Cyber Security and IT Infrastructure Protection.

Format:

Book

Author/Creator:

Vacca, John R.

Language:

English

Subjects (All):

Cyberterrorism--Prevention.

Cyberterrorism -- Prevention.

Physical Description:

1 online resource (381 pages)

Edition:

1st ed.

Place of Publication:

San Diego : Elsevier Science & Technology Books, 2013.

Contents:

Front Cover

Cyber Security and IT Infrastructure Protection

Copyright Page

Contents

Acknowledgements

About the Editor

Contributors

Introduction

Organization of this Book

1. Fault Tolerance and Resilience in Cloud Computing Environments

1. Introduction

2. Cloud Computing Fault Model

Cloud Computing Architecture

Failure Behavior of Servers

Failure Behavior of the Network

3. Basic Concepts on Fault Tolerance

4. Different Levels of Fault Tolerance in Cloud Computing

5. Fault Tolerance against Crash Failures in Cloud Computing

6. Fault Tolerance against Byzantine Failures in Cloud Computing

7. Fault Tolerance as a Service in Cloud Computing

8. Summary

Chapter Review Questions/Exercises

True/False

Multiple Choice

Exercise

Problem

Hands-On Projects

Project

Case Projects

Optional Team Case Project

Acknowledgments

References

2. Data Encryption

1. Need for Cryptography

Authentication

Confidentiality

Integrity

Nonrepudiation

2. Mathematical Prelude to Cryptography

Mapping or Function

Probability

Complexity

3. Classical Cryptography

The Euclidean Algorithm

The Extended Euclidean Algorithm

Modular Arithmetic

Congruence

Residue Class

Inverses

Fundamental Theorem of Arithmetic

Congruence Relation Defined

Substitution Cipher

Transposition Cipher

4. Modern Symmetric Ciphers

S-Box

P-Boxes

Product Ciphers

5. Algebraic Structure

Definition Group

Definitions of Finite and Infinite Groups (Order of a Group)

Definition Abelian Group

Examples of a Group

Definition: Subgroup

Definition: Cyclic Group

Rings

Examples

Definition: Field

Finite Fields GF(2n)

Modular Polynomial Arithmetic Over GF(2).

Using a Generator to Represent the Elements of GF(2n)

GF(23) is a Finite Field

6. The Internal Functions of Rijndael in AES Implementation

Mathematical Preliminaries

State

The S-Box (SubByte)

ShiftRows

Mixing

Subkey Addition

Putting it Together

Round

7. Use of Modern Block Ciphers

The Electronic Code Book (ECB)

Cipher-Block Chaining (CBC)

8. Public-Key Cryptography

Review: Number Theory

Coprimes

Cardinality of Primes

Factoring

Fermat's Little Theorem

Discrete Logarithm

Primitive Roots

9. Cryptanalysis of RSA

Factorization Attack

Discrete Logarithm Problem

10. Diffie-Hellman Algorithm

Diffie-Hellman Problem

11. Elliptic Curve Cryptosystems

An Example

Addition Formula

Example of Elliptic Curve Addition

EC Security

12. Message Integrity and Authentication

Cryptographic Hash Functions

Preimage Resistance

Second Preimage Resistance (Weak Collision Resistance)

Strong Collision Resistance

Message Authentication

Digital Signature

Message Integrity Uses a Hash Function in Signing the Message

RSA Digital Signature Scheme

RSA Digital Signature and the Message Digest

13. Triple Data Encryption Algorithm (TDEA) Block Cipher

Applications

14. Summary

3. Public Key Infrastructure

1. Cryptographic Background

Digital Signatures

Public Key Encryption

2. Overview of PKI

3. The X.509 Model

The History of X.509

The X.509 Certificate Model

4. X.509 Implementation Architectures

5. X.509 Certificate Validation

Validation Step 1: Construct the Chain and Validate Signatures.

