Title Contents 1. Introduction to the Concepts of Security 1.1 Introduction 1.2 The Need for Security 1.3 Security Approaches 1.4 Principles of Security 1.5 Types of Attacks Summary Key Terms and Concepts Practice Set 2. Cryptography Techniques 2.1 Introduction 2.2 Plain Text and Cipher Text 2.3 Substitution Techniques 2.4 Transposition Techniques 2.5 Encryption and Decryption 2.6 Symmetric and Asymmetric Key Cryptography 2.7 Steganography 2.8 Key Range and Key Size 2.9 Possible Types of Attacks Case Study: Denial of Service (DOS) Attacks Summary Key Terms and Concepts Practice Set 3. Computer-based Symmetric Key Cryptographic Algorithms 3.1 Introduction 3.2 Algorithm Types and Modes 3.3 An Overview of Symmetric-Key Cryptography 3.4 Data Encryption Standard (DES) 3.5 International Data Encryption Algorithm (IDEA) 3.6 RC4 3.7 RC5 3.8 Blowfish 3.9 Advanced Encryption Standard (AES) Case Study: Secure Multiparty Calculation Summary Key Terms and Concepts Practice Set 4. Computer-based Asymmetric-Key Cryptography Algorithms 4.1 Introduction 4.2 Brief History of Asymmetric-Key Cryptography 4.3 An Overview of Asymmetric-Key Cryptography 4.4 The RSA Algorithm 4.5 ElGamal Cryptography 4.6 Symmetric- and Asymmetric-Key Cryptography 4.7 Digital Signatures 4.8 Knapsack Algorithm 4.9 ElGamal Digital Signature 4.10 Attacks on Digital Signatures 4.11 Problems with the Public-Key Exchange Case Study 1: Virtual Elections Case Study 2: Contract Signing Summary Key Terms and Concepts Practice Set 5. Public Key Infrastructure (PKI) 5.1 Introduction 5.2 Digital Certificates 5.3 Private-Key Management 5.4 The PKIX Model 5.5 Public Key Cryptography Standards (PKCS) 5.6 XML, PKI and Security Case Study: Cross Site Scripting Vulnerability (CSSV) Summary Key Terms and Concepts Practice Set 6. Internet-Security Protocols 6.1 Introduction 6.2 Basic Concepts 6.3 Secure Socket Layer (SSL) 6.4 Transport Layer Security (TLS) 6.5 Secure Hyper Text Transfer Protocol (SHTTP) 6.6 Secure Electronic Transaction (SET) 6.7 SSL Versus SET 6.8 3-D Secure Protocol 6.9 Email Security 6.10 Wireless Application Protocol (WAP) Security 6.11 Security in GSM 6.12 Security in 3G 6.13 IEEE 802.11 Security 6.14 Link Security Versus Network Security Case Study 1: Secure Inter-branch Payment Transactions Case Study 2: Cookies and Privacy Summary Key Terms and Concepts Practice Set 7. User-Authentication Mechanisms 7.1 Introduction 7.2 Authentication Basics 7.3 Passwords 7.4 Authentication Tokens 7.5 Certificate-based Authentication 7.6 Biometric Authentication 7.7 Kerberos 7.8 Key Distribution Center (KDC) 7.9 Security Handshake Pitfalls 7.10 Single Sign On (SSO) Approaches 7.11 Attacks on Authentication Schemes Case Study: Single Sign On (SSO) Summary Key Terms and Concepts Practice Set 8. Practical Implementations of Cryptography/Security 8.1 Introduction 8.2 Cryptographic Solutions using Java 8.3 Cryptographic Solutions Using Microsoft .NET Framework 8.4 Cryptographic Toolkits 8.5 Web Services Security 8.6 Cloud Security Summary Key Terms and Concepts Practice Set 9. Network Security, Firewalls, and Virtual Private Networks (VPN) 9.1 Introduction 9.2 Brief Introduction to TCP/IP 9.3 Firewalls 9.4 IP Security 9.5 Virtual Private Networks (VPN) 9.6 Intrusion Case Study 1: IP Spoofing Attacks Case Study 2: Creating a VPN Summary Key Terms and Concepts Practice Set Appendices A. Mathematical Background B. Number Systems C. Information Theory D. Real-life Tools E. Web Resources F. A Brief Introduction to ASN, BER, DER References Index