Muutke küpsiste eelistusi

Wireless Mobile Internet Security 2nd edition [Kõva köide]

5.00/5 (2 hinnangut Goodreads-ist)
(Endowed Chair Professor, Kyung Hee University Professor Emeritus, Hanyang University, Republic of Korea)
  • Formaat: Hardback, 522 pages, kõrgus x laius x paksus: 252x175x28 mm, kaal: 921 g
  • Ilmumisaeg: 19-Apr-2013
  • Kirjastus: John Wiley & Sons Inc
  • ISBN-10: 1118496531
  • ISBN-13: 9781118496534
Teised raamatud teemal:
Wireless Mobile Internet Security 2nd editionSuurem pilt
  • Formaat: Hardback, 522 pages, kõrgus x laius x paksus: 252x175x28 mm, kaal: 921 g
  • Ilmumisaeg: 19-Apr-2013
  • Kirjastus: John Wiley & Sons Inc
  • ISBN-10: 1118496531
  • ISBN-13: 9781118496534
Teised raamatud teemal:
Püsilink: https://www.kriso.ee/db/9781118496534.html
Märksõnad:
Wireless devices are an increasingly important part of the Internet and may soon constitute the majority of networked devices. Security considerations for these devices have often been an afterthought. The first two chapters of this reference lay out the technical foundations of the Internet itself in both physical hardware such as routers, switches and gateways and the various software protocols such as TCP/IP and UDP that make communication among different operating systems and programs possible. Reflecting Rhee's over half a century of research and teaching in cryptography, information security and coding theory, many of the following chapters are devoted to describing the many cryptographic systems in current use both in wired and wireless systems. The formal mathematical bases of these algorithms are presented in detail along with relevant equations. Network layer, transport layer, and email security are given a chapter each. There is also a chapter on the Secure Electronic Transaction (SET) protocol for e-commerce and one on the construction of firewalls. The final chapter covers the 4G system in considerable detail. There is a heavy emphasis on the complex ways 4G devices allocate bandwidth in the electromagnetic spectrum. Annotation ©2013 Book News, Inc., Portland, OR (booknews.com)

The mobile industry for wireless cellular services has grown at a rapid pace over the past decade. Similarly, Internet service technology has also made dramatic growth through the World Wide Web with a wire line infrastructure. Realization for complete wired/wireless mobile Internet technologies will become the future objectives for convergence of these technologies through multiple enhancements of both cellular mobile systems and Internet interoperability. Flawless integration between these two wired/wireless networks will enable subscribers to not only roam worldwide, but also to solve the ever increasing demand for data/Internet services. In order to keep up with this noteworthy growth in the demand for wireless broadband, new technologies and structural architectures are needed to greatly improve system performance and network scalability while significantly reducing the cost of equipment and deployment.

Dr. Rhee covers the technological development of wired/wireless internet communications in compliance with each iterative generation up to 4G systems, with emphasis on wireless security aspects. By progressing in a systematic matter, presenting the theory and practice of wired/wireless mobile technologies along with various security problems, readers will gain an intimate sense of how mobile internet systems operate and how to address complex security issues.

Features:

  • Written by a top expert in information security
  • Gives a clear understanding of wired/wireless mobile internet technologies
  • Presents complete coverage of various cryptographic protocols and specifications needed for 3GPP: AES, KASUMI, Public-key and Elliptic curve cryptography
  • Forecast new features and promising 4G packet-switched wireless internet technologies for voice and data communications
  • Provides MIMO/OFDMA-based for 4G systems such as Long Term Evolution (LTE), Ultra Mobile Broadband (UMB), Mobile WiMax or Wireless Broadband (WiBro)
  • Deals with Intrusion Detection System against worm/virus cyber attacks

The book ideal for advanced undergraduate and postgraduate students enrolled in courses such as Wireless Access Networking, Mobile Internet Radio Communications. Practicing engineers in industry and research scientists can use the book as a reference to get reacquainted with mobile radio fundamentals or to gain deeper understanding of complex security issues.

