART1:INTRODUCTION ChapterIAnOverviewofComputerSecurity 1.1TheBasicComponents 1.2Threats 1.3PolicyandMechanism 1.4AssumptionsandTrust 1.5Assurance 1.6OperationalIssues 1.7HumanIssues 1.8TyingItAllTogether 1.9Summary 1.10ResearchIssues 1.11FurtherReading 1.12Exercises PART2:FOUNDATIONS Chapter2AccessControlMatrix 2.1ProtectionState 2.2AccessControlMatrixModel 2.3ProtectionStateTransitions 2.4Copying,Owning,andtheAttenuationofPrivilege 2.5Summary 2.6ResearchIssues 2.7FurtherReading 2.8Exercises Chapter3FoundationalResults 3.1TheGeneralQuestion 3.2BasicResults 3.3TheTake-GrantProtectionModel 3.4ClosingtheGap 3.5ExpressivePowerandtheModels 3.6Summary 3.7ResearchIssues 3.8FurtherReading 3.9Exercises PART3:POLICY Chapter4SecurityPolicies 4.1SecurityPolicies 4.2TypesofSecurityPolicies 4.3TheRoleofTrust 4.4TypesofAccessControl 4.5PolicyLanguages 4.6Example:AcademicComputerSecurityPolicy 4.7SecurityandPrecision 4.8Summary 4.9ResearchIssues 4.10FurtherReading 4.11Exercises Chapter5ConfidentialityPolicies 5.1GoalsofConfidentialityPolicies 5.2TheBell-LaPadulaModel 5.3Tranquility 5.4TheControversyovertheBell-LaPadulaModel 5.5Summary 5.6ResearchIssues 5.7FurtherReading 5.8Exercises Chapter6IntegrityPolicies 6.1Goals 6.2BibaIntegrityModel 6.3Lipner'sIntegrityMatrixModel 6.4Clark-WilsonIntegrityModel 6.5Summary 6.6ResearchIssues 6.7FurtherReading 6.8Exercises Chapter7HybridPolicies 7.1ChineseWallModel 7.2ClinicalInformationSystemsSecurityPolicy 7.3OriginatorControlledAccessControl 7.4Role-BasedAccessControl 7.5Summary 7.6ResearchIssues 7.7FurtherReading 7.8Exercises Chapter8NoninterferenceandPolicyComposition 8.1TheProblem 8.2DeterministicNoninterference 8.3Nondeducibility 8.4GeneralizedNoninterference 8.5Restrictiveness 8.6Summary 8.7ResearchIssues 8.8FurtherReading 8.9Exercises PART4:IMPLEMENTATIONI:CRYPTOGRAPHY Chapter9BasicCryptography 9.1WhatIsCryptography? 9.2ClassicalCryptosystems 9.3PublicKeyCryptography 9.4CryptographicChecksums 9.5Summary 9.6ResearchIssues 9.7FurtherReading 9.8Exercises Chapter10KeyManagement 10.1SessionandInterchangeKeys 10.2KeyExchange 10.3KeyGeneration 10.4CryptographicKeyInfrastructures 10.5StoringandRevokingKeys 10.6DigitalSignatures 10.7Summary 10.8ResearchIssues 10.9FurtherReading 10.10Exercises Chapter11CipherTechniques 11.1Problems 11.2StreamandBlockCiphers 11.3NetworksandCryptography 11.4ExampleProtocols 11.5Summary 11.6ResearchIssues 11.7FurtherReading 11.8Exercises Chapter12Authentication 12.1AuthenticationBasics 12.2Passwords 12.3Challenge-Response 12.4Biometrics 12.5Location 12.6MultipleMethods 12.7Summary 12.8ResearchIssues 12.9FurtherReading 12.10Exercises PART5:IMPLEMENTATIONII:SYSTEMS Chapter13DesignPrinciples 13.1Overview 13.2DesignPrinciples 13.3Summary 13.4ResearchIssues 13.5FurtherReading 13.6Exercises Chapter14RepresentingIdentity 14.1WhatIsIdentity? 14.2FilesandObjects 14.3Users 14.4GroupsandRoles 14.5NamingandCertificates 14.6IdentityontheWeb 14.7Summary 14.8ResearchIssues 14.9FurtherReading 14.10Exercises Chapter15AccessControlMechanisms 15.1AccessControlLists 15.2Capabilities 15.3LocksandKeys 15.4Ring-BasedAccessControl 15.5PropagatedAccessControlLists 15.6Summary 15.7ResearchIssues 15.8FurtherReading 15.9Exercises Chapter16InformationFlow 16.1BasicsandBackground 16.2NonlatticeInformationFlowPolicies 16.3Compiler-BasedMechanisms 16.4Execution-BasedMechanisms 16.5ExampleInformationFlowControls 16.6Summary 16.7ResearchIssues 16.8FurtherReading 16.9Exercises Chapter17ConfinementProblem 17.1TheConfinementProblem 17.2Isolation 17.3CovertChannels 17.4Summary 17.5ResearchIssues 17.6FurtherReading 17.7Exercises PART6:ASSURANCEContributedbyElisabethSullivan