Computer Security. Introduction to. Michael T. Goodrich Department of Computer Science University of California, Irvine. Roberto Tamassia PEARSON

Transcription

1 Introduction to Computer Security International Edition Michael T. Goodrich Department of Computer Science University of California, Irvine Roberto Tamassia Department of Computer Science Brown University PEARSON Boston Columbus Indianapolis New York San Francisco Upper Saddle River Amsterdam Cape Town Dubai London Madrid Milan Munich Paris Montreal Toronto Delhi Mexico City Sao Paulo Sydney Hong Kong Seoul Singapore Taipei Tokyo

2 Contents 1 Introduction Fundamental Concepts Confidentiality, Integrity, and Availability Assurance, Authenticity, and Anonymity Threats and Attacks Security Principles Cryptographic Concepts Encryption Digital Signatures Simple Attacks on Cryptosystems Cryptographic Hash Functions Digital Certificates Access Control Models Access Control Matrices Access Control Lists Capabilities Role-Based Access Control Implementation and Usability Issues Efficiency and Usability Passwords Social Engineering Vulnerabilities from Programming Errors Exercises 46 xiii

3 xiv Preface 2 Cryptography Symmetric Cryptography Attacks Substitution Ciphers One-Time Pads Pseudo-Random Number Generators The Hill Cipher and Transposition Ciphers The Advanced Encryption Standard (AES) Modes of Operation Public-Key Cryptography Modular Arithmetic The RSA Cryptosystem The Elgamal Cryptosystem Key Exchange Cryptographic Hash Functions Properties and Applications Birthday Attacks Digital Signatures The RSA Signature Scheme The Elgamal Signature Scheme Using Hash Functions with Digital Signatures Details of AES and RSA Cryptography Details for AES Details for RSA Exercises Operating Systems Security Operating Systems Concepts The Kernel and Input/Output Processes The Filesystem Memory Management Virtual Machines Process Security Inductive Trust from Start to Finish Monitoring, Management, and Logging Memory and Filesystem Security Virtual Memory Security Password-Based Authentication Access Control and Advanced File Permissions File Descriptors Symbolic Links and Shortcuts 146

4 Preiace xv 3.4 Application Program Security Compiling and Linking Simple Buffer Overflow Attacks Stack-Based Buffer Overflow Heap-Based Buffer Overflow Attacks Exercises Malicious Software Insider Attacks Backdoors Logic Bombs Defenses Against Insider Attacks Computer Viruses Virus Classification Defenses Against Viruses Encrypted Viruses Polymorphic and Metamorphic Viruses Malware Attacks Trojan Horses Computer Worms Rootkits Zero-Day Attacks Botnets Privacy-Invasive Software Adware Spyware Countermeasures Best Practices The Impossibility of Detecting All Malware The Malware Detection Arms Race Economics of Malware Exercises Network Security I Network Security Concepts Network Topology Internet Protocol Layers Network Security Issues The Link Layer Ethernet Media Access Control (MAC) Addresses ARP Spoofing 227

5 xvi Preface 5.3 The Network Layer IP Internet Control Message Protocol IP Spoofing Packet Sniffing The Transport Layer Transmission Control Protocol (TCP) User Datagram Protocol (UDP) Network Address Translation (NAT) TCP Session Hijacking Denial-of-Service Attacks ICMP Attacks SYN Flood Attacks Optimistic TCP ACK Attack Distributed Denial-of-Service Exercises Network Security II The Application Layer and DNS A Sample of Application-Layer Protocols The Domain Name System (DNS) DNS Attacks DNSSEC Firewalls Firewall Policies Stateless and Stateful Firewalls Tunneling Secure Shell (SSH) IPsec Virtual Private Networking (VPN) Intrusion Detection Intrusion Detection Events Rule-Based Intrusion Detection Statistical Intrusion Detection Port Scanning Honeypots Wireless Networking Wireless Technologies Wired Equivalent Privacy (WEP) Wi-Fi Protected Access (WPA) Exercises 314

6 Preface xvii 7 Browser Security The World Wide Web HTTP and HTML HTTPS Dynamic Content Sessions and Cookies Attacks on Clients Session Hijacking Phishing Click-Jacking Vulnerabilities in Media Content Privacy Attacks Cross-Site Scripting (XSS) Cross-Site Request Forgery (CSRF) Defenses Against Client-Side Attacks Attacks on Servers Server-Side Scripting Server-Side Script Inclusion Vulnerabilities Databases and SQL Injection Attacks Denial-of-Service Attacks Web Server Privileges Defenses Against Server-Side Attacks Exercises Physical Security Physical Protections and Attacks Locks and Safes Lock Technology Attacks on Locks and Safes The Mathematics of Lock Security Authentication Technologies Barcodes Magnetic Stripe Cards Smart Cards RFIDs Biometrics Direct Attacks Against Computers Environmental Attacks and Accidents Eavesdropping TEMPEST Live CDs Computer Forensics 420

7 xviii Preface 8.5 Special-Purpose Machines Automated Teller Machines Voting Machines Physical Intrusion Detection Human Factors and Social Engineering Exercises Security Models and Practice Policy, Models, and Trust Security Policy Security Models Trust Management Access-Control Models The Bell-La Padula Model Other Access-Control Models Role-Based Access Control Software Vulnerability Assessment Static and Dynamic Analysis Exploit Development and Vulnerability Disclosure Security Standards and Evaluation Orange Book and Common Criteria Government Regulations and Standards Administration and Auditing System Administration Network Auditing and Penetration Testing Kerberos Kerberos Tickets and Servers Kerberos Authentication Secure Storage File Encryption Disk Encryption Trusted Platform Module Exercises Applications Security Database Security Tables and Queries Updates and the Two-Phase Commit Protocol Database Access Control Sensitive Data Security How Works 490

8 Preface xix Encryption and Authentication Spam Payment Systems and Auctions Credit Cards Digital Cash Online Auctions Digital-Rights Management Digital-Media Rights Techniques Digital-Media Rights Practice Software Licensing Schemes Legal Issues Exercises 518