You are previewing Cyber Security and IT Infrastructure Protection.
O'Reilly logo
Cyber Security and IT Infrastructure Protection

Book Description

This book serves as a security practitioner’s guide to today’s most crucial issues in cyber security and IT infrastructure. It offers in-depth coverage of theory, technology, and practice as they relate to established technologies as well as recent advancements. It explores practical solutions to a wide range of cyber-physical and IT infrastructure protection issues.

Composed of 11 chapters contributed by leading experts in their fields, this highly useful book covers disaster recovery, biometrics, homeland security, cyber warfare, cyber security, national infrastructure security, access controls, vulnerability assessments and audits, cryptography, and operational and organizational security, as well as an extensive glossary of security terms and acronyms.

Written with instructors and students in mind, this book includes methods of analysis and problem-solving techniques through hands-on exercises and worked examples as well as questions and answers and the ability to implement practical solutions through real-life case studies. For example, the new format includes the following pedagogical elements: • Checklists throughout each chapter to gauge understanding • Chapter Review Questions/Exercises and Case Studies • Ancillaries: Solutions Manual; slide package; figure files

This format will be attractive to universities and career schools as well as federal and state agencies, corporate security training programs, ASIS certification, etc.



  • Chapters by leaders in the field on theory and practice of cyber security and IT infrastructure protection, allowing the reader to develop a new level of technical expertise
  • Comprehensive and up-to-date coverage of cyber security issues allows the reader to remain current and fully informed from multiple viewpoints
  • Presents methods of analysis and problem-solving techniques, enhancing the reader's grasp of the material and ability to implement practical solutions

Table of Contents

  1. Cover image
  2. Title page
  3. Table of Contents
  4. Copyright
  5. Dedication
  6. Acknowledgements
  7. About the Editor
  8. Contributors
  9. Introduction
    1. Organization of this Book
  10. Chapter 1. Fault Tolerance and Resilience in Cloud Computing Environments
    1. 1 Introduction
    2. 2 Cloud Computing Fault Model
    3. 3 Basic Concepts on Fault Tolerance
    4. 4 Different Levels of Fault Tolerance in Cloud Computing
    5. 5 Fault Tolerance against Crash Failures in Cloud Computing
    6. 6 Fault Tolerance against Byzantine Failures in Cloud Computing
    7. 7 Fault Tolerance as a Service in Cloud Computing
    8. 8 Summary
    9. Chapter Review Questions/Exercises
    10. Exercise
    11. Acknowledgments
    12. References
  11. Chapter 2. Data Encryption
    1. 1 Need for Cryptography
    2. 2 Mathematical Prelude to Cryptography
    3. 3 Classical Cryptography
    4. 4 Modern Symmetric Ciphers
    5. 5 Algebraic Structure
    6. 6 The Internal Functions of Rijndael in AES Implementation
    7. 7 Use of Modern Block Ciphers
    8. 8 Public-Key Cryptography
    9. 9 Cryptanalysis of RSA
    10. 10 Diffie-Hellman Algorithm
    11. 11 Elliptic Curve Cryptosystems
    12. 12 Message Integrity and Authentication
    13. 13 Triple Data Encryption Algorithm (TDEA) Block Cipher
    14. 14 Summary
    15. Chapter Review Questions/Exercises
    16. Exercise
    17. References
  12. Chapter 3. Public Key Infrastructure
    1. 1 Cryptographic Background
    2. 2 Overview of PKI
    3. 3 The X.509 Model
    4. 4 X.509 Implementation Architectures
    5. 5 X.509 Certificate Validation
    6. 6 X.509 Certificate Revocation
    7. 7 Server-Based Certificate Validity Protocol
    8. 8 X.509 Bridge Certification Systems
    9. 9 X.509 Certificate Format
    10. 10 PKI Policy Description
    11. 11 PKI Standards Organizations
    12. 12 PGP Certificate Formats
    13. 13 PGP PKI Implementations
    14. 14 W3C
    15. 15 Is PKI Secure?
    16. 16 Alternative PKI Architectures
    17. 17 Modified X.509 Architectures
    18. 18 Alternative Key Management Models
    19. 19 Summary
    20. Chapter Review Questions/Exercises
    21. Exercise
    22. References
  13. Chapter 4. Physical Security Essentials
    1. 1 Overview
    2. 2 Physical Security Threats
    3. 3 Physical Security Prevention and Mitigation Measures
    4. 4 Recovery from Physical Security Breaches
    5. 5 Threat Assessment, Planning, and Plan Implementation
    6. 6 Example: A Corporate Physical Security Policy
    7. 7 Integration of Physical and Logical Security
    8. 8 Physical Security Checklist
    9. 9 Summary
    10. Chapter Review Questions/Exercises
    11. Exercise
  14. Chapter 5. Disaster Recovery
    1. 1 Introduction
    2. 2 Measuring Risk and Avoiding Disaster
    3. 3 The Business Impact Assessment (BIA)
    4. 4 Summary
    5. Chapter Review Questions/Exercises
    6. Exercise
  15. Chapter 6. Biometrics
    1. 1 Relevant Standards
    2. 2 Biometric System Architecture
    3. 3 Using Biometric Systems
    4. 4 Security Considerations
    5. 5 Summary
    6. Chapter Review Questions/Exercises
    7. Exercise
  16. Chapter 7. Homeland Security
    1. 1 Statutory Authorities
    2. 2 Homeland Security Presidential Directives
    3. 3 Organizational Actions
    4. 4 Summary
    5. Chapter Review Questions/Exercises
    6. Exercise
  17. Chapter 8. Cyber Warfare
    1. 1 Cyber Warfare Model
    2. 2 Cyber Warfare Defined
    3. 3 CW: Myth or Reality?
    4. 4 Cyber Warfare: Making CW Possible
    5. 5 Legal Aspects of CW
    6. 6 Holistic View of Cyber Warfare
    7. 7 Summary
    8. Chapter Review Questions/Exercises
    9. Exercise
  18. Chapter 9. System Security
    1. 1 Foundations of Security
    2. 2 Basic Countermeasures
    3. 3 Summary
    4. Chapter Review Questions/Exercises
    5. Exercise
  19. Chapter 10. Securing the Infrastructure
    1. 1 Communication Security Goals
    2. 2 Attacks and Countermeasures
    3. 3 Summary
    4. Chapter Review Questions/Exercises
    5. Exercise
  20. Chapter 11. Access Controls
    1. 1 Infrastructure Weaknesses: DAC, MAC, and RBAC
    2. 2 Strengthening the Infrastructure: Authentication Systems
    3. 3 Summary
    4. Chapter Review Questions/Exercises
    5. Exercise
  21. Chapter 12. Assessments and Audits
    1. 1 Assessing Vulnerabilities and Risk: Penetration Testing and Vulnerability Assessments
    2. 2 Risk Management: Quantitative Risk Measurements
    3. 3 Summary
    4. Chapter Review Questions/Exercises
    5. Exercise
  22. Chapter 13. Fundamentals of Cryptography
    1. 1 Assuring Privacy with Encryption
    2. 2 Summary
    3. Chapter Review Questions/Exercises
    4. Exercise
  23. Chapter 14. Satellite Cyber Attack Search and Destroy
    1. 1 Hacks, Interference, and Jamming
    2. 2 Summary
    3. Chapter Review Questions/Exercises
    4. Exercise
    5. References
  24. Chapter 15. Advanced Data Encryption
    1. 1 Mathematical Concepts Reviewed
    2. 2 The RSA Cryptosystem
    3. 3 Summary
    4. Chapter Review Questions/Exercises
    5. Exercise
    6. References
  25. Index