Wiley.com

Contributors, Volume III

The Handbook of Information Security, Volume III
Threats, Vulnerabilities, Prevention, Detection and Management
Contents

Part 1: Threats and Vulnerabilities to Information and Computing Infrastructures

132. Internal Security Threats


Marcus K. Rogers
Purdue University

133. Physical Security Threats

Mark Michael
Research in Motion Ltd., Canada

134. Fixed-Line Telephone System Vulnerabilities

Mak Ming Tak
Hong Kong University of Science and Technology , Hong Kong

Xu Yan
Hong Kong University of Science and Technology , Hong Kong

Zenith Y.W. Law
JustSolve Consulting, Hong Kong

135. E-Mail Threats and Vulnerabilities

David Harley
NHS Connecting for Health, UK

136. E-Commerce Vulnerabilities

Sviatoslav Braynov
University of Illinois, Springfield

137. Hacking Techniques in Wired Networks

Qijun Gu
Pennsylvania State University

Peng Liu
Pennsylvania State University

Chao-Hsien Chu
Pennsylvania State University

138. Hacking Techniques in Wireless Networks

Prabhaker Mateti
Wright State University

139. Computer Viruses and Worms

Robert Slade
Independent Consultant, Canada

140. Trojan Horse Programs

Adam Young
Cigital, Inc.

141. Hoax Viruses and Virus Alerts

Robert Slade
Independent Consultant, Canada

142. Hostile Java Applets

David Evans
University of Virginia

143. Spyware

Tom S. Chan
Southern New Hampshire University

144. Mobile Code and Security

Song Fu
Wayne State University

Cheng-Zhong Xu
Wayne State University

145. Wireless Threats and Attacks

Robert J. Boncella
Washburn University

146. WEP Security

Nikita Borisov
University of California, Berkeley

147. Bluetooth Security

Susanne Wetzel
Stevens Institute of Technology

148. Cracking WEP

Pascal Meunier
Purdue University

149. Denial of Service Attacks

E. Eugene Schultz
University of California-Berkeley Lab

150. Network Attacks

Edward Amoroso
AT&T Laboratories

151. Fault Attacks

Hamid Choukri
Gemplus & University of Bordeaux, France

Michael Tunstall
Gemplus & Royal Holloway University, France

152. Side-Channel Attacks

Pankaj Rohatgi
IBM Corporation

Part 2: Prevention: Keeping the Hackers and Crackers at Bay

153. Physical Security Measures

Mark Michael
Research in Motion Ltd., Canada

154. RFID and Security

Stephen A. Weis
Massachusetts Institute of Technology

155. Cryptographic Privacy Protection Techniques

Markus Jakobsson
Indiana University, Bloomington

156. Cryptographic Hardware Security Modules

Nicko van Someren
nCipher Corporation, UK

157. Smart Card Security

Michael Tunstall
Gemplus & Royal Holloway University, France

Sebastien Petit
Gemplus, France

Stephanie Porte
Gemplus, France

158. Client-Side Security

Charles Border
Rochester Institute of Technology

159. Server-Side Security

Slim Rekhis
National Digital Certification Agency, and University of Carthage, Tunisia

Noureddine Boudriga
National Digital Certification Agency, and University of Carthage, Tunisia

Mohammad S. Obaidat
Monmouth University

160. Protecting Web Sites

Dawn Alexander
University of Maryland

April Giles
Independent Consultant

161. Database Security

Michael Gertz
University of California, Davis

Arnon Rosenthal
The MITRE Corporation

162. Medical Records Security

Normand M. Martel
Medical Technology Research Corp.

163. Access Control: Principles and Solutions

S. De Capitani di Vimercati
Università di Milano, Italy

S. Paraboschi
Università di Bergamo, Italy

Pierangela Samarati
Università di Milano, Italy

164. Password Authentication

Jeremy L. Rasmussen
Sypris Electronics, LLC

165. Computer and Network Authentication

Patrick McDaniel
Pennsylvania State University

166. Antivirus Technology

Matthew Schmid
Cigital, Inc.

