Engineering Information Security

STUART JACOBS is a Lecturer at Boston University, teaching graduate courses on Network and Computer Security and Enterprise Information Security, along with advising on security curricula issues. Mr. Jacobs also serves as an Industry Security Subject Matter Expert for the Alliance for the Telecommunications Industry Solutions (ATIS) and as the Technical Editor of the ATIS Technical Report "Information and Communications Security for NGN Converged Services IP Networks and Infrastructure" and ITU-T M.3410, "Guidelines and Requirements for Security Management Systems". He holds an MSc degree and CISSP Certification, and is a member of IEEE and IEEE Computer Society, Association for Computing Machinery (ACM), International Information Systems Security Certification Consortium (ISC)2, Information Systems Security Association (ISSA) and InfraGuard.

• Preface and Acknowledgments xxiiiAbout the Companion Website xxvii1 What Is Security? 11.1 Introduction 11.2 The Subject of Security 21.2.1 Branches of Security 21.2.2 Defining Security by Function 51.2.3 The Common Body of Knowledge (CBK) Security Domains 81.3 A Twenty-First Century Tale 151.3.1 The Actors 151.3.2 What Actually Occurred 171.3.3 How Could All This Have Been Prevented? 191.3.4 They Did Not Live Happily Ever After 201.4 Why Are You Important to Computer Security? 211.4.1 What Are the Threats to Your Computer? 221.4.2 As a User, What to Do? 231.4.3 The Reality of Cybercrime and Cyberwarfare 231.5 End of the Beginning 251.6 Chapter Summary 291.7 Further Reading and Resources 302 Systems Engineering 312.1 So What Is Systems Engineering? 312.1.1 Similar Systems Engineering Process 322.1.2 Another Systems Engineering View 382.1.3 Process Variations 412.2 Process Management 412.2.1 ISO 9000 Processes and Procedures 412.2.2 Capability Maturity Model (CMM) 432.3 Organization Environments 462.3.1 Economic, Legal, and Political Contexts 472.3.2 Business/Organizational Types 522.3.3 National Critical Infrastructure 562.4 Chapter Summary 592.5 Further Reading and Resources 593 Foundation Concepts 613.1 Security Concepts and Goals 623.1.1 Subjects and Objects 633.1.2 What Is Trust? 633.1.3 Domains, Security, and Trust 643.1.4 Security Goals/Objectives 653.1.5 X.800 Security Services 663.1.6 A Modern Definition of Security Services 693.2 Role of Cryptography in Information Security 773.2.1 Cryptographic Hash Algorithms 813.2.2 Encryption Algorithms 863.2.3 Cryptanalysis and Other Key Issues 1013.2.4 Key Management 1083.2.5 Cryptographic Authentication 1123.3 Key Management Revisited 1203.4 Chapter Summary 1213.5 Further Reading and Resources 1224 Authentication of Subjects 1234.1 Authentication Systems 1234.1.1 Kerberos-Based Authentication 1244.1.2 Public-Key Infrastructure 1284.1.3 Remote Authentication Dial-in User Service and EAP 1444.1.4 Diameter 1494.1.5 Secure Electronic Transactions (SET) 1504.1.6 Authentication Systems Summary 1544.2 Human Authentication 1544.2.1 What the Subject Has Factor 1554.2.2 What the Subject Knows Factor 1554.2.3 What the Subject Is Factor 1564.2.4 Where the Subject Is Factor 1574.2.5 Combinations of Factors 1574.2.6 Rainbow Tables 1584.2.7 Proxies for Humans 1594.3 Chapter Summary 1674.4 Further Reading and Resources 1685 Security Systems Engineering 1695.1 