計(jì)算機(jī)安全導(dǎo)論

內(nèi)容概要

《大學(xué)計(jì)算機(jī)教育國外著名教材系列:計(jì)算機(jī)安全導(dǎo)論(影印版)》旨在從應(yīng)用的觀點(diǎn)來介紹計(jì)算機(jī)安全的一般原則。通過《大學(xué)計(jì)算機(jī)教育國外著名教材系列:計(jì)算機(jī)安全導(dǎo)論(影印版)》，讀者能熟悉常見的網(wǎng)絡(luò)攻擊，包括病毒、蠕蟲、密碼破解、按鍵記錄器、拒絕服務(wù)、DNS緩存中毒、端口掃描、欺騙和網(wǎng)絡(luò)釣魚等，掌握與計(jì)算機(jī)和網(wǎng)絡(luò)脆弱性相關(guān)的鑒別和防御技術(shù)，以及用于檢測和修復(fù)受感染系統(tǒng)的方法，學(xué)習(xí)如加密、數(shù)字簽名、加密協(xié)議和訪問控制模型等安全系統(tǒng)的基本要素，同時(shí)，還將學(xué)習(xí)如鎖、手機(jī)、ATM機(jī)和信用卡等相關(guān)常用物品的安全原則。

作者簡介

作者：（美國）古德里奇（Michael T.Goodrich） （美國）塔瑪薩（Roberto Tamassia）

書籍目錄

Introduction 1.1 Fundamental Concepts 1.1.1 Confidentiality,Integrity,and Availability  1.1.2 Assurance,Authenticity,and Anonymity  1.1.3 Threats and Attacks 1.1.4 Security Principles 1.2 Access Control Models 1.2.1 Access Control Matrices 1.2.2 Access Control Lists 1.2.3 Capabilities 1.2.4 Role-Based Access Control 1.3 Cryptographic Concepts 1.3.1 Encryption 1.3.2 Digital Signatures 1.3.3 Simple Attacks on Cryptosystems 1.3.4 Cryptographic Hash Functions 1.3.5 Digital Certificates 1.4 Implementation and Usability Issues 1.4.1 Efficiency and Usability 1.4.2 Passwords 1.4.3 Social Engineering 1.4.4 Vulnerabilities from Programming Errors  1.5 Exercises Physical Security 2.1 Physical Protections and Attacks 2.2 Locks and Safes 2.2.1 Lock Technology 2.2.2 Attacks on Locks and Safes 2.2.3 The Mathematics of Lock Security 2.3 Authentication Technologies 2.3.1 Barcodes 2.3.2 Magnetic Stripe Cards 2.3.3 Smart Cards 2.3.4 RFIDs 2.3.5 Biometrics  2.4 Direct Attacks Against Computers 2.4.1 Environmental Attacks and Accidents 2.4.2 Eavesdropping 2.4.3 TEMPEST 2.4.4 Live CDs 2.4.5 Computer Forensics 2.5 Special-Purpose Machines 2.5.1 Automated Teller Machines 2.5.2 Voting Machines 2.6 Physical Intrusion Detection 2.6.1 Video Monitoring 2.6.2 Human Factors and Social Engineering 2.7 Exercises Operating Systems Security 3.1 Operating Systems Concepts 3.1.1 The Kernel and Input/Output 3.1.2 Processes 3.1.3 The Filesystem 3.1.4 Memory Management 3.1.5 Virtual Machines 3.2 Process Security 3.2.1 Inductive Trust from Start to Finish 3.2.2 Monitoring， Management， and Logging 3.3 Memory and Filesystem Security 3.3.1 Virtual Memory Security 3.3.2 Password-Based Authentication 3.3.3 Access Control and Advanced File Permissions 3.3.4 File Descriptors 3.3.5 Symbolic Links and Shortcuts 3.4 Application Program Security 3.4.1 Compiling and Linking 3.4.2 Simple Buffer Overflow Attacks 3.4.3 Stack-Based Buffer Overflow 3.4.4 Heap-Based Buffer Overflow Attacks 3.4.5 Format String Attacks 3.4.6 Race Conditions 3.5 Exercises Malware 4.1 Insider Attacks 4.1.1 Backdoors 4.1.2 Logic Bombs 4.1.3 Defenses Against Insider Attacks 4.2 Computer Viruses 4.2.1 Virus Classification 4.2.2 Defenses Against Viruses 4.2.3 Encrypted Viruses 4.2.4 Polymorphic and Metamorphic Viruses 4.3 Malware Attacks 4.3.1 Trojan Horses 4.3.2 Computer Worms 4.3.3 Rootkits 4.3.4 Zero-Day Attacks 4.3.5 Botnets 4.4 Privacy-lnvasive Software 4.4.1 Adware 4.4.2 Spyware 4.5 Countermeasures 4.5.1 Best Practices 4.5.2 The Impossibility of Detecting All Malware  4.5.3 The Malware Detection Arms Race 4.5.4 Economics of Malware 4.6 Exercises Network Security Ⅰ 5.1 Network Security Concepts 5.1.1 Network Topology 5.1.2 Internet Protocol Layers 5.1.3 Network Security Issues 5.2 The Link Layer 5.2.1 Ethernet 5.2.2 Media Access Control (MAC) Addresses 5.2.3 ARP Spoofing  5.3 The Network Layer 5.3.1 IP 5.3.2 Internet Control Message Protocol 5.3.3 IP Spoofing 5.3.4 Packet Sniffing 5.4 The Transport Layer 5.4.1 Transmission Control Protocol (TCP) 5.4.2 User Datagram Protocol (UDP) 5.4.3 Network Address Translation (NAT) 5.4.4 TCP Session Hijacking 5.5 Denial-of-Service Attacks 5.5.1 ICMP Attacks 5.5.2 SYN Flood Attacks 5.5.3 Optimistic TCP ACK Attack 5.5.4 Distributed Denial-of-Service 5.5.5 IP Traceback 5.6 Exercises 6 Network Security Ⅱ 6.1 The Application Layer and DNS 6.1.1 A Sample of Application-Layer Protocols 6.1.2 The Domain Name System (DNS) 6.1.3 DNS Attacks 6.1.4 DNSSEC 6.2 Firewalls 6.2.1 Firewall Policies 6.2.2 Stateless and Stateful Firewalls 6.3 Tunneling 6.3.1 Secure Shell (SSH) 6.3.2 IPsec 6.3.3 Virtual Private Networking (VPN) 6.4 Intrusion Detection 6.4.1 Intrusion Detection Events 6.4.2 Rule-Based Intrusion Detection 6.4.3 Statistical Intrusion Detection 6.4.4 Port Scanning 6.4.5 Honeypots 6.5 Wireless Networking 6.5.1 Wireless Technologies 6.5.2 Wired Equivalent Privacy (WEP) …… 7 Web Security 8 Cryptography 9 Security Models and Practice 10 Distributed-Applications Security

