Applied Information Security

A Hands-on Approach

  • David Basin
  • Patrick Schaller
  • Michael Schläpfer

Table of contents

  1. Front Matter
    Pages I-XIV
  2. David Basin, Patrick Schaller, Michael Schläpfer
    Pages 1-16
  3. David Basin, Patrick Schaller, Michael Schläpfer
    Pages 17-26
  4. David Basin, Patrick Schaller, Michael Schläpfer
    Pages 27-45
  5. David Basin, Patrick Schaller, Michael Schläpfer
    Pages 47-67
  6. David Basin, Patrick Schaller, Michael Schläpfer
    Pages 69-80
  7. David Basin, Patrick Schaller, Michael Schläpfer
    Pages 81-101
  8. David Basin, Patrick Schaller, Michael Schläpfer
    Pages 103-116
  9. David Basin, Patrick Schaller, Michael Schläpfer
    Pages 117-145
  10. Back Matter
    Pages 147-202

About this book

Introduction

This book explores fundamental principles for securing IT systems and illustrates them with hands-on experiments that may be carried out by the reader using accompanying software. The experiments highlight key information security problems that arise in modern operating systems, networks, and web applications. The authors explain how to identify and exploit such problems and they show different countermeasures and their implementation. The reader thus gains a detailed understanding of how vulnerabilities arise and practical experience tackling them.

After presenting the basics of security principles, virtual environments, and network services, the authors explain the core security principles of authentication and access control, logging and log analysis, web application security, certificates and public-key cryptography, and risk management. The book concludes with appendices on the design of related courses, report templates, and the basics of Linux as needed for the assignments.

The authors have successfully taught IT security to students and professionals using the content of this book and the laboratory setting it describes. The book can be used in undergraduate or graduate laboratory courses, complementing more theoretically oriented courses, and it can also be used for self-study by IT professionals who want hands-on experience in applied information security. The authors' supporting software is freely available online and the text is supported throughout with exercises.

Keywords

IT security Linux Web application security access control authentication certificates logging network services networks operating systems public-key cryptography risk management virtual machines

Authors and affiliations

  • David Basin
    • 1
  • Patrick Schaller
    • 2
  • Michael Schläpfer
    • 3
  1. 1.ZISCETH ZürichZürichSwitzerland
  2. 2., ZISCETH ZürichZürichSwitzerland
  3. 3., ZISCETH ZürichZürichSwitzerland

Bibliographic information

  • DOI https://doi.org/10.1007/978-3-642-24474-2
  • Copyright Information Springer-Verlag Berlin Heidelberg 2011
  • Publisher Name Springer, Berlin, Heidelberg
  • eBook Packages Computer Science
  • Print ISBN 978-3-642-24473-5
  • Online ISBN 978-3-642-24474-2
  • About this book