Security Policy Development 1705.2 Senior Management Oversight and Involvement 1705.3 Security Process Management and Standards 1705.3.1 ISO 27002 1725.3.2 ISO 27001 1855.3.3 Policy Hierarchy 1865.3.4 An Enterprise Security Policy Example 1895.3.5 COBIT 1895.3.6 Information Technology Infrastructure Library 1945.3.7 Federal Information Security Management Act (FISMA) 1965.4 Information Security Systems Engineering Methodology 1995.4.1 Existing Asset Inventory and Classification 2015.4.2 Vulnerabilities, Threats, and Risk 2035.4.3 Dealing with Risk 2245.4.4 Risk Management Framework 2325.4.5 Risk Assignment 2405.5 Requirements Analysis and Decomposition 2405.6 Access Control Concepts 2445.6.1 Subjects, Objects, and Access Operations 2455.6.2 Mandatory Access Control using a Matrix or Lattice Approach 2465.6.3 Discretionary Access Control using an Access Control List Approach 2465.6.4 Mandatory Access Control using a Capability List Approach 2475.6.5 Administrative Tasks in Access Control Methods 2485.6.6 Role-Based Access Control (RBAC) 2495.7 Security Modeling and Security-Related Standards 2515.7.1 Confidentiality Policies and Integrity Policies 2525.7.2 Bell–LaPadula Model 2535.7.3 Graham–Denning Confidentiality Model 2545.7.4 Chinese Wall Multilateral Confidentiality Model 2555.7.5 Biba Integrity Model 2565.7.6 Clark–Wilson Model 2565.7.7 Security Model Summary 2585.7.8 Security Standards 2595.8 Chapter Summary 2655.8.1 Things to Remember 2666 Traditional Network Concepts 2696.1 Networking Architectures 2696.1.1 OSI Network Model 2706.1.2 Internet Network Model 2726.2 Types of Networks 2746.2.1 Local Area Network (LAN) 2746.2.2 Wireless LAN (WLAN) 2776.2.3 Metropolitan Area Networks (MAN) 2776.2.4 Wide Area Networks (WAN) 2786.2.5 The Internet 2796.2.6 Circuit Switched Networks 2796.2.7 Supervisory Control and Data Acquisition (SCADA) Systems 2846.2.8 Sensor Networks 2886.2.9 Clouds 2896.2.10 Cellular Networks 2946.2.11 IEEE 802.16 Networks 2956.2.12 Long-Term Evolution Networks 2956.3 Network Protocols 2956.3.1 Layer 1—Physical 2966.3.2 Layer 2—Data Link Protocols 2966.3.3 Layer 3—Internetworking Layer Protocols 3106.3.4 Layer 4—Transport 3326.3.5 Layer 5—User Application Protocols 3426.3.6 Layer 5—Signaling and Control Application Protocols 3496.3.7 Layer 5—Management Application Protocols 3636.4 Chapter Summary 3686.5 Further Reading and Resources 3707 Next-Generation Networks 3717.1 Framework and Topology of the NGN 3727.1.1 Functional Entities and Groups 3727.1.2 Domains 3737.1.3 Interfaces 3747.1.4 Protocol Layers, Functional Planes, and Interfaces 3767.2 The NGN Functional Reference Model 3807.2.1 Strata 3807.2.2 Management Functional Group 3817.2.3 Application Functional Group 3817.2.4 The Transport Stratum 3817.2.5 The Service Stratum 3857.2.6 The Service Stratum and the IP Multimedia Subsystem (IMS) 3857.3 Relationship Between NGN Transport and Service Domains 3897.4 Enterprise Role Model 3907.5 Security Allocation within the NGN Transport Stratum Example 3937.6 Converged Network Management (TMN and eTOM) 3937.7 General Network Security Architectures 4017.7.1 The ITU-T X.800 Generic Architecture 4027.7.2 The Security Frameworks (X.810–X.816) 4027.7.3 The ITU-T X.805 Approach to Security 4037.8 Chapter Summary 4057.9 Further Reading and Resources 4058 General