Thinking Security: Stopping Next Year's Hackers

If you’re a security or network professional, you already know the “do’s and don’ts”: run AV software and firewalls, lock down your systems, use encryption, watch network traffic, follow best practices, hire expensive consultants... but it isn’t working. You’re at greater risk than ever, and even the world’s most security-focused organizations are being victimized by massive attacks.

In Thinking Security, author Steven M. Bellovin provides a new way to think about security. As one of the world’s most respected security experts, Bellovin helps you gain new clarity about what you’re doing and why you’re doing it. He helps you understand security as a systems problem, including the role of the all-important human element, and shows you how to match your countermeasures to actual threats. You’ll learn how to move beyond last year’s checklists at a time when technology is changing so rapidly.

You’ll also understand how to design security architectures that don’t just prevent attacks wherever possible, but also deal with the consequences of failures. And, within the context of your coherent architecture, you’ll learn how to decide when to invest in a new security product and when not to.

Bellovin, co-author of the best-selling Firewalls and Internet Security, caught his first hackers in 1971. Drawing on his deep experience, he shares actionable, up-to-date guidance on issues ranging from SSO and federated authentication to BYOD, virtualization, and cloud security.

Perfect security is impossible. Nevertheless, it’s possible to build and operate security systems far more effectively. Thinking Security will help you do just that.

 

Table of Contents

 

Preface xi

Part I: Defining the Problem 1

Chapter 1: Introduction 3

1. 1 Changes 3

1. 2 Adapting to Change 5

1. 3 Security Analysis 9

1. 4 A Few Words on Terminology 12

Chapter 2: Thinking About Security 15

2. 1 The Security Mindset 15

2. 2 Know Your Goals 17

2. 3 Security as a Systems Problem 21

2. 4 Thinking Like the Enemy 25

Chapter 3: Threat Models 31

3. 1 Who’s Your Enemy? 31

3. 2 Classes of Attackers 34

3. 3 Advanced Persistent Threats 36

3. 4 What’s at Risk? 40

3. 5 The Legacy Problem 42

Part II: Technologies 43

Chapter 4: Antivirus Software 45

4. 1 Characteristics 45

4. 2 The Care and Feeding of Antivirus Software 51

4. 3 Is Antivirus Always Needed? 53

4. 4 Analysis 57

Chapter 5: Firewalls and Intrusion Detection Systems 61

5. 1 What Firewalls Don’t Do 61

5. 2 A Theory of Firewalls 63

5. 3 Intrusion Detection Systems 69

5. 4 Intrusion Prevention Systems 71

5. 5 Extrusion Detection 72

5. 6 Analysis 76

Chapter 6: Cryptography and VPNs 81

6. 1 Cryptography, the Wonder Drug 81

6. 2 Key Distribution 84

6. 3 Transport Encryption 85

6. 4 Object Encryption 89

6. 5 VPNs 92

6. 6 Protocol, Algorithm, and Key Size Recommendations 97

6. 7 Analysis 104

Chapter 7: Passwords and Authentication 107

7. 1 Authentication Principles 107

7. 2 Passwords 108

7. 3 Storing Passwords: Users 115

7. 4 Password Compromise 120

7. 5 Forgotten Passwords 121

7. 6 Biometrics 124

7. 7 One-Time Passwords 128

7. 8 Cryptographic Authentication 132

7. 9 Tokens and Mobile Phones 134

7. 10 Single-Sign-On and Federated Authentication 137

7. 11 Storing Passwords: Servers 139

7. 12 Analysis 143

Chapter 8: PKI: Public Key Infrastructures 149

8. 1 What’s a Certificate? 149

8. 2 PKI: Whom Do You Trust? 151

8. 3 PKI versus PKI 155

8. 4 Certificate Expiration and Revocation 160

8. 5 Analysis 166

Chapter 9: Wireless Access 169

9. 1 Wireless Insecurity Myths 169

9. 2 Living Connected 175

9. 3 Living Disconnected 178

9. 4 Smart Phones, Tablets, Toys, and Mobile Phone Access 179

9. 5 Analysis 180

Chapter 10: Clouds and Virtualization 185

10. 1 Distribution and Isolation 185

10. 2 Virtual Machines 186

10. 3 Sandboxes 188

10. 4 The Cloud 192

10. 5 Security Architecture of Cloud Providers 193

10. 6 Cloud Computing 194

10. 7 Cloud Storage 195

10. 8 Analysis 197

Part III: Secure Operations 203

Chapter 11: Building Secure Systems 205

11. 1 Correct Coding 206

11. 2 Design Issues 210

11. 3 External Links 213

11. 4 Trust Patterns 217

11. 5 Legacy Systems 220

11. 6 Structural Defenses 222

11. 7 Security Evaluations 225

Chapter 12: Selecting Software 229

12. 1 The Quality Problem 229

12. 2 Selecting Software Wisely 233

Chapter 13: Keeping Software Up to Date 239

13. 1 Holes and Patches 239

13. 2 The Problem with Patches 242

13. 3 How to Patch 243

Chapter 14: People 247

14. 1 Employees, Training, and Education 248

14. 2 Users 251

14. 3 Social Engineering 253

14. 4 Usability 256

14. 5 The Human Element 263

Chapter 15: System Administration 267

15. 1 Sysadmins: Your Most Important Security Resource 267

15. 2 Steering the Right Path 269

15. 3 System Administration Tools and Infrastructure 272

15. 4 Outsourcing System Administration 275

15. 5 The Dark Side Is Powerful 276

Chapter 16: Security Process 279

16. 1 Planning 279

16. 2 Security Policies 280

16. 3 Logging and Reporting 283

16. 4 Incident Response 287

Part IV: The Future 291

Chapter 17: Case Studies 293

17. 1 A Small Medical Practice 293

17. 2 An E-Commerce Site 295

17. 3 A Cryptographic Weakness 298

17. 4 The Internet of Things 301

Chapter 18: Doing Security Properly 309

18. 1 Obsolescence 309

18. 2 New Devices 310

18. 3 New Threats 311

18. 4 New Defenses 312

18. 5 Thinking about Privacy 313

18. 6 Putting It All Together 314

References 317

Index 355