167. Biometric Basics and Biometric Authentication

James. L. Wayman
San Jose State University

168. Issues and Concerns in Biometric IT Security

Philip Statham
CESG, Cheltenham, Gloucestershire, UK

169. Firewall Basics

James E. Goldman
Purdue University

170. Firewall Architectures

James E. Goldman
Purdue University

171. Packet Filtering and Stateful Firewalls

Avishai Wool
Tel Aviv University, Israel

172. Proxy Firewalls

John D. McLaren
Murray State University

173. E-Commerce Safeguards

Mark S. Merkow
University of Phoenix

174. Digital Signatures and Electronic Signatures

Raymond R. Panko
University of Hawai`I, Manoa

175. E-mail Security

Jon Callas
PGP Corporation

176. Security for ATM Networks

Thomas D. Tarman
Sandia National Laboratories

177. VPN Basics

G. I. Papadimitriou
Aristotle University, Greece

Mohammad S. Obaidat
Monmouth University

C. Papazoglou
Aristotle University, Greece

A.S. Pomportsis
Aristotle University, Greece

178. VPN Architecture

Stan Kurkovsky
Columbus State University

179. IP-Based VPN

David E. McDysan
MCI Corporation

180. Identity Management

John Linn
RSA Laboratories

181. Use of Deception Techniques: Honeypots and Decoys

Fred Cohen
University of New Haven

182. Active Response to Computer Intrusions

David Dittrich
University of Washington

Kenneth Einar Himma
Seattle Pacific University

Part 3: Detection, Recovery, Management and Policy Considerations

183. Intrusion Detection Systems Basics

Peng Ning
North Carolina State University

Sushil Jajodia
George Mason University

184. Host-Based Intrusion Detection Systems

Giovanni Vigna
Reliable Software Group

Christopher Kruegel
Technical University, Vienna, Austria

185. Network-Based Intrusion Detection Systems

Marco Cremonini
University of Milan, Italy

186. Use of Agent Technology for Intrusion Detection

Dipankar Dasgupta
The University of Memphis

187. Contingency Planning Management

Marco Cremonini
University of Milan, Italy

Pierangela Samarati
University of Milan, Italy

188. Computer Security Incident Response Teams (CSIRTs)

Raymond R. Panko
University of Hawai`I, Manoa

189. Implementing a Security Awareness Program

K Rudolph
Native Intelligence, Inc.

190. Risk Assessment for Risk Management

Rick Kazman
University of Hawaii, Manoa

Daniel N. Port
University of Hawaii, Manoa

David Klappholz
Stevens Institute of Technology

191. Security Insurance and Best Practices

Selahattin Kuru
Isik University, Turkey

Onur Ihsan Arsun
Isik University, Turkey

Mustafa Yıldız
Isik University, Turkey

192. Auditing Information Systems Security

S. Rao Vallabhaneni
SRV Professional Publications

193. Evidence Collection and Analysis Tools

Christopher L. T. Brown
Technology Pathways LLC

194. Information Leakage: Detection and Countermeasures

Phil Venables
Goldman Sachs

195. Digital Rights Management

Renato Iannella
National ICT, Australia

196. Web Hosting

Doug Kaye
IT Conversations

197. Managing a Network Environment

Jian Ren
Michigan State University

198. E-Mail and Internet Use Policies

Nancy J. King
Oregon State University

199. Forward Security: Adoptive Cryptography Time Evolution

Gene Itkis
Boston University

200. Security Policy Guidelines

Mohamed Hamdi
National Digital Certification Agency, Tunisia

Noureddine Boudriga
National Digital Certification Agency, Tunisia

Mohammad S. Obaidat
Monmouth University

201. The Asset-Security Goals Continuum: A Process for Security

Margarita Maria Lenk
Colorado State University

202. Multilevel Security

Richard E. Smith
University of St. Thomas

203. Multilevel Security Models

Mark Stamp
San Jose State University

Ali Hushyar
San Jose State University

204. Security Architectures

Nicole Graf
University of Cooperative Education, Germany

Dominic Kneeshaw
Independent Consultant, Germany

205. Quality of Security Service: Adaptive Security

Timothy E. Levin
Naval Postgraduate School

Cynthia E. Irvine
Naval Postgraduate School

Evdoxia Spyropoulou
Technical Vocational Educational School of Computer Science of Halandri, Greece

206. Security Policy Enforcement

Cynthia E. Irvine
Naval Postgraduate School

207. Guidelines for a Comprehensive Security System

Hossein Bidgoli
California State University, Bakersfield