Preface xiii
About the Author xxi
Acknowledgments xxiii
1 Internetworking and Layered Models
1(62)
1.1 Networking Technology
2(3)
1.1.1 Local Area Networks (LANs)
2(1)
1.1.2 Wide Area Networks (WANs)
3(2)
1.2 Connecting Devices
5(3)
1.2.1 Switches
5(1)
1.2.2 Repeaters
6(1)
1.2.3 Bridges
7(1)
1.2.4 Routers
7(1)
1.2.5 Gateways
8(1)
1.3 The OSI Model
8(4)
1.4 TCP/IP Model
12(3)
1.4.1 Network Access Layer
13(1)
1.4.2 Internet Layer
14(1)
1.4.3 Transport Layer
14(1)
1.4.4 Application Layer
14(1)
2 TCP/IP Suite and Internet Stack Protocols
15(1)
2.1 Network Layer Protocols
15(26)
2.1.1 Internet Protocol (IP)
15(13)
2.1.2 Address Resolution Protocol (ARP)
28(3)
2.1.3 Reverse Address Resolution Protocol (RARP)
31(1)
2.1.4 Classless Interdomain Routing (CIDR)
31(1)
2.1.5 IP Version 6 (IPv6 or IPng)
32(8)
2.1.6 Internet Control Message Protocol (ICMP)
40(1)
2.1.7 Internet Group Management Protocol (IGMP)
41(1)
2.2 Transport Layer Protocols
41(6)
2.2.1 Transmission Control Protocol (TCP)
41(3)
2.2.2 User Datagram Protocol (UDP)
44(3)
2.3 World Wide Web
47(2)
2.3.1 Hypertext Transfer Protocol (HTTP)
47(1)
2.3.2 Hypertext Markup Language (HTML)
47(1)
2.3.3 Common Gateway Interface (CGI)
48(1)
2.3.4 Java
49(1)
2.4 File Transfer
49(1)
2.4.1 File Transfer Protocol (FTP)
49(1)
2.4.2 Trivial File Transfer Protocol (TFTP)
49(1)
2.4.3 Network File System (NFS)
50(1)
2.5 E-Mail
50(2)
2.5.1 Simple Mail Transfer Protocol (SMTP)
50(1)
2.5.2 Post Office Protocol Version 3 (POP3)
51(1)
2.5.3 Internet Message Access Protocol (IMAP)
51(1)
2.5.4 Multipurpose Internet Mail Extension (MIME)
52(1)
2.6 Network Management Service
52(1)
2.6.1 Simple Network Management Protocol (SNMP)
52(1)
2.7 Converting IP Addresses
53(1)
2.7.1 Domain Name System (DNS)
53(1)
2.8 Routing Protocols
54(1)
2.8.1 Routing Information Protocol (RIP)
54(1)
2.8.2 Open Shortest Path First (OSPF)
54(1)
2.8.3 Border Gateway Protocol (BGP)
55(1)
2.9 Remote System Programs
55(1)
2.9.1 TELNET
55(1)
2.9.2 Remote Login (Rlogin)
56(1)
2.10 Social Networking Services
56(1)
2.10.1 Facebook
56(1)
2.10.2 Twitter
56(1)
2.10.3 Linkedin
57(1)
2.10.4 Groupon
57(1)
2.11 Smart IT Devices
57(1)
2.11.1 Smartphones
57(1)
2.11.2 Smart TV
57(1)
2.11.3 Video Game Console
58(1)
2.12 Network Security Threats
58(1)
2.12.1 Worm
58(1)
2.12.2 Virus
58(1)
2.12.3 DDoS
58(1)
2.13 Internet Security Threats
58(1)
2.13.1 Phishing
58(1)
2.13.2 SNS Security Threats
59(1)
2.14 Computer Security Threats
59(4)
2.14.1 Exploit
59(1)
2.14.2 Password Cracking
60(1)
2.14.3 Rootkit
60(1)
2.14.4 Trojan Horse
60(1)
2.14.5 Keylogging
61(1)
2.14.6 Spoofing Attack
61(1)
2.14.7 Packet Sniffer
62(1)
2.14.8 Session Hijacking
62(1)
3 Global Trend of Mobile Wireless Technology
63(18)
3.1 1G Cellular Technology
63(1)
3.1.1 AMPS (Advanced Mobile Phone System)
64(1)
3.1.2 NMT (Nordic Mobile Telephone)
64(1)
3.1.3 TACS (Total Access Communications System)
64(1)
3.2 2G Mobile Radio Technology
64(3)
3.2.1 CDPD (Cellular Digital Packet Data), North American Protocol
65(1)
3.2.2 GSM (Global System for Mobile Communications)
65(1)
3.2.3 TDMA-136 or IS-54
66(1)
3.2.4 iDEN (Integrated Digital Enhanced Network)
66(1)
3.2.5 cdmaOne IS-95A
67(1)
3.2.6 PDC (Personal Digital Cellular)
67(1)
3.2.7 i-mode
67(1)