章節(jié)摘錄

版權(quán)頁：   插圖：   Fingerprints have been used in forensic work since the mid-19th century to identify criminals,but more recently,fingerprint scanners have been incorporated into electronic authentication systems as a means of granting access to specific users.Unlike signatures,fingerprints are universal except in rare cases,unique,easily collected and analyzed,and difficult to circum-vent,making them an effective biometric characteristic.While fingerprints may change slightly over time,the degree to which they change does not affect a biometric system's ability to identify the owner. Voice recognition does not score as well.While most people have a voice and are willing to use it as a means of authentication,it is often not distinctive enough to differentiate from another person's voice.In addition,the human voice changes significantly from year to year,and voice recog-nition systems can be easily circumvented using a sound recording of an authorized user. Another common biometric system uses a person's eyes as a unique characteristic.These types of scans satisfy universality,distinctiveness,permanence,and collectability,and are very difficult to circumvent.Older systems employ retinal scanning,which involves illuminating the eye with a bright sensor and capturing an image of the blood vessels in the back of the eye.Many users find retinal scanning uncomfortable or invasive,and would prefer other means of authentication.Iris scanning systems are generally better received,providing equally strong authentication by taking a high-quality photograph of the surface of the eye. Other biometric systems are more commonly used to identify people in public,rather than provide authentication for a select pool of users.

編輯推薦

《大學(xué)計(jì)算機(jī)教育國外著名教材系列:計(jì)算機(jī)安全導(dǎo)論(影印版)》重點(diǎn)介紹的不是有關(guān)安全的數(shù)學(xué)與計(jì)算知識(shí)，而是站在計(jì)算機(jī)安全的系統(tǒng)、技術(shù)、管理和策略的角度，為讀者提供計(jì)算機(jī)安全的基本概念、計(jì)算機(jī)面臨的威脅以及相應(yīng)的對策，是高等學(xué)校本科生“計(jì)算機(jī)安全”課程的理想教材。

圖書封面

評論、評分、閱讀與下載

---

    計(jì)算機(jī)安全導(dǎo)論 PDF格式下載

---