If you’re a security or network professional, you already know the “do’s and don’ts”: run AV software and firewalls, lock down your systems, use encryption, watch network traffic, follow best practices, hire expensive consultants . . . but it isn’t working. You’re at greater risk than ever, and even the world’s most security-focused organizations are being victimized by massive attacks.   In Thinking Security, author Steven M. Bellovin provides a new way to think about security. As one of the world’s most respected security experts, Bellovin helps you gain new clarity about what you’re doing and why you’re doing it. He helps you understand security as a systems problem, including the role of the all-important human element, and shows you how to match your countermeasures to actual threats. You’ll learn how to move beyond last year’s checklists at a time when technology is changing so rapidly.   You’ll also understand how to design security architectures that don’t just prevent attacks wherever possible, but also deal with the consequences of failures. And, within the context of your coherent architecture, you’ll learn how to decide when to invest in a new security product and when not to.   Bellovin, co-author of the best-selling Firewalls and Internet Security, caught his first hackers in 1971. Drawing on his deep experience, he shares actionable, up-to-date guidance on issues ranging from SSO and federated authentication to BYOD, virtualization, and cloud security.   Perfect security is impossible. Nevertheless, it’s possible to build and operate security systems far more effectively. Thinking Security will help you do just that.

Table of Contents:
Preface xi   Part I: Defining the Problem 1   Chapter 1: Introduction 3 1.1 Changes 3 1.2 Adapting to Change 5 1.3 Security Analysis 9 1.4 A Few Words on Terminology 12   Chapter 2: Thinking About Security 15 2.1 The Security Mindset 15 2.2 Know Your Goals 17 2.3 Security as a Systems Problem 21 2.4 Thinking Like the Enemy 25   Chapter 3: Threat Models 31 3.1 Who’s Your Enemy? 31 3.2 Classes of Attackers 34 3.3 Advanced Persistent Threats 36 3.4 What’s at Risk? 40 3.5 The Legacy Problem 42   Part II: Technologies 43   Chapter 4: Antivirus Software 45 4.1 Characteristics 45 4.2 The Care and Feeding of Antivirus Software 51 4.3 Is Antivirus Always Needed? 53 4.4 Analysis 57   Chapter 5: Firewalls and Intrusion Detection Systems 61 5.1 What Firewalls Don’t Do 61 5.2 A Theory of Firewalls 63 5.3 Intrusion Detection Systems 69 5.4 Intrusion Prevention Systems 71 5.5 Extrusion Detection 72 5.6 Analysis 76   Chapter 6: Cryptography and VPNs 81 6.1 Cryptography, the Wonder Drug 81 6.2 Key Distribution 84 6.3 Transport Encryption 85 6.4 Object Encryption 89 6.5 VPNs 92 6.6 Protocol, Algorithm, and Key Size Recommendations 97 6.7 Analysis 104   Chapter 7: Passwords and Authentication 107 7.1 Authentication Principles 107 7.2 Passwords 108 7.3 Storing Passwords: Users 115 7.4 Password Compromise 120 7.5 Forgotten Passwords 121 7.6 Biometrics 124 7.7 One-Time Passwords 128 7.8 Cryptographic Authentication 132 7.9 Tokens and Mobile Phones 134 7.10 Single-Sign-On and Federated Authentication 137 7.11 Storing Passwords: Servers 139 7.12 Analysis 143   Chapter 8: PKI: Public Key Infrastructures 149 8.1 What’s a Certificate? 149 8.2 PKI: Whom Do You Trust? 151 8.3 PKI versus PKI 155 8.4 Certificate Expiration and Revocation 160 8.5 Analysis 166   Chapter 9: Wireless Access 169 9.1 Wireless Insecurity Myths 169 9.2 Living Connected 175 9.3 Living Disconnected 178 9.4 Smart Phones, Tablets, Toys, and Mobile Phone Access 179 9.5 Analysis 180   Chapter 10: Clouds and Virtualization 185 10.1 Distribution and Isolation 185 10.2 Virtual Machines 186 10.3 Sandboxes 188 10.4 The Cloud 192 10.5 Security Architecture of Cloud Providers 193 10.6 Cloud Computing 194 10.7 Cloud Storage 195 10.8 Analysis 197   Part III: Secure Operations 203   Chapter 11: Building Secure Systems 205 11.1 Correct Coding 206 11.2 Design Issues 210 11.3 External Links 213 11.4 Trust Patterns 217 11.5 Legacy Systems 220 11.6 Structural Defenses 222 11.7 Security Evaluations 225   Chapter 12: Selecting Software 229 12.1 The Quality Problem 229 12.2 Selecting Software Wisely 233   Chapter 13: Keeping Software Up to Date 239 13.1 Holes and Patches 239 13.2 The Problem with Patches 242 13.3 How to Patch 243   Chapter 14: People 247 14.1 Employees, Training, and Education 248 14.2 Users 251 14.3 Social Engineering 253 14.4 Usability 256 14.5 The Human Element 263   Chapter 15: System Administration 267 15.1 Sysadmins: Your Most Important Security Resource 267 15.2 Steering the Right Path 269 15.3 System Administration Tools and Infrastructure 272 15.4 Outsourcing System Administration 275 15.5 The Dark Side Is Powerful 276   Chapter 16: Security Process 279 16.1 Planning 279 16.2 Security Policies 280 16.3 Logging and Reporting 283 16.4 Incident Response 287   Part IV: The Future 291   Chapter 17: Case Studies 293 17.1 A Small Medical Practice 293 17.2 An E-Commerce Site 295 17.3 A Cryptographic Weakness 298 17.4 The Internet of Things 301   Chapter 18: Doing Security Properly 309 18.1 Obsolescence 309 18.2 New Devices 310 18.3 New Threats 311 18.4 New Defenses 312 18.5 Thinking about Privacy 313 18.6 Putting It All Together 314   References 317 Index 355