3.2.8 WAP (Wireless Application Protocol)
67(1)
3.3 2.5G Mobile Radio Technology
67(3)
3.3.1 ECSD (Enhanced Circuit-Switched Data)
69(1)
3.3.2 HSCSD (High-Speed Circuit-Switched Data)
69(1)
3.3.3 GPRS (General Packet Radio Service)
69(1)
3.3.4 EDGE (Enhanced Data rate for GSM Evolution)
69(1)
3.3.5 cdmaOne IS-95B
69(1)
3.4 3G Mobile Radio Technology (Situation and Status of 3G)
70(5)
3.4.1 UMTS (Universal Mobile Telecommunication System)
73(1)
3.4.2 HSDPA (High-Speed Downlink Packet Access)
73(1)
3.4.3 CDMA2000 1x
74(1)
3.4.4 CDMA2000 1xEV (1x Evolution)
74(1)
3.4.5 CDMA2000 1xEV-DO (1x Evolution Data Only)
74(1)
3.4.6 CDMA2000 1xEV-DV (1x Evolution Data Voice)
74(1)
3.5 3G UMTS Security-Related Encryption Algorithm
75(6)
3.5.1 KASUMI Encryption Function
75(6)
4 Symmetric Block Ciphers
81(80)
4.1 Data Encryption Standard (DES)
81(18)
4.1.1 Description of the Algorithm
82(2)
4.1.2 Key Schedule
84(2)
4.1.3 DES Encryption
86(5)
4.1.4 DES Decryption
91(4)
4.1.5 Triple DES
95(2)
4.1.6 DES-CBC Cipher Algorithm with IV
97(2)
4.2 International Data Encryption Algorithm (IDEA)
99(9)
4.2.1 Subkey Generation and Assignment
100(1)
4.2.2 IDEA Encryption
101(5)
4.2.3 IDEA Decryption
106(2)
4.3 RC5 Algorithm
108(15)
4.3.1 Description of RC5
109(1)
4.3.2 Key Expansion
110(4)
4.3.3 Encryption
114(3)
4.3.4 Decryption
117(6)
4.4 RC6 Algorithm
123(12)
4.4.1 Description of RC6
123(1)
4.4.2 Key Schedule
124(1)
4.4.3 Encryption
125(3)
4.4.4 Decryption
128(7)
4.5 AES (Rijndael) Algorithm
135(26)
4.5.1 Notational Conventions
135(2)
4.5.2 Mathematical Operations
137(3)
4.5.3 AES Algorithm Specification
140(21)
5 Hash Function, Message Digest, and Message Authentication Code
161(42)
5.1 DMDC Algorithm
161(10)
5.1.1 Key Schedule
162(4)
5.1.2 Computation of Message Digests
166(5)
5.2 Advanced DMDC Algorithm
171(5)
5.2.1 Key Schedule
171(2)
5.2.2 Computation of Message Digests
173(3)
5.3 MD5 Message-Digest Algorithm
176(12)
5.3.1 Append Padding Bits
176(1)
5.3.2 Append Length
177(1)
5.3.3 Initialize MD Buffer
177(1)
5.3.4 Define Four Auxiliary Functions (F, G, H, I)
177(1)
5.3.5 FF, GG, HH, and II Transformations for Rounds 1, 2, 3, and 4
178(1)
5.3.6 Computation of Four Rounds (64 Steps)
178(10)
5.4 Secure Hash Algorithm (SHA-1)
188(7)
5.4.1 Message Padding
188(1)
5.4.2 Initialize 160-bit Buffer
189(1)
5.4.3 Functions Used
189(1)
5.4.4 Constants Used
190(1)
5.4.5 Computing the Message Digest
191(4)
5.5 Hashed Message Authentication Codes (HMAC)
195(8)
6 Asymmetric Public-Key Cryptosystems
203(46)
6.1 Diffie--Hellman Exponential Key Exchange
203(4)
6.2 RSA Public-Key Cryptosystem
207(8)
6.2.1 RSA Encryption Algorithm
208(4)
6.2.2 RSA Signature Scheme
212(3)
6.3 ElGamal's Public-Key Cryptosystem
215(7)
6.3.1 ElGamal Encryption
215(2)
6.3.2 ElGamal Signatures
217(2)
6.3.3 ElGamal Authentication Scheme
219(3)
6.4 Schnorr's Public-Key Cryptosystem
222(5)
6.4.1 Schnorr's Authentication Algorithm
222(2)
6.4.2 Schnorr's Signature Algorithm
224(3)
6.5 Digital Signature Algorithm
227(3)
6.6 The Elliptic Curve Cryptosystem (ECC)
230(19)
6.6.1 Elliptic Curves
230(9)
6.6.2 Elliptic Curve Cryptosystem Applied to the ElGamal Algorithm
239(1)
6.6.3 Elliptic Curve Digital Signature Algorithm
240(4)
6.6.4 ECDSA Signature Computation
244(5)
