Security In Distributed Computing: Did You Lock the Door?, 1st edition

  • Glen Bruce
  • Rob Dempsey

Unfortunately, this item is not available in your country.

Overview


18290-7

Practical techniques for securing distributed computing systems.

Computing security is, at its core, more than a technical issue: It's a fundamental business challenge. Managers have plenty of security alternatives, but little real guidance on making intelligent decisions about them. And today's distributed, multivendor, Internet-connected environments encompass more insecure systems and networks than ever before.

Security in Distributed Computing offers the manager of distributed systems a thorough, common-sense framework for cost-effective computer security. Learn how to:

  • Develop distributed systems architectures and methodologies that are inherently more secure
  • Build trusted, Open-Systems-based distributed transaction processing systems
  • Evaluate cost vs. risk: What is worth securing, and at what price?
  • Consider human and organizational factors, so you can enhance security with minimum disruption to people and processes.

This book reviews critical risk areas in distributed systems, including networks, operating systems, applications, middleware, and the Internet. It considers the unique challenges of security in UNIX and Windows NT environments. And it presents detailed information about technologies that can help you respond, including:

  • Cryptography
  • The Kerberos authentication model
  • DCE security

Security in Distributed Computing also presents valuable, in-depth recommendations of how to design and implement a security strategy.

The more your organization comes to rely on distributed systems, the more important security will become. When you need to make important business decisions about security, you'll appreciate the practical advice and insight this book delivers.

Table of contents



Foreword.


Preface.


Acknowledgments.


Introduction.

I. UNDERSTANDING THE PROBLEM.

 1. “Computing Security” A Business Issue.

Business Drivers. Business Issues. Summary.

 2. Distributed Security Challenges.

Stories. Security Issues. The Top Ten List. Conclusions.

II. FOUNDATIONS.

 3. Computing Security Basics.

What is Security? Trust—What Is It? Trust—Why Do We Need It? Summary.

 4. Security Architecture.

Foundation. Trust. Control. Summary.

 5. Foundations.

Principles. Security Policy Framework. Security Criteria. Summary.

 6. Security Policy.

Security Policy Framework. Example of a Policy. The Process of Creating Policies. Summary.

III. TECHNOLOGIES.

 7. The Network.

A Tale of Two Networks. Systems Network Architecture. Introducing TCP/IP. SNA versus TCP/IP Security. Conclusions.

 8. Network Operating Systems.

About Network Operating Systems? Issues Surrounding NOS Implementations. Conclusions.

 9. Client/Server and Middleware.

Client/Server. Middleware. Enabling Technology. Distributed Objects. Things to Watch Out For. Summary.

10. UNIX Security.

Why has UNIX Such a Bad Reputation for Security? UNIX Security. Typical Abuses. Conclusions.

11. More UNIX Security.

UNIX Network Services. A Burglar's Tools. Conclusions.

12. UNIX Solutions.

Control Monitors. Conclusions.

13. Windows NT Security.

Security Controls. Networking. Conclusions.

14. The Internet.

What is the Internet? Internet Firewall. Conclusions.

15. Cryptography.

Private Key Encryption. Public Key Encryption. Encryption Issues. Digital Signature. Summary.

16. The DCE Environment.

What is DCE? Concerns about DCE. Conclusions.

17. DCE Security Concepts.

DCE Authentication. Authorization. Is DCE Bulletproof? Conclusions.

18. Distributed Database.

What is a RDBMS? Different Models to Enable Applications. Issues Surrounding RDBMS. What is a Data Warehouse? Conclusions.

19. On-Line Transaction Processing.

What Is a Transaction? Components of a Transaction Processing System. The Top Five List. Summary.

IV. SOLVING THE PROBLEM.

20. Secure Applications.

Concepts. System Development Life Cycle. Summary.

21. Implementation Examples.

Electronic Mail. Lotus Notes. What's Next. Summary.

22. Security Management.

System Management. Network Management. Conclusions.

23. Developing a Security Strategy.

A Security Strategy. The Security Strategy Roadmap. Conclusions.

24. Auditing.

What Is an Audit? What Role Should Audit Play? Sample Criteria for a UNIX Audit. The Basics of Computer Auditing. Expanding the Focus. Other Types of Audits. Conclusions.

25. The Future.

Appendix A. Strong Authentication.

Appendix B. Smart Cards.

Appendix C. Personal Computer Security.

Viruses. Personal Computer Access Controls. How Far Should Security Be Extended? Conclusions.

Appendix D. Remote Access.

Glossary.

References.

Index.

Published by Pearson (October 9th 1996) - Copyright © 1997