Step 2: Check Validity Dates, Policy and Key Usage

Step 3: Consult Revocation Authorities

6. X.509 Certificate Revocation

Delta CRLs

Online Certificate Status Protocol

7. Server-Based Certificate Validity Protocol

8. X.509 Bridge Certification Systems

Mesh PKIs and Bridge CAs

9. X.509 Certificate Format

X.509 V1 and V2 Format

X.509 V3 Format

X.509 Certificate Extensions

Authority Key Identifier

Subject Key Identifier

Key Usage

Subject Alternative Name

Policy Extensions

Certificate Policy

Policy Mapping

Policy Constraints

10. PKI Policy Description

11. PKI Standards Organizations

IETF PKIX

SDSI/SPKI

IETF OpenPGP

12. PGP Certificate Formats

13. PGP PKI Implementations

14. W3C

15. Is PKI Secure?

16. Alternative PKI Architectures

17. Modified X.509 Architectures

Perlman and Kaufman's User-Centric PKI

Guttman's Plug and Play PKI

Callas' Self-Assembling PKI

18. Alternative Key Management Models

19. Summary

Directory Architectures

Bridge Cas and Revocation Modeling

4. Physical Security Essentials

1. Overview

2. Physical Security Threats

Natural Disasters

Environmental Threats

Inappropriate Temperature and Humidity

Fire and Smoke

Water Damage

Chemical, Radiological, and Biological Hazards

Dust

Infestation

Technical Threats

Electrical Power

Electromagnetic Interference

Human-Caused Physical Threats

3. Physical Security Prevention and Mitigation Measures

Other Environmental Threats.

Technical Threats

4. Recovery from Physical Security Breaches

5. Threat Assessment, Planning, and Plan Implementation

Threat Assessment

Planning and Implementation

6. Example: A Corporate Physical Security Policy

7. Integration of Physical and Logical Security

8. Physical Security Checklist

9. Summary

5. Disaster Recovery

2. Measuring Risk and Avoiding Disaster

Assessing Risk in the Enterprise

Steps in the Risk Process

Matching the Response to the Threat

3. The Business Impact Assessment (BIA)

Identifying Business-Critical Activities

Specifying Required IT Support from Technical Staff

Designing Recovery Solutions

Establishing a Disaster Recovery Site

Site Choices: Configuration and Acquisition

Choosing Suppliers: In-House Versus Third Party

Specifying Equipment

4. Summary

6. Biometrics

1. Relevant Standards

2. Biometric System Architecture

Data Capture

Signal Processing

Matching

Data Storage

Decision

Adaptation

3. Using Biometric Systems

Enrollment

Identification

4. Security Considerations

Error Rates

Doddington's Zoo

Birthday Attacks

Comparing Technologies

Storage of Templates

5. Summary

Optional Team Case Project.

Problem

7. Homeland Security

1. Statutory Authorities

The USA PATRIOT Act of 2001 (PL 107-56)

The Aviation and Transportation Security Act of 2001 (PL 107-71)

Enhanced Border Security and Visa Entry Reform Act of 2002 (PL 107-173)

Public Health Security, Bioterrorism Preparedness &amp

Response Act of 2002 (PL 107-188)

Homeland Security Act of 2002 (PL 107-296)

E-Government Act of 2002 (PL 107-347)

2. Homeland Security Presidential Directives

3. Organizational Actions

Department of Homeland Security Subcomponents

State and Federal Organizations

The Governor's Office of Homeland Security

California Office of Information Security and Privacy Protection

Private Sector Organizations for Information Sharing

Hands-on Projects

8. Cyber Warfare

1. Cyber Warfare Model

2. Cyber Warfare Defined

3. CW: Myth or Reality?

4. Cyber Warfare: Making CW Possible

Preparation

Research

Reconnaissance

Vulnerability Enumeration

Offensive Strategies

Psychological Weapons

Technical Weapons

Vulnerability Databases

Deployment Tools

Payloads

Control Consoles

Defensive Strategies

5. Legal Aspects of CW

Terrorism and Sovereignty

Liability Under International Law

State Responsibility

Individual Liability

Remedies Under International Law

Self-Defense

International Criminal Court

Other Remedies

Developing Countries Response

6. Holistic View of Cyber Warfare

7. Summary

Problem.

9. System Security.

Notes:

Description based on publisher supplied metadata and other sources.

Other Format:

Print version: Vacca, John R. Cyber Security and IT Infrastructure Protection

ISBN:

9780124200470

OCLC:

857277688