Skip to main content
Disciplines
Automotive Business IT + Informatics Construction + Real Estate Electrical Engineering + Electronics Energy + Sustainability Insurance + Risk Finance + Banking Management + Leadership Marketing + Sales Mechanical Engineering + Materials
Events
DE
EN
Books
Journals
Topic Page
Marketing
Start single access now
Access for companies
EXTENDED SEARCH
Log in
Top

2020 | Book

Basic Concepts and Principles Read chapter Read first chapter

Computer Security and the Internet

Tools and Jewels

Author: Prof. Paul C. van Oorschot

Publisher: Springer International Publishing

Book Series : Information Security and Cryptography

Part of: Springer Professional "Wirtschaft+Technik" , Springer Professional "Technik" , Springer Professional "Wirtschaft"

Login to get access
insite
SEARCH

About this book

This book provides a concise yet comprehensive overview of computer and Internet security, suitable for a one-term introductory course for junior/senior undergrad or first-year graduate students. It is also suitable for self-study by anyone seeking a solid footing in security – including software developers and computing professionals, technical managers and government staff. An overriding focus is on brevity, without sacrificing breadth of core topics or technical detail within them. The aim is to enable a broad understanding in roughly 350 pages. Further prioritization is supported by designating as optional selected content within this. Fundamental academic concepts are reinforced by specifics and examples, and related to applied problems and real-world incidents.

The first chapter provides a gentle overview and 20 design principles for security. The ten chapters that follow provide a framework for understanding computer and Internet security. They regularly refer back to the principles, with supporting examples. These principles are the conceptual counterparts of security-related error patterns that have been recurring in software and system designs for over 50 years.

The book is “elementary” in that it assumes no background in security, but unlike “soft” high-level texts it does not avoid low-level details, instead it selectively dives into fine points for exemplary topics to concretely illustrate concepts and principles. The book is rigorous in the sense of being technically sound, but avoids both mathematical proofs and lengthy source-code examples that typically make books inaccessible to general audiences. Knowledge of elementary operating system and networking concepts is helpful, but review sections summarize the essential background. For graduate students, inline exercises and supplemental references provided in per-chapter endnotes provide a bridge to further topics and a springboard to the research literature; for those in industry and government, pointers are provided to helpful surveys and relevant standards, e.g., documents from the Internet Engineering Task Force (IETF), and the U.S. National Institute of Standards and Technology.

Table of Contents

Frontmatter
Chapter 1. Basic Concepts and Principles
Abstract
Our subject area is computer and Internet security—the security of software, computers and computer networks, and of information transmitted over them and files stored on them.
Paul C. van Oorschot
Chapter 2. Cryptographic Building Blocks
Abstract
This chapter introduces basic cryptographic mechanisms that serve as foundational building blocks for computer security: symmetric-key and public-key encryption, public-key digital signatures, hash functions, and message authentication codes. Other mathematical and crypto background is deferred to specific chapters as warranted by context.
Paul C. van Oorschot
Chapter 3. User Authentication—Passwords,Biometrics and Alternatives
Abstract
Computer users regularly enter a username and password to access a local device or remote account. Authentication is the process of using supporting evidence to corroborate an asserted identity. In contrast, identification (recognition) establishes an identity from available information without an explicit identity having been asserted—such as picking out known criminals in a crowd, or finding who matches a given fingerprint; each crowd face is checked against a list of database faces for a potential match, or a given fingerprint is tested against a database of fingerprints.
Paul C. van Oorschot
Chapter 4. Authentication Protocols and Key Establishment
Abstract
This chapter discusses authentication protocols involving cryptographic algorithms. The main focus is authenticated key establishment protocols seeking to establish a cryptographic key (secret) for subsequent secure communications, with assurance of the identity of the far-end party sharing the key.
Paul C. van Oorschot
Chapter 5. Operating System Security and Access Control
Abstract
Mass-produced computers emerged in the 1950s. 1960s time-sharing systems brought security requirements into focus. 1965-1975 was the golden design age for operating system (OS) protection mechanisms, hardware protection features and address translation.
Paul C. van Oorschot
Chapter 6. Software Security—Exploits and Privilege Escalation
Abstract
Here we discuss known methods to exploit common security vulnerabilities in programs. The focus of software security (versus, e.g., security software) is exploitable software implementation errors and design flaws; this may be combined with abuse of a system’s architectural features and functionality.
Paul C. van Oorschot
Chapter 7. Malicious Software
Abstract
This section discusses malicious software (malware) in categories: computer viruses and worms, rootkits, botnets and other families. Among the many possible ways to name and classify malware, we use groupings based on characteristics—including propagation tactics and malware motives—that aid discussion and understanding. We consider why it can be hard to stop malware from entering systems, to detect it, and to remove it.
Paul C. van Oorschot
Chapter 8. Public-Key Certificate Management and Use Cases
Abstract
This chapter explains certificate management and public-key infrastructure (PKI), what they provide, technical mechanisms and architectures, and challenges. Two major certificate use cases are also considered here as examples: TLS as used in HTTPS for secure browser-server communications, and end-to-end encrypted email. Additional applications include SSH and IPsec (Chapter 10), DNSSEC (Chapter 11), and trusted computing.
Paul C. van Oorschot
Chapter 9. Web and Browser Security
Abstract
We now aim to develop an awareness of what can go wrong on the web, through browserserver interactions as web resources are transferred and displayed to users. When a browser visits a web site, the browser is sent a page (HTML document). The browser renders the document by first assembling the specified pieces and executing embedded executable content (if any), perhaps being redirected to other sites.
Paul C. van Oorschot
Chapter 10. Firewalls and Tunnels
Abstract
This chapter discusses perimeter-based defenses, starting with firewalls and then complementary enabling technologies for securing network communications of remote users and distance-separated peers. Generic tools called encrypted tunnels and virtual private networks (VPNs) are illustrated by SSH and IPsec. We consider risks of network-accessible services and how to securely provide such services, building familiarity with network defense options (and their limitations).
Paul C. van Oorschot
Chapter 11. Intrusion Detection and Network-Based Attacks
Abstract
This second of two chapters on network security complements Chapter 10’s treatment of firewalls and tunnels. Here we discuss intrusion detection and various tools for network monitoring (packet sniffing) and vulnerability assessment, followed by denial of service and other network-based attacks that exploit standard TCP/IP network or Ethernet protocols.
Paul C. van Oorschot
Backmatter
Metadata
Title
Computer Security and the Internet
Author
Prof. Paul C. van Oorschot
Copyright Year
2020
Electronic ISBN
978-3-030-33649-3
Print ISBN
978-3-030-33648-6
DOI
https://doi.org/10.1007/978-3-030-33649-3

Premium Partner

    Image Credits