Differences between revisions 14 and 27 (spanning 13 versions)
Revision 14 as of 2011-01-09 18:53:56
Size: 3200
Editor: 71-88-174-166
Comment:
Revision 27 as of 2011-03-27 21:21:59
Size: 3670
Editor: 24-151-193-255
Comment: Making it part of the hierarchy of NetworkSecurity
Deletions are marked like this. Additions are marked like this.
Line 1: Line 1:
= Describe NetworkSecurityEssentials4 = ## page was renamed from NetworkSecurityEssentials4
= NetworkSecurityEssentials4 Notes Not From Lectures =
Line 3: Line 4:
This page includes Dr. A's own notes on Network Security Essentials 4th Edition. This page includes Dr. A's own notes (Lecture notes) on Network Security Essentials 4th Edition.   <<TableOfContents>>
Line 40: Line 43:
    1. Material I prepared on Privacy (2010) [[attachment:Privacy, Legal and Ethical Issues.pptx]]
Line 41: Line 45:
    1. {{ethics.bmp}}
    1. Professional Ethics
    1. Professional Ethics {{attachment:ethics.bmp}}
    1. [[attachment:COE_Flyer.pdf|ACM Code of Ethics]]

== Chapter 2: Symmetric Cryptosystems ==

See: [[DES]]

== Chapter 3: Public Key Cryptosystems ==

See: [[RSA]]

== Chapter 10: Malicious Software ==

See: NetworkSecurity/MaliciousSoftware

NetworkSecurityEssentials4 Notes Not From Lectures

This page includes Dr. A's own notes (Lecture notes) on Network Security Essentials 4th Edition.

Chapter 1

  1. No clear boundary exists between computer security and network/Internet security. This book comes to the problem from the network security side.
  2. CIA triad from "computer security"
    1. Confidentiality

    2. Integrity

    3. Availability

    4. Many experts add:
      1. Authenticity
      2. Accountability (non-repudiation, deterrence, fault isolation, intrusion detection and prevention, after-action recovery and legal action)
  3. Computer security is complex
    1. Requirements stated in one word, but mechanisms to fulfill requirements often complex
    2. Security mechanisms prone to attack
    3. Threat analysis to a security service may reveal additional complexity
    4. Placement of the mechanisms not trivial... see the rest on page 8.
  4. OSI securiity model
    1. Users and software use Security Services which in turn use...

    2. Security Mechanisms to block

    3. Security Attacks. An example can be seen in Figure 1.

    4. Figure 1. OSI Model.png

    5. You should know these categories well!

Chapter 13

  1. What is cybercrime? The department of justice categorizes cybercrimes into three categories:
    1. Computers as targets: This form of crime targets a computer system, to acquire information stored on that computer system, to control the target system without authorization or payment (theft of service), or to alter the integrity of data or interfere with the availability of the computer or server. Using the terminology of Chapter 1, this form of crime involves an attack on data integrity, system integrity, data confidentiality, privacy, or availability.
    2. Computers as storage devices: Computers can be used to further unlawful activity by using a computer or a computer device as a passive storage medium. For example, the computer can be used to store stolen password lists, credit card or calling card numbers, proprietary corporate information, pornographic image files, or “warez” (pirated commercial software).
    3. Computers as communications tools: Many of the crimes falling within this category are simply traditional crimes that are committed online. Examples include the illegal sale of prescription drugs, controlled substances, alcohol, and guns; fraud; gambling; and child pornography.
  2. Intellectual Property (Patents and Copyright issues)
    1. What is a patent, what does it cover, how long is it in place for?
    2. What is a copyright, what does it cover, how long is it in place for?
    3. In your opinion, which of these is the most abused by the owners? Which is the most abused by the users?
  3. Privacy (We discussed this on the first day of class)
    1. What privacy protections are in place in the USA? How do these differ from other countries? (Especially European)
    2. Be able to name some of the relevant laws regarding privacy in the USA. Be able to describe at least one of them in detail.
    3. Material I prepared on Privacy (2010) Privacy, Legal and Ethical Issues.pptx

  4. Ethics
    1. Professional Ethics ethics.bmp

    2. ACM Code of Ethics

Chapter 2: Symmetric Cryptosystems

See: DES

Chapter 3: Public Key Cryptosystems

See: RSA

Chapter 10: Malicious Software

See: NetworkSecurity/MaliciousSoftware

NetworkSecurity/NetworkSecurityEssentials4 (last edited 2011-04-04 15:47:11 by vmhost3b)