Safari, the world’s most comprehensive technology and business learning platform.

Find the exact information you need to solve a problem on the fly, or go deeper to master the technologies and skills you need to succeed

Start Free Trial

No credit card required

O'Reilly logo
Information Assurance

Book Description

In today’s fast paced, infocentric environment, professionals increasingly rely on networked information technology to do business. Unfortunately, with the advent of such technology came new and complex problems that continue to threaten the availability, integrity, and confidentiality of our electronic information. It is therefore absolutely imperative to take measures to protect and defend information systems by ensuring their security and non-repudiation. Information Assurance skillfully addresses this issue by detailing the sufficient capacity networked systems need to operate while under attack, and itemizing failsafe design features such as alarms, restoration protocols, and management configurations to detect problems and automatically diagnose and respond. Moreover, this volume is unique in providing comprehensive coverage of both state-of-the-art survivability and security techniques, and the manner in which these two components interact to build robust Information Assurance (IA).

* The first and (so far) only book to combine coverage of both security AND survivability in a networked information technology setting
* Leading industry and academic researchers provide state-of-the-art survivability and security techniques and explain how these components interact in providing information assurance
* Additional focus on security and survivability issues in wireless networks

Table of Contents

  1. Copyright
    1. Dedication
  2. The Morgan Kaufmann Series in Networking, Series Editor, David Clark, M.I.T.
  3. The Morgan Kaufmann Series in Computer Security
  4. Preface
    1. Why This Book Is Needed
    2. Approach
    3. Acknowledgments
  5. Contributors
  6. Information Assurance
    1. Introduction
    2. Information Assurance: Dependability and Security of Networked Information Systems
    3. Book Organization
    4. Conclusion
    5. References
  7. Foundational Background on Security and Dependability Techniques
    1. Network Security
      1. Introduction
      2. Network Attacks and Security Issues
      3. Protection and Prevention
      4. Detection
      5. Assessment and Response
      6. Conclusion
      7. References
    2. Security for Distributed Systems: Foundations of Access Control
      1. Introduction
      2. Identification and Authentication
      3. Access Control
      4. Access Control in Distributed Systems
      5. Digital Identity Management
      6. Conclusion
      7. References
    3. Network Survivability
      1. Introduction
      2. Prevention Techniques
      3. Survivable Network Design and Traffic Restoration Concepts
      4. Transport Network Recovery Techniques
      5. Survivable Network Design Techniques
      6. Multilayer Issues
      7. Conclusion and Future Research Areas
      8. References
    4. System Survivability
      1. Introduction and Background
      2. Survivability and the Impact of Fault Models
      3. Design for Survivability
      4. Decentralized Storage
      5. Survivability of Large Distributed Systems
      6. Borrowing from Well-Established Fields
      7. Conlusion
      8. References
  8. Modeling the Interaction between Dependability and Security
    1. Taxonomy and Framework for Integrating Dependability and Security
      1. Introduction
      2. Basic Concepts and Related Work
      3. Proposed Taxonomy and Framework
      4. Dependability, Security, and Their Attributes
      5. The Means to Attain Dependability and Security
      6. Conclusion
      7. References
    2. Stochastic Modeling Techniques for Secure and Survivable Systems
      1. Introduction
      2. Analytical Modeling Techniques
      3. Security Modeling
      4. Survivability Modeling
      5. Conclusion
      6. Acknowledgment
      7. References
    3. Integrated Dependability and Security Evaluation Using Game Theory and Markov Models
      1. Introduction
      2. Stochastic Modeling
      3. Predicting Attacker Behavior
      4. Defining and Solving the Game
      5. Tuning the Game Parameters
      6. Case Study: DNS Service
      7. Conclusion
      8. References
    4. Scenario Graphs Applied to Network Security
      1. Introduction
      2. Algorithms for Generating Scenario Graphs
      3. Attack Graphs are Scenario Graphs
      4. Network Attack Graphs
      5. Example Network
      6. Attack Graph Analysis
      7. Practical Experience
      8. Related Work
      9. Future Work and Conclusion
      10. Acknowledgments
      11. References
    5. Vulnerability-Centric Alert Correlation
      1. Introduction
      2. Review of Alert Correlation and Related Techniques
      3. Attack Graph
      4. Alert Correlation, Hypothesis, Prediction, and Aggregation
      5. Conclusion
      6. Acknowledgments
      7. References
  9. Design and Architectural Issues for Secure and Dependable Systems
    1. Monitoring and Detecting Attacks in All-Optical Networks
      1. Introduction
      2. Crosstalk Attack Features and Monitoring Techniques
      3. Node, Attack, and Monitor Models
      4. Necessary and Sufficient Conditions for Crosstalk Attack Detection
      5. One-Crosstalk Attack Diagnosable Conditions
      6. k-Crosstalk Attacks in the Network
      7. Sparse Monitoring and Routing Algorithms
      8. Sparse Monitoring, Test Connection, and Routing for More than One Original Attack Flow
      9. Conclusion
      10. References
    2. Robustness Evaluation of Operating Systems
      1. Introduction
      2. Evaluation Goals
      3. Target System
      4. Error Model and Workload Selection
      5. Robustness Metrics
      6. Presentation and Interpretation of Results
      7. Conclusion
      8. References
      9. Further Reading
    3. Intrusion Response Systems: A Survey
      1. Introduction
      2. Static Decision-Making Systems
      3. Dynamic Decision-Making Systems
      4. Intrusion Tolerance Through Diverse Replicas
      5. Responses to Specific Kinds of Attacks
      6. Benchmarking Intrusion Response Systems
      7. Thoughts on Evolution of IRS Technology
      8. Conclusion
      9. References
    4. Secure and Resilient Routing: Building Blocks for Resilient Network Architectures
      1. Introduction
      2. Traffic Engineering Perspective and its Relation to Network Robustness
      3. Components of a Resilient Network Architecture
      4. Threats and Countermeasures in Link-State Routing
      5. Resilient Architecture: Virtualization and Routing
      6. Conclusion
      7. Acknowledgments
      8. References
      9. Secure Group Communication
    5. Security and Survivability of Wireless Systems
      1. Introduction
      2. Background
      3. Current Security Approaches in Wireless Networks
      4. Current Survivability Approaches in Wireless Networks
      5. Framework for Wireless Network Survivability and Security
      6. Interaction Between Survivability and Security in Wireless Networks
      7. Conclusion
      8. References
    6. Integrated Fault and Security Management
      1. Introduction
      2. Active Integrated Fault Identification Framework
      3. Fault and Security Management on High-Speed Networks
      4. Conclusion
      5. References