Chapter 1
Introduction
“Begin at the beginning.” the King said, very gravely,“and go on till you come to the end: then stop.”
—Lewis Carroll, Alice in Wonderland
1.1 The Cast of Characters
Following tradition, Alice and Bob, who are pictured in Figure 1.1, are the good guys. Occasionally we’ll require additional good guys, such as Charlie and Dave.
Figure 1.1: Alice and Bob.
Trudy, pictured in Figure 1.2, is a generic bad “guy” who is trying to attack the system in some way. Some authors employ a team of bad guys where the name implies the particular nefarious activity. In this usage, Trudy is an “intruder” and Eve is an “eavesdropper” and so on. To simplify things, we’ll use Trudy as our all-purpose bad guy.1
Figure 1.2: Trudy.
Alice, Bob, Trudy, and the rest of the gang need not be humans. For example, one of many possible scenarios would have Alice as a laptop, Bob a server, and Trudy a human.
1.2 Alice’s Online Bank
Suppose that Alice starts an online banking business, appropriately named Alice’s Online Bank,2 or AOB. What are Alice’s information security concerns? If Bob is Alice’s customer, what are his information security concerns? Are Bob’s concerns the same as Alice’s? If we look at AOB from Trudy’s perspective, what security vulnerabilities might we see?
First, let’s ...
