Internet and Intranet Security

Team-Fly Chapter 1: Terminology OVERVIEW The field of computer science is filled with ill-defined terminology used by different persons in conflicting and sometimes even contradictory ways. This is especially tr...

Team-Fly Chapter 2: TCP/IP Networking OVERVIEW In general parlance, the term TCP/IP is used to refer to an entire suite of data communications protocols[1] that derives its name from two of its core protocols, n...

Team-Fly Chapter 3: Attacks OVERVIEW According to RFC 2828 [1], an attack refers to "an assault on system security that derives from an intelligent threat, i.e., an intelligent act that is a deliberate attempt (...

Team-Fly Chapter 4: OSI Security Architecture In this chapter, we introduce and briefly overview the security architecture that has been proposed and appended to the OSI-RM. More specifically, we introduce the topic...

Team-Fly Chapter 5: Cryptographic Techniques In this chapter, we introduce some basic cryptographic techniques that are used in the rest of this book. More specifically, we introduce the topic in Section 5.1; address...

Team-Fly Chapter 6: Authentication and Key Distribution In this chapter, we overview and briefly discuss two basic building blocks for network security in general, and Internet and intranet security in particular: au...

Team-Fly Chapter 7: Overview OVERVIEW In Part II we focus on firewall technologies that can be used to provide access control services for corporate intranets. We start with an advertising query and answer that...

Team-Fly Chapter 8: Packet Filtering In this chapter, we elaborate on packet filtering as one of the core technologies employed by many firewall configurations. More specifically, we introduce the technology in Secti...

Team-Fly Chapter 9: Circuit-Level Gateways In this chapter, we elaborate on circuit-level gateways in general, and one major implementation of a circuit-level gateway (i.e., SOCKS) in particular. More specifically, w...

Team-Fly Chapter 10: Application-Level Gateways In this chapter, we elaborate on application-level gateways and proxy servers. More specifically, we introduce the technology in Section 10.1, elaborate on user authent...

Team-Fly Chapter 11: Firewall Configurations A firewall configuration typically consists of packet filters and application gateways (i.e., circuit-level and application-level gateways). In theory, there are many poss...

Team-Fly Chapter 12: Conclusions and Outlook OVERVIEW If properly designed, implemented, deployed, and administered, a firewall can provide effective access control services for corporate intranets. Consequently...

Team-Fly Chapter 13: Network Access Layer Security Protocols In this chapter, we focus on some security protocols that have been proposed, specified, implemented, and deployed for the network access layer of the Inte...

Team-Fly Chapter 14: Internet Layer Security Protocols In this chapter, we focus on the security protocols that have been developed, proposed, and specified by the IETF IP Security (IPSEC) WG for the Internet layer o...

Team-Fly Chapter 15: Transport Layer Security Protocols In this chapter, we focus on some security protocols that have been proposed, specified, implemented, and deployed for the transport layer of the Internet model...

Team-Fly Chapter 16: Application Layer Security Protocols Overview In this chapter, we focus on security protocols that have been proposed, specified, implemented, and deployed for the application layer of the I...

Team-Fly Chapter 17: Message Security Protocols In this chapter, we focus on the security protocols that operate above the application layer, meaning that the messages that are transmitted by application protocols ar...

Team-Fly Chapter 18: Conclusions and Outlook OVERVIEW In this part of the book we focus on communication security and address the major cryptographic security protocols that have been proposed, specified, implem...

Team-Fly Chapter 19: Public Key Infrastructures In Chapter 5, we introduced public key cryptography and the notion of public key certificates. In Part III, we used public key certificates in cryptographic security pr...

Team-Fly Chapter 20: Electronic Commerce OVERVIEW This book is about technologies that can be used to provide Internet and intranet security. While most of these technologies are interesting from a theoretical p...

Team-Fly Chapter 21: Risk Management In this chapter, we elaborate on risk management and how the Internet has changed (or is about to change) the way we think about risk management in the IT world. More specifically...

Team-Fly Abbreviations and Acronyms AA attribute authority AAI authentication and authorization infrastructure ACL access control list ACM...