Table of contents for The craft of system security / Sean Smith, John Marchesini.

Bibliographic record and links to related information available from the Library of Congress catalog.

Note: Contents data are machine generated based on pre-publication provided by the publisher. Contents may have variations from the printed book or be incomplete or contain other coding.


Counter
Contents 
Preface xxi
Acknowledgments xix
Part I History
1 Introduction
1.1 The Standard Rubric 
1.2 The Matrix
1.3 Other Views
1.4 Safe States and the Access Control Matrix
1.5 Other Hard Questions
1.6 The Take-Home Lesson 
1.7 Project Ideas
2 The Old Testament
2.1 The Basic Framework
2.2 Security Models
2.3 The "Orange Book"
2.4 INFOSEC, OPSEC, JOBSEC
2.5 The Take-Home Lesson
2.6 Project Ideas
3 Old Principles, New World
3.1 Solving the Wrong Problem?
3.2 Lack of follow-through?
3.3 Too unwieldy?
3.4 Saltzer and Schroeder
3.5 Modern Relevance
3.6 The Take-Home Lesson
3.7 Project Ideas
Part II Security and the Modern Computing Landscape
4 OS Security
4.1 OS Background
4.2 OS Security Primitives and Principles
4.3 Real OSes: Everything but the Kitchen Sink
4.4 When the Foundation Cracks
4.5 Where Are We?
4.6 Take Home Lesson
4.7 Project Ideas
5 Network Security
5.1 Basic Framework
5.2 Protocols
5.3 The Network as a Battlefield
5.4 The Brave New World
5.5 The Take Home Message
5.6 Project Ideas
6 Implementation Security
6.1 Buffer Overflow
6.2 Argument Validation and Other Mishaps 
6.3 TOCTOU
6.4 Malware
6.5 Programming Language Security
6.6 Security in the Development Lifecycle
6.7 The Take-Home Lesson
6.8 Project Ideas
Part III Building Blocks for Secure Systems
7 Using Cryptography
7.1 Framework and Terminology
7.2 Randomness
7.3 Symmetric Cryptography
7.4 Applications of Symmetric Cryptography
7.5 Public-Key Cryptography
7.6 Hash Functions
7.7 Practical Issues: Public Key
7.8 Past and Future
7.9 The Take-Home Message
7.10 Project Ideas
8 Subverting Cryptography
8.1 Breaking Symmetric Key without Brute Force
8.2 Breaking Symmetric Key with Brute Force
8.3 Breaking Public Key without Factoring
8.4 Breaking Cryptography via the Real World
8.5 The Potential of Efficiently Factoring Moduli 
8.6 The Take-Home Lesson
8.7 Project Ideas
9 Authentication 
9.1 Basic Framework
9.2 Authenticating Humans
9.3 Human Factors
9.4 From the Machine's Point of View 
9.5 Advanced Approaches
9.6 Case Study: Kerberos
9.7 Case Study: SSH 
9.8 Broader Issues 
9.9 The Take-Home Lesson
9.10 Project Ideas
10 PKI
10.1 Basic Definitions
10.2 Basic Structure 
10.3 Complexity Arrives
10.4 Multiple CAs
10.5 Revocation 
10.6 The X.509 World
10.7 X.509 Variations
10.8 Dissent 
10.9 Ongoing Trouble 
10.10 The Take-Home Lesson 
10.11 Project Ideas 
11 Standards, Compliance, and Testing
11.1 Standards
11.2 Policy Compliance 
11.3 Testing
11.4 The Take-Home Lesson 
11.5 Project Ideas 
Part IV Applications
12 The Web and Security
12.1 Basic Structure 
12.2 Security Techniques 
12.3 Privacy Issues
12.4 Web Services
12.5 The Take-Home Lesson
12.6 Project Ideas
13 Office Tools and Security
13.1 Word
13.2 Lotus 1-2-3
13.3 PDF
13.4 Cut-and-Paste 
13.5 PKI and Office Tools 
13.6 Confusing the Mental Model
13.7 The Take-Home Lesson 
13.8 Project Ideas 
14 Money, Time, Property
14.1 Money 
14.2 Time 
14.3 Property 
14.4 The Take-Home Lesson 
14.5 Project Ideas 
Part V Emerging Tools
15 Formal Methods and Security
15.1 Vision 
15.2 Specification 
15.3 Logics 
15.4 Cranking the Handle
15.5 Case Studies
15.6 Spinning Your Bank Account
15.7 Limits 
15.8 The Take-Home Lesson
15.9 Projects
16 Hardware-Based Security
16.1 Keeping Secrets
16.2 Attacks and Defenses 
16.2.1 Physical Attacks 
16.2.2 Defense Strategies
16.3 Tools 
16.4 Alternative Architectures
16.5 Coming Trends
16.6 The Take-Home Lesson 
16.7 Project Ideas 
17 In Search of the Evil Bit
17.1 Motivation
17.2 The AI Toolbox 
17.3 Application Taxonomy
17.4 Case Study
17.5 Making it Real
17.6 The Take-Home Lesson
17.7 Project Ideas
18 Human Issues
18.1 The Last Mile
18.2 Design Principles 
18.3 Other Human Space Issues 
18.4 Who Can You Trust? 
18.5 The Take-Home Lesson 
18.6 Project Ideas
Conclusion 
Exiled Theory
A.1 Functions 
A.2 Relations, Orders, and Lattices 
A.3 Computability Theory
Bibliography
Index

Library of Congress Subject Headings for this publication:

Computer security.
System design.
Computer networks -- Security measures.