Bestselling author Bruce Schneier offers his expert guidance on achieving security on a network
Internationally recognized computer security expert Bruce Schneier offers a practical, straightforward guide to achieving security throughout computer networks. Schneier uses his extensive field experience with his own clients to dispel the myths that often mislead IT managers as they try to build secure systems. This practical guide provides readers with a better understanding of why protecting information is harder in the digital world, what they need to know to protect digital information, how to assess business and corporate security needs, and much more.
* Walks the reader through the real choices they have now for digital security and how to pick and choose the right one to meet their business needs
* Explains what cryptography can and can't do in achieving digital security
Preface xi
1. Introduction 1
Part 1: The Landscape 11
2. Digital Threats 14
3. Attacks 23
4. Adversaries 42
5. Security Needs 59
Part 2: Technologies 83
6. Cryptography 85
7. Cryptography in Context 102
8. Computer Security 120
9. Identification and Authentication 135
10. Networked-computer Security 151
11. Network Security 176
12. Network Defenses 188
13. Software Reliability 202
14. Secure Hardware 212
15. Certificates and Credentials 225
16. Security Tricks 240
17. The Human Factor 255
Part 3: Strategies 271
18. Vulnerabilities and the Vulnerability Landscape 274
19. Threat Modeling and Risk Assessment 288
20. Security Policies and Countermeasures 307
21. Attack Trees 318
22. Product Testing and Verification 334
23. The Future of Products 353
24. Security Processes 367
25. Conclusion 389
Afterword 396
Resources 399
Acknowledgments 401
Index 403