Chapter18IntroductiontoAssurance 18.1AssuranceandTrust 18.2BuildingSecureandTrustedSystems 18.3Summary 18.4ResearchIssues 18.5FurtherReading 18.6Exercises Chapter19BuildingSystemswithAssurance 19.1AssuranceinRequirementsDefinitionandAnalysis 19.2AssuranceDuringSystemandSoftwareDesign 19.3AssuranceinImplementationandIntegration 19.4AssuranceDuringOperationandMaintenance 19.5Summary 19.6ResearchIssues 19.7FurtherReading 19.8Exercises Chapter20FormalMethods 20.1FormalVerificationTechniques 20.2FormalSpecification 20.3EarlyFormalVerificationTechniques 20.4CurrentVerificationSystems 20.5Summary 20.6ResearchIssues 20.7FurtherReading 20.8Exercises Chapter21EvaluatingSystems 21.1GoalsofFormalEvaluation 21.2TCSEC:1983-1999 21.3InternationalEffortsandtheITSEC:1991-2001 21.4CommercialInternationalSecurityRequirements:1991 21.5OtherCommercialEfforts:Early1990s 21.6TheFederalCriteria:1992 21.7FIPS140:1994-Present 21.8TheCommonCriteria:1998-Present 21.9SSE-CMM:1997-Present 21.10Summary 21.11ResearchIssues 21.12FurtherReading 21.13Exercises PART7:SPECIALTOPICS Chapter22MaliciousLogic 22.1Introduction 22.2*Horses 22.3ComputerViruses 22.4ComputerWorms 22.5OtherFormsofMaliciousLogic 22.6TheoryofMaliciousLogic 22.7Defenses 22.8Summary 22.9ResearchIssues 22.10FurtherReading 22.11Exercises Chapter23VulnerabilityAnalysis 23.1Introduction 23.2PenetrationStudies 23.3VulnerabilityClassification 23.4Frameworks 23.5GuptaandGligor'sTheoryofPenetrationAnalysis 23.6Summary 23.7ResearchIssues 23.8FurtherReading 23.9Exercises Chapter24Auditing 24.1Definitions 24.2AnatomyofanAuditingSystem 24.3DesigninganAuditingSystem 24.4APosterioriDesign 24.5AuditingMechanisms 24.6Examples:AuditingFileSystems 24.7AuditBrowsing 24.8Summary 24.9ResearchIssues 24.10FurtherReading 24.11Exercises Chapter25IntrusionDetection 25.1Principles 25.2BasicIntrusionDetection 25.3Models 25.4Architecture 25.5OrganizationofIntrusionDetectionSystems 25.6IntrusionResponse 25.7Summary 25.8ResearchIssues 25.9FurtherReading 25.10Exercises PART8:PRACTICUM Chapter26NetworkSecurity 26.1Introduction 26.2PolicyDevelopment 26.3NetworkOrganization 26.4AvailabilityandNetworkFlooding 26.5AnticipatingAttacks 26.6Summary 26.7ResearchIssues 26.8FurtherReading 26.9Exercises Chapter27SystemSecurity 27.1Introduction 27.2Policy 27.3Networks 27.4Users 27.5Authentication 27.6Processes 27.7Files 27.8Retrospective 27.9Summary 27.10ResearchIssues 27.11FurtherReading 27.12Exercises Chapter28UserSecurity 28.1Policy 28.2Access 28.3FilesandDevices 28.4Processes 28.5ElectronicCommunications 28.6Summary 28.7ResearchIssues 28.8FurtherReading 28.9Exercises Chapter29ProgramSecurity 29.1Introduction 29.2RequirementsandPolicy 29.3Design 29.4RefinementandImplementation 29.5CommonSecurity-RelatedProgrammingProblems 29.6Testing,Maintenance,andOperation 29.7Distribution 29.8Conclusion 29.9Summary 29.10ResearchIssues 29.11FurtherReading 29.12Exercises PART9:ENDMATTER Chapter30Lattices 30.1Basics 30.2Lattices 30.3Exercises Chapter31TheExtendedEuclideanAlgorithm 31.1TheEuclideanAlgorithm 31.2TheExtendedEuclideanAlgorithm 31.3Solvingaxmodn=1 31.4Solvingaxmodn=b 31.5Exercises Chapter32EntropyandUncertainty 32.1ConditionalandJointProbability 32.2EntropyandUncertainty 32.3JointandConditionalEntropy 32.4Exercises Chapter33VirtualMachines 33.1VirtualMachineStructure 33.2VirtualMachineMonitor 33.3Exercises Chapter34SymbolicLogic 34.1PropositionalLogic 34.2PredicateLogic 34.3TemporalLogicSystems 34.4Exercises Chapter35ExampleAcademicSecurityPolicy 35.1UniversityofCaliforniaE-mailPolicy 35.2TheAcceptableUsePolicyfortheUniversityofCalifomia,Davis Bibliography Index