Leseprobe
Contents
0 About
0.1 Copyright
0.2 Disclaimer
0.3 Acknowledgements
1 Introduction
1.1 Preface
1.2 Document scope and structure
1.3 Problem description
1.3.1 Security threats summary
1.3.2 Problem definition
1.4 Basic concepts
A short-term approach
2 Conceptual security measures
2.1 Taking the systematic approach
2.2 Designing a security model
2.3 Problems in a corporate environment
2.4 Preparing against an incident
2.5 Incident response
2.5.1 Reacting to an ongoing incident
2.5.2 Post mortem: Incident recovery
3 Technical security measures
3.1 Strong resource protection
3.1.1 Defending your system integrity
3.1.1.1 Setting up a secure environment
3.1.1.2 Establishing access controls
3.1.1.3 Application security
3.1.1.4 Auditing - reactive and proactive measures
3.1.2 Defending your data confidentiality
3.1.3 Defending your network availability
3.1.3.1 Guidelines to defensive routing
3.1.3.2 Tracing: capabilities and problems
3.2 Problem specific protection
3.2.1 Protecting against viruses
3.2.2 Using Intrusion detection systems
3.2.3 Backdoors and trojan horses
3.3 Conclusions about present security technology
A long-term approach
4 Proposed future security architecture improvements
4.1 Improving incident response capabilities
4.1.1 A new approach to incident consulting
4.1.2 Incident response and law enforcement
4.1.3 Establishing an incident response infrastructure
4.2 Operating systems
4.2.1 Privilege separation and kernel-based security
4.2.2 Kernel-based authentication
4.2.3 Privilege and permission separation
4.2.3.1 Sand boxes versus protective cages
4.2.3.2 Differentiated access permissions
4.2.4 Auditing requirements
4.3 Auditing software
4.3.1 Evolving intrusion detection
4.3.2 Evolving proactive auditing technology
4.4 Networking architecture
4.4.1 Routing security
4.4.1.1 Improving availability
4.4.1.2 Improving access controls and authenticity
4.4.2 Protocol security
4.4.3 Public Key Infrastructure
4.5 Improving software design
4.5.1 Technology standards
4.5.2 Network application security
4.5.3 Software development security design methodology
5 Final words
6 Footnotes: technical background, definitions and explanations
- Arbeit zitieren
- Kemal Akman (Autor:in), 2000, Protecting Against The Unknown, München, GRIN Verlag, https://www.grin.com/document/164385
Kostenlos Autor werden
Kommentare