Summary

For one-semester courses on Network Security for computer science, engineering, and CIS majors. This text provides a practical, up-to-date, and comprehensive survey of network-based and Internet-based security applications and standards. It includes a concise section on the discipline of cryptography-covering algorithms and protocols underlying network security applications, encryption, hash functions, digital signatures, and key exchange.

Author Biography

William Stallings is a best-selling author and five-time winner of the annual Text and Academic Authors Association award for best computer science and engineering text. He has authored 17 titles and -- counting revised editions -- 43 books on various aspects of computer networking and computer architecture. Stallings is an independent consultant whose clients have included computer and networking manufacturers and customers, software development firms, and leading-edge government research institutions. He holds a Ph.D. from M.I.T. in computer science and a B.S. from Notre Dame in electrical engineering

1. Introduction.

I. CRYPTOGRAPHY.

2. Symmetric Encryption and Message Confidentiality.
3. Public-Key Cryptography and Message Authentication.

II. NETWORK SECURITY APPLICATIONS.

4. Authentication Applications.
5. Electronic Mail Security.
6. IP Security.
7. Web Security.
8. Network Management Security.

III. SYSTEM SECURITY.

9. Intruders.
10. Malicious Software.
11. Firewalls.
Appendix A: Standards Cited in this Book.
Appendix B: Some Aspects of Number Theory.
Appendix C: Projects for Teaching Network Security.
Glossary.
References.
Index.
List of Acronyms.

Supplemental Materials

What is included with this book?

The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.

The Used, Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.

Excerpts

"The tie, if I might suggest it, sir, a shade more tightly knotted. One aims at the perfect butterfly effect. If you will permit me--" "What does it matter, Jeeves, at a time like this? Do you realize that Mr. Little's domestic happiness is hanging in the scale?" "There is no time, sir, at which ties do not matter." -Very Good Jeeves!P.G. Wodehouse In this age of universal electronic connectivity, of viruses and hackers, of electronic eavesdropping and electronic fraud, there is indeed no time at which security does not matter. Two trends have come together to make the topic of this book of vital interest. First, the explosive growth in computer systems and their interconnections via networks has increased the dependence of both organizations and individuals on the information stored and communicated using these systems. This, in turn, has led to a heightened awareness of the need to protect data and resources from disclosure, to guarantee the authenticity of data and messages, and to protect systems from network-based attacks. Second, the disciplines of cryptography and network security have matured, leading to the development of practical, readily available applications to enforce network security. OBJECTIVES It is the purpose of this book to provide a practical survey of network security applications and standards. The emphasis is on applications that are widely used on the Internet and for corporate networks, and on standards, especially Internet standards, that have been widely deployed. INTENDED AUDIENCE The book is intended for both an academic and a professional audience. As a textbook, it is intended as a one-semester undergraduate course on network security for computer science, computer engineering, and electrical engineering majors. The book also serves as a basic reference volume and is suitable for self-study. PLAN OF THE BOOK The book is organized in three parts: Part One -- Cryptography:A concise survey of the cryptographic algorithms and protocols underlying network security applications, including encryption, hash functions, digital signatures, and key exchange Part Two -- Network Security Applications:Covers important network security tools and applications, including Kerberos, X.509v3 certificates, PGP, S/MIME, IP Security, SSL/TLS, SET, and SNMPv3 Part Three -- System Security:Looks at system-level security issues, including the threat of and countermeasures for intruders and viruses, and the use of firewalls and trusted systems. In addition, the book includes an extensive glossary, a list of frequently used acronyms, and a bibliography. Each chapter includes homework problems, review questions, a list of key words, suggestions for further reading, and recommended Web sites. A more detailed, chapter-by-chapter summary of each part appears at the beginning of that part. INTERNET SERVICES FOR INSTRUCTORS AND STUDENTS There is a Web page for this book that provides support for students and instructors. The page includes links to relevant sites, transparency masters of the figures and tables in the book in PDF (Adobe Acrobat) format, and sign-up information for the book's Internet mailing list. The Web page is at WilliamStallings.com/NetSec2e.html . An Internet mailing list has been set up so that instructors using this book can exchange information, suggestions, and questions with each other and with the author. As soon as typos or other errors are discovered, an errata list for this book will be available at WilliamStallings.com . In addition, the Computer Science Student Resource site, at WilliamStallings.com/Stud