Applied Information Security: A Hands-on Approach

Front Cover
Springer Science & Business Media, Oct 27, 2011 - Computers - 202 pages
0 Reviews

This book explores fundamental principles for securing IT systems and illustrates them with hands-on experiments that may be carried out by the reader using accompanying software. The experiments highlight key information security problems that arise in modern operating systems, networks, and web applications. The authors explain how to identify and exploit such problems and they show different countermeasures and their implementation. The reader thus gains a detailed understanding of how vulnerabilities arise and practical experience tackling them.

After presenting the basics of security principles, virtual environments, and network services, the authors explain the core security principles of authentication and access control, logging and log analysis, web application security, certificates and public-key cryptography, and risk management. The book concludes with appendices on the design of related courses, report templates, and the basics of Linux as needed for the assignments.

The authors have successfully taught IT security to students and professionals using the content of this book and the laboratory setting it describes. The book can be used in undergraduate or graduate laboratory courses, complementing more theoretically oriented courses, and it can also be used for self-study by IT professionals who want hands-on experience in applied information security. The authors' supporting software is freely available online and the text is supported throughout with exercises.

 

What people are saying - Write a review

We haven't found any reviews in the usual places.

Contents

1 Security Principles
1
2 The Virtual Environment
17
3 Network Services
27
4 Authentication and Access Control
47
5 Logging and Log Analysis
68
6 Web Application Security
81
7 Certificates and Public Key Cryptography
103
8 Risk Management
117
A Using This Book in a Lab Course
146
B Report Template
155
C Linux Basics and Tools
161
D Answers to Questions
169
References
197
Index
199
Copyright

Other editions - View all

Common terms and phrases

About the author (2011)

Prof. Dr. David Basin is the Chair of Information Security at ETH Zürich; his research focuses on information security, in particular methods and tools for modeling, building, and validating secure and reliable systems. Dr. Patrick Schaller is a lecturer at ETH Zürich, his research is concerned with the formalization and analysis of security protocols. Michael Schläpfer is a graduate student of ETH Zürich.