1 Introduction
1.1 Fundamental Concepts
1.1.1 Confidentiality, Integrity, and Availability
1.1.2 Assurance, Authenticity, and Anonymity
1.1.3 Threats and Attacks
1.1.4 Security Principles
1.2 Access Control Models
1.2.1 Access Control Matrices
1.2.2 Access Control Lists
1.2.3 Capabilities
1.2.4 Role-Based Access Control
1.3 Cryptographic Concepts
1.3,1 Encryption
1.3.2 DigitaISignatures
1.3.3 Simple Attacks on Cryptosystems
1.3.4 Cryptographic Hash Functions
1.3.5 DigitaICertificates
1.4 Implementation and Usability Issues
1.4.1 Efficiency and Usability
1.4.2 Passwords
1.4.3 Social Engineering
1.4.4 Vulnerabilities from Programming Errors
1.5 Exercises
2 PhysicaISecurity
2.1 Physical Protections and Attacks
2.2 Locks and Safes
2.2.1 Lock Technology
2.2.2 Attacks on Locks and Safes
2.2.3 The Mathematics of Lock Security
2.3 Authentication Technologies
2.3.1 Barcodes
2.3.2 Magnetic Stripe Cards
2.3.3 Smart Cards
2.3.4 RFIDs
2.3.5 Biometrics
2.4 Direct Attacks Against Computers
2.4.1 Environmental Attacks and Accidents
2.4.2 Eavesdropping
2.4.3 TEMPEST
2.4.4 Live CDs
2.4.5 Computer Forensics
2.5 Special-Purpose Machines
2.5.1 Automated Teller Machines
2.5.2 Voting Machines
2.6 Physicallntrusion Detection
2.6.1 Video Monitoring
2.6.2 Human Factors and Social Engineering
2.7 Exercises
3 Operating Systems Security
3.1 Operating Systems Concepts
3.1.1 The Kernel and Input/Output
3.1.2 Processes
3.1.3 The Filesystem
3.1.4 Memory Management
3.1.5 Virtual Machines
3.2 Process Security
3.2.1 Inductive Trust from Start to Finish
3.2.2 Monitoring, Management, and Logging
3.3 Memory and Filesystem Security
3.3.1 Virtual Memory Security
3.3.2 Password-Based Authentication
3.3.3 Access Control and Advanced File Permissions
3.3.4 File Descriptors
3.3.5 Symbolic Links and Shortcuts
……
4 Malware
5 Network SecurityⅠ
6 Network SecurityⅡ
7 WebSecurity
8 Cryptography
9 Security Models and Practice
10 Distributed-Applications Security
缺书网
扫码进群