Computer Security Principles and Practice-计算机安全原理与实践
目录
《Computer Security Principles and Practice》
0.Reader's and Instructor's Guide
0.1 Outline of This Book
0.2 A Roadmap for Readers and Instructors
0.3 Support for CISSp Certification
0.4 Support for NSA/DHS Certification
0.5 Support for ACM/IEEE Computer Society Computer Science Curricula 2013
0.6 Internet and Web Resources
- Web Sites for This Book
- Computer Science Student Resource Site
- Other Web Sites
0.7 Standards
1.Overview
1.1 Computer Security Concepts
- A Definition of Computer Security
- Examples
- The Challenges of Computer Security
- A Model for Computer Security
1.2 Threats, Attacks, and Assets
- Threats and Attacks
- Threats and Assets
1.3 Security Functional Requirements
1.4 Fundamental Security Design Principles
1.5 Attack Surfaces and Attack Trees
- Attack Surfaces
- Attack Trees
1.6 Computer Security Strategy
- Security Policy
- Security Implementation
- Assurance and Evaluation
1.7 Recommended Reading
1.8 Key Terms, Review Questions, and Problems
2.Cryptographic Tools
2.1 Confidentiality with Symmetric Encryption
- Symmetric Encryption
- Symmetric Block Encryption Algorithms
- Stream Ciphers
2.2 Message Authentication and Hash Functions
- Authentication Using Symmetric Encryption
- Message Authentication without Message Encryption
- Secure Hash Functions
- Other Applications of Hash Functions
2.3 Public-Key Encryption
- Public-Key Encryption Structure
- Applications for Public-Key Cryptosystems
- Requirements for Public-Key Cryptography
- Asymmetric Encryption Algorithms
2.4 Digital Signatures and Key Management
- Digital Signature
- Public-Key Certificates
- Symmetric Key Exchange Using Public-Key Encryption
- Digital Envelopes
2.5 Random and Pseudorandom Numbers
- The Use of Random Numbers
- Random versus Pseudorandom
2.6 Practical Application: Encryption of Stored Data
2.7 Recommended Reading
2.8 Key Terms, Review Questions, and Problems