7 Public-Key Infrastructure
249(42)
7.1 Internet Publications for Standards
250(1)
7.2 Digital Signing Techniques
251(7)
7.3 Functional Roles of PKI Entities
258(5)
7.3.1 Policy Approval Authority
258(2)
7.3.2 Policy Certification Authority
260(1)
7.3.3 Certification Authority
261(1)
7.3.4 Organizational Registration Authority
262(1)
7.4 Key Elements for PKI Operations
263(8)
7.4.1 Hierarchical Tree Structures
264(1)
7.4.2 Policy-Making Authority
265(1)
7.4.3 Cross-Certification
266(3)
7.4.4 X.500 Distinguished Naming
269(1)
7.4.5 Secure Key Generation and Distribution
270(1)
7.5 X.509 Certificate Formats
271(11)
7.5.1 X.509 v1 Certificate Format
271(2)
7.5.2 X.509 v2 Certificate Format
273(1)
7.5.3 X.509 v3 Certificate Format
274(8)
7.6 Certificate Revocation List
282(5)
7.6.1 CRL Fields
282(2)
7.6.2 CRL Extensions
284(1)
7.6.3 CRL Entry Extensions
285(2)
7.7 Certification Path Validation
287(4)
7.7.1 Basic Path Validation
287(2)
7.7.2 Extending Path Validation
289(2)
8 Network Layer Security
291(34)
8.1 IPsec Protocol
291(8)
8.1.1 IPsec Protocol Documents
292(2)
8.1.2 Security Associations (SAs)
294(2)
8.1.3 Hashed Message Authentication Code (HMAC)
296(3)
8.2 IP Authentication Header
299(2)
8.2.1 AH Format
300(1)
8.2.2 AH Location
301(1)
8.3 IP ESP
301(7)
8.3.1 ESP Packet Format
303(1)
8.3.2 ESP Header Location
304(2)
8.3.3 Encryption and Authentication Algorithms
306(2)
8.4 Key Management Protocol for IPsec
308(17)
8.4.1 OAKLEY Key Determination Protocol
308(1)
8.4.2 ISAKMP
309(16)
9 Transport Layer Security: SSLv3 and TLSv1
325(28)
9.1 SSL Protocol
325(13)
9.1.1 Session and Connection States
326(1)
9.1.2 SSL Record Protocol
327(4)
9.1.3 SSL Change Cipher Spec Protocol
331(1)
9.1.4 SSL Alert Protocol
331(1)
9.1.5 SSL Handshake Protocol
332(6)
9.2 Cryptographic Computations
338(1)
9.2.1 Computing the Master Secret
338(1)
9.2.2 Converting the Master Secret into Cryptographic Parameters
339(1)
9.3 TLS Protocol
339(14)
9.3.1 HMAC Algorithm
340(4)
9.3.2 Pseudo-random Function
344(5)
9.3.3 Error Alerts
349(1)
9.3.4 Certificate Verify Message
350(1)
9.3.5 Finished Message
351(1)
9.3.6 Cryptographic Computations (for TLS)
351(2)
10 Electronic Mail Security: PGP, S/MIME
353(34)
10.1 PGP
353(19)
10.1.1 Confidentiality via Encryption
354(1)
10.1.2 Authentication via Digital Signature
355(1)
10.1.3 Compression
356(1)
10.1.4 Radix-64 Conversion
357(4)
10.1.5 Packet Headers
361(2)
10.1.6 PGP Packet Structure
363(4)
10.1.7 Key Material Packet
367(4)
10.1.8 Algorithms for PGP 5.x
371(1)
10.2 S/MIME
372(15)
10.2.1 MIME
372(7)
10.2.2 S/MIME
379(3)
10.2.3 Enhanced Security Services for S/MIME
382(5)
11 Internet Firewalls for Trusted Systems
387(28)
11.1 Role of Firewalls
387(1)
11.2 Firewall-Related Terminology
388(4)
11.2.1 Bastion Host
389(1)
11.2.2 Proxy Server
389(1)
11.2.3 SOCKS
390(1)
11.2.4 Choke Point
391(1)
11.2.5 Demilitarized Zone (DMZ)
391(1)
11.2.6 Logging and Alarms
391(1)
11.2.7 VPN
392(1)
11.3 Types of Firewalls
392(6)
11.3.1 Packet Filters
392(5)
11.3.2 Circuit-Level Gateways
397(1)
11.3.3 Application-Level Gateways
397(1)
11.4 Firewall Designs
398(3)
11.4.1 Screened Host Firewall (Single-Homed Bastion Host)
399(1)
11.4.2 Screened Host Firewall (Dual-Homed Bastion Host)
400(1)
11.4.3 Screened Subnet Firewall
