| |
| |
| |
The Pattern Approach | |
| |
| |
Patterns at a Glance | |
| |
| |
No Pattern is an Island | |
| |
| |
Patterns Everywhere | |
| |
| |
Humans are the Target | |
| |
| |
Patterns Resolve Problems and Shape Environments | |
| |
| |
Towards Pattern Languages | |
| |
| |
Documenting Patterns | |
| |
| |
A Brief Note on The History of Patterns | |
| |
| |
The Pattern Community and its Culture | |
| |
| |
| |
Security Foundations | |
| |
| |
Overview | |
| |
| |
Security Taxonomy | |
| |
| |
General Security Resources | |
| |
| |
| |
Security Patterns | |
| |
| |
The History of Security Patterns | |
| |
| |
Characteristics of Security Patterns | |
| |
| |
Why Security Patterns? | |
| |
| |
Sources for Security Pattern Mining | |
| |
| |
| |
Patterns Scope and Enterprise Security | |
| |
| |
The Scope of Patterns in the Book | |
| |
| |
Organization Factors | |
| |
| |
Resulting Organization | |
| |
| |
Mapping to the Taxonomy | |
| |
| |
Organization in the Context of an Enterprise Framework | |
| |
| |
| |
The Security Pattern Landscape | |
| |
| |
Enterprise Security and Risk Management Patterns | |
| |
| |
Identification & Authentication (I&A) Patterns | |
| |
| |
Access Control Model Patterns | |
| |
| |
System Access Control Architecture Patterns | |
| |
| |
Operating System Access Control Patterns | |
| |
| |
Accounting Patterns | |
| |
| |
Firewall Architecture Patterns | |
| |
| |
Secure Internet Applications Patterns | |
| |
| |
Cryptographic Key Management Patterns | |
| |
| |
Related Security Pattern Repositories Patterns | |
| |
| |
| |
Enterprise Security and Risk Management | |
| |
| |
Security Needs Identification for Enterprise Assets | |
| |
| |
Asset Valuation | |
| |
| |
Threat Assessment | |
| |
| |
Vulnerability Assessment | |
| |
| |
Risk Determination | |
| |
| |
Enterprise Security Approaches | |
| |
| |
Enterprise Security Services | |
| |
| |
Enterprise Partner Communication | |
| |
| |
| |
Identification and Authentication (I&A) | |
| |
| |
I&A Requirements | |
| |
| |
Automated I&A Design Alternatives | |
| |
| |
Password Design and Use | |
| |
| |
Biometrics Design Alternatives | |
| |
| |
| |
Access Control Models | |
| |
| |
Authorization | |
| |
| |
Role-Based Access Control | |
| |
| |
Multilevel Security | |
| |
| |
Reference Monitor | |
| |
| |
Role Rights Definition | |
| |
| |
| |
System Access Control Architecture | |
| |
| |
Access Control Requirements | |
| |
| |
Single Access Point | |
| |
| |
Check Point | |
| |
| |
Security Session | |
| |
| |
Full Access with Errors | |
| |
| |
Limited Access | |
| |
| |
| |
Operating System Access Control | |
| |
| |
Authenticator | |
| |
| |
Controlled Process Creator | |
| |
| |
Controlled Object Factory | |
| |
| |
Controlled Object Monitor | |
| |
| |
Controlled Virtual Address Space | |
| |
| |
Execution Domain | |
| |
| |
Controlled Execution Environment | |
| |
| |
File Authorization | |
| |
| |
| |
Accounting | |
| |
| |
Security Accounting Requirements | |
| |
| |
Audit Requirements | |
| |
| |
Audit Trails and Logging Requirements | |
| |
| |
Intrusion Detection Requirements | |
| |
| |
Non-Repudiation Requirements | |
| |
| |
| |
Firewall Architectures | |
| |
| |
Packet Filter Firewall | |
| |
| |
Proxy-Based Firewall | |
| |
| |
Stateful Firewall | |
| |
| |
| |
Secure Internet Applications | |
| |
| |
Information Obscurity | |
| |
| |
Secure Channels | |
| |
| |
Known Partners | |
| |
| |
Demilitarized Zone | |
| |
| |
Protection Reverse Proxy | |
| |
| |
Integration Reverse Proxy | |
| |
| |
Front Door | |
| |
| |
| |
Case Study: IP Telephony | |
| |
| |
IP Telephony at a Glance | |
| |
| |
The Fundamentals of IP Telephony | |
| |
| |
Vulnerabilities of IP Telephony Components | |
| |
| |
IP Telephony Use Cases | |
| |
| |
Securing IP telephony with patterns | |
| |
| |
Applying Individual Security Patterns | |
| |
| |
Conclusion | |
| |
| |
| |
Supplementary Concepts | |
| |
| |
Security Principles and Security Patterns | |
| |
| |
Enhancing Security Patterns with Misuse Cases | |
| |
| |
| |
Closing Remarks | |
| |
| |
References | |
| |
| |
Index | |