| Preface | p. ix |
| Acknowledgment | p. xiv |
| Security Through Moral and Ethical Education | |
| Building Trust in the Information Infrastructure | p. 1 |
| Introduction | p. 1 |
| Problems with Building Trust | p. 2 |
| Steps to Building Trust | p. 7 |
| Conclustion | p. 8 |
| References | p. 9 |
| Need for Morality and Ethics | p. 10 |
| Introduction | p. 10 |
| Morality | p. 11 |
| Ethics | p. 11 |
| Codes of Professional Responsibility | p. 18 |
| The Relevancy of Ethics in Modern Life | p. 20 |
| Conclusion | p. 21 |
| References | p. 21 |
| Building an Ethical Framework for Decision Making | p. 22 |
| Introduction | p. 22 |
| Principle of Duty of Care | p. 23 |
| Work and Decision Making | p. 23 |
| Pillars of a Working Life | p. 25 |
| Need for an Ethical Education | p. 28 |
| Decision Making and the Ethical Framework | p. 35 |
| Conclusion | p. 39 |
| References | p. 40 |
| Security, Anonymity, and Privacy | p. 41 |
| Introduction | p. 41 |
| Security | p. 42 |
| The Importance of Information Security | p. 49 |
| Government and International Security Standards | p. 50 |
| Information Security Evaluation Criteria | p. 53 |
| Privacy | p. 56 |
| Privacy and Security in Cyberspace | p. 59 |
| Conclusion | p. 63 |
| References | p. 64 |
| Security Through Innovative Hardware and Software Systems | |
| Software Standards, Reliability, Safety, and Risk | p. 66 |
| Introduction | p. 66 |
| The Role of Software in the Security of Computing Systems | p. 67 |
| Software Standards | p. 70 |
| Reliability | p. 76 |
| Software Security | p. 79 |
| Causes of Software Failures | p. 82 |
| Conclusion | p. 86 |
| References | p. 87 |
| Network Basics and Securing the Network Infrastructure | p. 88 |
| Introduction | p. 88 |
| Computer Network Basics | p. 89 |
| Network Protocols and Layering | p. 97 |
| Network Services | p. 104 |
| Network Connecting Devices | p. 108 |
| Securing the Network Infrastructure: Best Practices | p. 114 |
| Conclusion | p. 118 |
| References | p. 118 |
| Security Threats and Vulnerabilities | p. 119 |
| Introduction | p. 119 |
| Types of Threats and Vulnerabilities | p. 120 |
| Sources of Information Security Threats | p. 122 |
| Best Practices of Online Security | p. 133 |
| Conclusion | p. 134 |
| References | p. 134 |
| Additional Reading | p. 135 |
| Security Policies and Risk Analysis | p. 137 |
| Introduction | p. 137 |
| Information Security Policy | p. 138 |
| Aspects of Security Policies | p. 139 |
| Building a Security Policy | p. 142 |
| Types of Security Policies | p. 157 |
| Conclusion | p. 160 |
| References | p. 160 |
| Security Analysis, Assessment, and Assurance | p. 161 |
| Introduction | p. 161 |
| Threat Identification | p. 162 |
| Security by Analysis | p. 168 |
| Security Assessment and Assurance | p. 171 |
| Conclusion | p. 179 |
| References | p. 179 |
| Access Control, Authentication, and Authorization | p. 180 |
| Introduction | p. 180 |
| Definitions | p. 181 |
| Access Control | p. 181 |
| Authentication | p. 191 |
| Authorization | p. 203 |
| Conclusion | p. 207 |
| References | p. 207 |
| Perimeter Defense: The Firewall | p. 209 |
| Introduction | p. 209 |
| Types of Firewalls | p. 212 |
| Other Firewalls | p. 227 |
| Virtual Private Network | p. 230 |
| Firewall Issues Before Installation | p. 231 |
| Configuration and Implementation of a Firewall | p. 232 |
| Advantages of Firewalls | p. 234 |
| Disadvantages of Firewalls | p. 235 |
| Securing a Network by a Firewall | p. 236 |
| Conclusion | p. 237 |
| References | p. 238 |
| Intrusion Detection and Prevention Systems | p. 239 |
| Introduction | p. 239 |
| Definitions | p. 240 |
| Background of Intrusion Detection | p. 242 |
| Basic Modules of an Intrusion Detection System | p. 243 |
| Intrusion Detection Models | p. 244 |
| Responses to Intrusion Detection Reports | p. 247 |
| Types of Intrusion Detection Systems | p. 248 |
| Challenges for Intrusion Detection | p. 254 |
| Intrusion Prevention Systems (IPSs) | p. 255 |
| Conclusion | p. 258 |
| References | p. 258 |
| Security in Wireless Systems | p. 259 |
| Introduction | p. 259 |
| Types of Wireless Technology | p. 260 |
| The Wireless Communication Infrastructure | p. 260 |
| Wireless Local Area Network (WLAN): Wireless Fidelity (Wi-Fi) | p. 265 |
| Security Issues in Wireless Systems | p. 270 |
| Best Practices for Wi-Fi Security | p. 276 |
| Conclusion | p. 278 |
| References | p. 278 |
| Biometrics for Access Control | p. 280 |
| Introduction | p. 280 |
| History of Biometrics | p. 281 |
| Biometric Authentication System | p. 282 |
| Biometric Identifiers | p. 284 |
| Advantages of Biometrics | p. 292 |
| Disadvantages of Biometrics | p. 293 |
| Why Biometrics are Not Truly Accepted | p. 294 |
| The Future of Biometrics | p. 295 |
| Conclusion | p. 296 |
| References | p. 296 |
| Security Through the Legal System | |
| Digital Evidence and Computer Crime | p. 298 |
| Introduction | p. 298 |
| Definitions | p. 299 |
| Nature of Digital Evidence | p. 299 |
| Importance of Digital Evidence | p. 300 |
| Reliability of Digital Evidence | p. 301 |
| The Need for Standardization | p. 302 |
| Proposed Standards for the Exchange of Digital Evidence | p. 303 |
| The Process of Digital Evidence Acquisition | p. 305 |
| Investigative Procedures | p. 306 |
| Conclusion | p. 316 |
| References | p. 316 |
| Digital Crime Investigation and Forensics | p. 318 |
| Definition | p. 318 |
| Computer Forensics | p. 319 |
| History of Computer Forensics | p. 319 |
| Network Forensics | p. 320 |
| Forensics Analysis | p. 321 |
| Forensics Tools | p. 324 |
| Conclusion | p. 334 |
| References | p. 334 |
| What Next? | |
| Trends in Information Assurance | p. 336 |
| Introduction | p. 336 |
| Global Information Assurance Initiatives and Trends | p. 337 |
| National and International Information Security Initiatives | p. 342 |
| Certification Programs | p. 350 |
| Conclusion | p. 352 |
| References | p. 353 |
| Additional Reading | p. 354 |
| Glossary of Terms | p. 355 |
| About the Authors | p. 362 |
| Index | p. 363 |
| Table of Contents provided by Ingram. All Rights Reserved. |