400(1)
11.5 IDS Against Cyber Attacks
401(3)
11.5.1 Internet Worm Detection
401(1)
11.5.2 Computer Virus
402(1)
11.5.3 Special Kind of Viruses
403(1)
11.6 Intrusion Detections Systems
404(11)
11.6.1 Network-Based Intrusion Detection System (NIDS)
404(2)
11.6.2 Wireless Intrusion Detection System (WIDS)
406(2)
11.6.3 Network Behavior Analysis System (NBAS)
408(1)
11.6.4 Host-Based Intrusion Detection System (HIDS)
409(1)
11.6.5 Signature-Based Systems
410(1)
11.6.6 Anomaly-Based Systems
411(1)
11.6.7 Evasion Techniques of IDS Systems
412(3)
12 SET for E-Commerce Transactions
415(24)
12.1 Business Requirements for SET
415(2)
12.2 SET System Participants
417(1)
12.3 Cryptographic Operation Principles
418(2)
12.4 Dual Signature and Signature Verification
420(4)
12.5 Authentication and Message Integrity
424(3)
12.6 Payment Processing
427(12)
12.6.1 Cardholder Registration
427(6)
12.6.2 Merchant Registration
433(1)
12.6.3 Purchase Request
434(1)
12.6.4 Payment Authorization
435(2)
12.6.5 Payment Capture
437(2)
13 4G Wireless Internet Communication Technology
439(28)
13.1 Mobile WiMAX
440(8)
13.1.1 Mobile WiMAX Network Architecture
440(2)
13.1.2 Reference Points in WiMAX Network Reference Model (NRM)
442(2)
13.1.3 Key Supporting Technologies
444(3)
13.1.4 Comparison between Mobile WiMAX Network and Cellular Wireless Network
447(1)
13.2 WiBro (Wireless Broadband)
448(4)
13.2.1 WiBro Network Architecture
448(1)
13.2.2 Key Elements in WiBro System Configuration
449(2)
13.2.3 System Comparison between HSDPA and WiBro
451(1)
13.2.4 Key Features on WiBro Operation
451(1)
13.3 UMB (Ultra Mobile Broadband)
452(5)
13.3.1 Design Objectives of UMB
453(1)
13.3.2 Key Technologies Applicable to UMB
453(2)
13.3.3 UMB IP-Based Network Architecture
455(1)
13.3.4 Conclusive Remarks
456(1)
13.4 LTE (Long Term Evolution)
457(10)
13.4.1 LTE Features and Capabilities
457(1)
13.4.2 LTE Frame Structure
458(1)
13.4.3 LTE Time-Frequency Structure for Downlink
458(2)
13.4.4 LTE SC-FDMA on Uplink
460(1)
13.4.5 LTE Network Architecture
461(2)
13.4.6 Key Components Supporting LTE Design
463(1)
13.4.7 Concluding Remarks
464(3)
Acronyms 467(6)
Bibliography 473(8)
Index 481
Dr. Man Young Rhee, Seoul National University, Korea Man Young Rhee received his B.S.E.E degree from Seoul National University in 1952 and his M.S.E.E and Ph.D. degree from the University of Colorado in 1956 and 1958, respectively. Since 1997, Dr. Rhee has been an Invited Professor of Electrical and Computer Engineering, Seoul National University. He is also Professor Emeritus of Electrical Engineering at Hanyang University, Seoul, Korea. In addition, he has over 45 years of research and teaching experience in the field of communication technologies, coding theory, cryptography, and information security. Dr. Rhee has held a number of high level positions in both government and corporate sectors: President of Samsung Semiconductor Communications; President of Korea Telecommunications Company; Chairman of the Korea Information Security Agency at the Ministry of Information and Communication; President of the Korea Institute of Information Security and Cryptology; and Vice President of the Agency for Defense Development at the Ministry of National Defense.