Table of Contents, Volume III

The Handbook of Information Security, Volume III
Threats, Vulnerabilities, Prevention, Detection and Management

Part 1: Threats and Vulnerabilities to Information and Computing Infrastructures
132. Internal Security Threats
133. Physical Security Threats
134. Fixed-Line Telephone System Vulnerabilities
135. E-Mail Threats and Vulnerabilities
136. E-Commerce Vulnerabilities
137. Hacking Techniques in Wired Networks
138. Hacking Techniques in Wireless Networks
139. Computer Viruses and Worms
140. Trojan Horse Programs
141. Hoax Viruses and Virus Alerts
142. Hostile Java Applets
143. Spyware
144. Mobile Code and Security
145. Wireless Threats and Attacks
146. WEP Security
147. Bluetooth Security
148. Cracking WEP
149. Denial of Service Attacks
150. Network Attacks
151. Fault Attacks
152. Side-Channel Attacks

Part 2: Prevention: Keeping the Hackers and Crackers at Bay
153. Physical Security Measures
154. RFID and Security
155. Cryptographic Privacy Protection Techniques
156. Cryptographic Hardware Security Modules
157. Smart Card Security
158. Client-Side Security
159. Server-Side Security
160. Protecting Web Sites
161. Database Security
162. Medical Records Security
163. Access Control: Principles and Solutions
164. Password Authentication
165. Computer and Network Authentication
166. Antivirus Technology
167. Biometric Basics and Biometric Authentication
168. Issues and Concerns in Biometric IT Security
169. Firewall Basics
170. Firewall Architectures
171. Packet Filtering and Stateful Firewalls
172. Proxy Firewalls
173. E-Commerce Safeguards
174. Digital Signatures and Electronic Signatures
175. E-mail Security
176. Security for ATM Networks
177. VPN Basics
178. VPN Architecture
179. IP-Based VPN
180. Identity Management
181. Use of Deception Techniques: Honeypots and Decoys
182. Active Response to Computer Intrusions

Part 3: Detection, Recovery, Management and Policy Considerations
183. Intrusion Detection Systems Basics
184. Host-Based Intrusion Detection Systems
185. Network-Based Intrusion Detection Systems
186. Use of Agent Technology for Intrusion Detection
187. Contingency Planning Management
188. Computer Security Incident Response Teams (CSIRTs)
189. Implementing a Security Awareness Program
190. Risk Assessment for Risk Management
191. Security Insurance and Best Practices
192. Auditing Information Systems Security
193. Evidence Collection and Analysis Tools
194. Information Leakage: Detection and Countermeasures
195. Digital Rights Management
196. Web Hosting
197. Managing a Network Environment
198. E-Mail and Internet Use Policies
199. Forward Security: Adoptive Cryptography Time Evolution
200. Security Policy Guidelines
201. The Asset-Security Goals Continuum: A Process for Security
202. Multilevel Security
203. Multilevel Security Models
204. Security Architectures
205. Quality of Security Service: Adaptive Security
206. Security Policy Enforcement
207. Guidelines for a Comprehensive Security System