[ISN] REVIEW: "Cryptography and Network Security"

From: mea culpa (jerichoat_private)
Date: Wed Nov 25 1998 - 00:14:19 PST

  • Next message: mea culpa: "[ISN] REVIEW: "The Information Systems Security Officer's Guide""

    From: "Rob Slade, doting grandpa of Ryan and Trevor" <rsladeat_private>
    
    BKCRNTSC.RVW   981010
    
    "Cryptography and Network Security", William Stallings, 1999,
    0-13-869017-0
    %A   William Stallings wsat_private
    %C   One Lake St., Upper Saddle River, NJ   07458
    %D   1999
    %G   0-13-869017-0
    %I   Prentice Hall
    %O   +1-201-236-7139 fax: +1-201-236-7131 betsy_careyat_private
    %P   569 p.
    %T   "Cryptography and Network Security: Principles and Practice
          2nd edition"
    
    This book is intended to serve both as a textbook for an academic course
    of study, and as a self-study and reference guide for practicing
    professionals.  The material has been extended to emphasize encryption and
    its central position in network protection.  The structure and flow have
    been reorganized with both classroom use and solo instruction in mind, and
    additional teaching material, such as additional problems, have been
    added. 
    
    Chapter one is an introduction to the topics to be covered.  In a
    practical way it outlines the concerns involved in the phrase computer
    security, and the priorities occasioned by the networked nature of modern
    computing.  There is also an outline of the chapters and sequence in the
    rest of the book.  While the text does note that cryptographic techniques
    underlie most of current security technologies this is only done briefly. 
    Examples in the major categories listed would help explain this primary
    position. 
    
    Part one deals with conventional, symmetric, encryption and the various
    methods of attacking it.  Chapter two covers the historical substitution
    and transposition ciphers.  Symmetric block ciphers are discussed in
    chapter three, illustrated by an explanation of DES (Data Encryption
    Standard).  The additional conventional algorithms of triple DES, IDEA
    (International Data Encryption Algorithm), and RC5 are reviewed in chapter
    four.  The use of conventional encryption for confidentiality is outlined
    in chapter five. 
    
    Part three looks at public-key encryption and hash functions.  Chapter six
    introduces public-key encryption and its uses in confidentiality,
    authentication, and key management and exchange.  Number theory is the
    basis of these modern algorithms, so some basic mathematical concepts are
    outlined in chapter seven.  Digital signatures and message authentication
    is introduced in some detail in chapter eight.  The algorithms themselves
    are explained in chapter nine, including MD5 (Message Digest algorithm),
    SHA (Secure Hash Algorithm), and others.  Protocols using digital
    signatures are described in chapter ten. 
    
    Part three takes this background material and relates its use in security
    practice.  Chapter eleven looks at authentication, concentrating on
    Kerberos and X.509.  The examples of email security systems given in
    chapter twelve are PGP (Pretty Good Privacy) and S/MIME
    (Secure/Multipurpose Internet Mail Extension).  Security provisions for
    the Internet Protocol (IP) itself are reviewed in chapter thirteen.  Web
    security, in chapter fourteen, again concentrates on protocol level
    matters, but also discusses the SET (Secure Electronic Transaction)
    standard at the application level. 
    
    Part four outlines general system security.  To the general public the
    primary concern of security is to deal with intruders and malicious
    software, so it may seem odd to the uninitiated to find that both of these
    subjects are lumped together in chapter fifteen.  Chapter sixteen finishes
    off the book with a description of firewalls and the concept of trusted
    systems that they rely on. 
    
    Each chapter ends with a set of recommended readings and problems.  Many
    chapters also have appendices giving additional details of specific topics
    related to the subject just discussed. 
    
    For the instructor, student, and professional, this work provides thorough
    coverage, clear explanations, and solid information. 
    
    copyright Robert M. Slade, 1998   BKCRNTSC.RVW   981010
    
    
    
    -o-
    Subscribe: mail majordomoat_private with "subscribe isn".
    Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
    



    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:12:24 PDT