Computer Security Architecture 4098.1 The Hardware Protects the Software 4108.1.1 Processor States and Status 4118.1.2 Memory Management 4128.1.3 Interruption of Processor Activity 4208.1.4 Hardware Encryption 4218.2 The Software Protects Information 4248.3 Element Security Architecture Description 4268.3.1 The Kernel 4298.3.2 Security Contexts 4308.3.3 Security-Critical Functions 4328.3.4 Security-Related Functions 4358.4 Operating System (OS) Structure 4358.4.1 Security Management Function 4378.4.2 Networking Subsystem Function 4378.5 Security Mechanisms for Deployed Operating Systems (OSs) 4378.5.1 General Purpose (GP) OSs 4388.5.2 Minimized General Purpose Operating Systems 4388.5.3 Embedded (“Real-Time”) Operating Systems 4498.5.4 Basic Input–Output Systems (BIOS) 4518.6 Chapter Summary 4568.7 Further Reading and Resources 4609 Computer Software Security 4619.1 Specific Operating Systems (OSs) 4619.1.1 Unix and Linux Security 4629.1.2 Solaris Operating System and Role-Based Access Controls 4739.1.3 Windows OSs 4769.1.4 Embedded OSs 4969.2 Applications 4989.2.1 Application Security Issues 4989.2.2 Malicious Software (Malware) 5039.2.3 Anti-malware Applications 5129.3 Chapter Summary 5159.4 Further Reading and Resources 51610 Security Systems Design—Designing Network Security 51710.1 Introduction 51710.2 Security Design for Protocol Layer 1 52010.2.1 Wired and Optical Media 52010.2.2 Wireless Media 52210.3 Layer 2—Data Link Security Mechanisms 52410.3.1 IEEE 802.1x 52410.3.2 IEEE 802.1ae 52510.3.3 IEEE 802.11 WPA and 802.11i 52810.4 Security Design for Protocol Layer 3 53010.4.1 IP Security (IPsec) 53010.5 IP Packet Authorization and Access Control 55810.5.1 Network and Host Packet Filtering 55910.5.2 The Demilitarized Zone 56310.5.3 Application-Level Gateways 56410.5.4 Deep-Packet Inspection (DPI) 56710.6 Chapter Summary 57110.7 Further Reading and Resources 57111 Transport and Application Security Design and Use 57311.1 Layer 4—Transport Security Protocols 57311.1.1 TLS, DTLS, and SSL 57411.1.2 Secure Shell (SSH) 58111.1.3 Comparison of SSL, TLS, DTLS, and IPsec 58111.2 Layer 5—User Service Application Protocols 58211.2.1 Email 58311.2.2 World Wide Web (Web) and Identity Management 58911.2.3 Voice over Internet Protocol (VoIP) 59611.2.4 DNS Security Extensions 60511.2.5 Instant Messaging and Chat 60811.2.6 Peer-to-Peer Applications 61511.2.7 Ad hoc Networks 61611.2.8 Java 61811.2.9 .NET 62211.2.10 Common Object Request Broker Architecture (CORBA) 62411.2.11 Distributed Computing Environment 62611.2.12 Dynamic Host Configuration Protocol Security 63011.3 Chapter Summary 63211.4 Further Reading and Resources 63212 Securing Management and Managing Security 63312.1 Securing Management Applications 63312.1.1 Management Roots 63312.1.2 The Telecommunications Management Network 63412.1.3 TMN Security 64012.1.4 Management of Security Mechanisms 64212.1.5 A Security Management Framework 64512.2 Operation, Administration, Maintenance, and Decommissioning 64812.2.1 Operational Security Mechanisms 64912.2.2 Operations Security 65412.2.3 Operations Compliance 66412.3 Systems Implementation or Procurement 67112.3.1 Development 67212.3.2 Procurement 67312.3.3 Forensic Tools 68112.4 Chapter Summary 68112.5 Further Reading and Resources 681About the Author 683Glossary 685Index 725