Skip to Content

A Multidisciplinary Introduction to Information Security

Edited by Stig F. Mjolsnes

Chapman and Hall/CRC – 2011 – 348 pages

Series: Discrete Mathematics and Its Applications

Purchasing Options:

  • Add to CartHardback: $93.95
    978-1-42-008590-7
    November 8th 2011

Description

With most services and products now being offered through digital communications, new challenges have emerged for information security specialists. A Multidisciplinary Introduction to Information Security presents a range of topics on the security, privacy, and safety of information and communication technology. It brings together methods in pure mathematics, computer and telecommunication sciences, and social sciences.

The book begins with the cryptographic algorithms of the Advanced Encryption Standard (AES) and Rivest, Shamir, and Adleman (RSA). It explains the mathematical reasoning behind public key cryptography and the properties of a cryptographic hash function before presenting the principles and examples of quantum cryptography. The text also describes the use of cryptographic primitives in the communication process, explains how a public key infrastructure can mitigate the problem of crypto-key distribution, and discusses the security problems of wireless network access. After examining past and present protection mechanisms in the global mobile telecommunication system, the book proposes a software engineering practice that prevents attacks and misuse of software. It then presents an evaluation method for ensuring security requirements of products and systems, covers methods and tools of digital forensics and computational forensics, and describes risk assessment as part of the larger activity of risk management. The final chapter focuses on information security from an organizational and people point of view.

As our ways of communicating and doing business continue to shift, information security professionals must find answers to evolving issues. Offering a starting point for more advanced work in the field, this volume addresses various security and privacy problems and solutions related to the latest information and communication technology.

Contents

Introduction, Stig F. Mjølsnes

Motivation

What Is Information Security?

Some Basic Concepts

A Synopsis of the Topics

Further Reading and Web Sites

Security Electronics, E.J. Aas and P.G. Kjeldsberg

Introduction

Examples of Security Electronics

Side Channel Attacks

Summary

Further Reading and Web Sites

Public Key Cryptography, S.O. Smalø

Introduction

Hash Functions and One Time Pads

Public Key Cryptography

RSA-Public Key Cryptography

RSA-Public Key Cryptography with Signature

Problem with Signatures

Receipt

Secret Sharing Based on Discrete Logarithm Problems

Further Reading

Cryptographic Hash Functions, D. Gligoroski

Introduction

Definition for Cryptographic Hash Function

Iterated Hash Functions

Most Popular Cryptographic Hash Function

Application of Cryptographic Hash Function

Further Reading and Web Sites

Quantum Cryptography, Dag Roar Hjelme, Lars Lydersen, and Vadim Makarov

Introduction

Quantum Bit

Quantum Copying

Quantum Key Distribution

Practical Quantum Cryptography

Technology

Applications

Summary

Further Reading and Web Sites

Cryptographic Protocols, Stig F. Mjølsnes

The Origins

Information Policies

Some Concepts

Protocol Failures

Heuristics

Tools for Automated Security Analysis

Further Reading and Web Sites

Public Key Distribution, Stig F. Mjølsnes

The Public Key Distribution Problem

Authenticity and Validity of Public Keys

The Notion of Public Key Certificates

Revocation

Public Key Infrastructure

Identity-Based Public Key

Further Reading and Web Sites

Wireless Network Access, Stig F. Mjølsnes and Martin Eian

Introduction

Wireless Local Area Networks

The 802.11 Security Mechanisms

Wired Equivalent Privacy

RSN with CCMP

Assumptions and Vulnerabilities

Summary

Further Reading and Web Sites

Mobile Security, Jan Audestad

The GSM Security

3G Architecture

Extent of Protection

Security Functions in the Authentication Center

Security Functions in the SGSN/RNC

Security Functions in the Mobile Terminal (USIM)

Encryption and Integrity

Anonymity

Example: Anonymous Roaming in a Mobile Network

Using GSM/3G Terminals as Authentication Tokens

Further Reading

A Lightweight Approach to Secure Software Engineering, Martin Gilje Jaatun, Jostein Jensen, Per Häkon Meland, and Inger Anne Tøndel

Introduction

Asset Identification

Security Requirements

Secure Software Design

Testing for Software Security

Summary

Further Reading and Web Sites

ICT Security Evaluation, S.J. Knapskog

Introduction

ISO/IEC 15408, Part 1/3 Evaluation Criteria for IT Security (CC)

Definition of Assurance

Building Confidence in the Evaluation Process

Organizing the Requirements in the CC

Assurance Elements

Functional Classes

Protection Profiles (PPs)

PP Registries

Definition of a Security Target (ST)

Evaluation of a ST

Evaluation Schemes

Evaluation Methodology

Conclusion

ICT and Forensic Science, Stig F. Mjølsnes and Svein Y. Willassen

ICT and Forensic Science

The Crime Scene

Forensic Science

Evidence

The Digital Investigation Process

Digital Evidence Extraction

Digital Evidence Analysis Techniques

Anti-Forensics

Further Reading and Web Sites

Risk Assessment, Stein Haugen

Risk Assessment in the Risk Management Process

Terminology

Main Elements of the Risk Assessment Process

Summary

Further Reading and Web Sites

Information Security Management—From Regulations to End-Users, Eirik Albrechtsen and Jan Hovden

A Risk Governance Framework Applied to Information Security

Regulations and Control

Information Security Management

Index

A Bibliography appears at the end of each chapter.

Author Bio

Stig F. Mjølsnes is a professor in the Department of Telematics at the Norwegian University of Science and Technology. His research focuses on the development and application of cryptographic protocols and security models.

Name: A Multidisciplinary Introduction to Information Security (Hardback)Chapman and Hall/CRC 
Description: Edited by Stig F. Mjolsnes. With most services and products now being offered through digital communications, new challenges have emerged for information security specialists. A Multidisciplinary Introduction to Information Security presents a range of topics on the security,...
Categories: Computer Engineering, Networks, Digital & Wireless Communication