Overview

• System Security Roadmap
• Welcome
• Overview
• Notes
• Security Infrastrucutre
• Security Infrastructure Investment
• Management Errors
• Security Mission Statement
• Security Awareness Training
• Security Support Personnel Duties
• Auditing
• Tools
• Targeted System Binaries And Directories
• Internet Attack Methods
• Incident Response
• Management-related Security Problems
• Software Installation Practices
• Authentication Practices
• Backup Practices
• Port Filtering Practices
• Auditing Practices
• Common Vulnerabilities
• Common Unix Vulnerabilities
• Common Windows Vulnerabilities
• Home-user Tips
• System Administrator Best Practices
• Low-cost Security Improvements
• Security Web Sites
• Security Books
• Cryptology
• Cryptology
• Algorithm Uses and Properties
• Algorithm Types
• Maintaining Confidentiality
• Transposition Ciphers
• Transposition Cryptanalysis
• Substitution Ciphers
• Polyalphabetic Ciphers
• Rotor Machines
• The Playfair Cipher
• SP Networks
• The Data Encryption Standard (DES)
• The Advanced Encryption Standard (AES)
• Operation Modes
• Electronic Code Book (ECB)
• Cipher Block Chaining (CBC)
• Output Feedback Mode (OFB)
• Hash Function Applications
• Asymmetric Ciphers
• The Diffie-Hellman Protocol
• Bibliography
• Access Control, Firewalls and VPNs
• Hardware-based Access Control
• Operating System Access Control
• Firewall Purpose
• Security Strategies
• Security by Obscurity
• Firewall Limitations
• Firewall Technologies
• Packet filtering
• Service Packet Filtering
• IP Packet Filtering
• Proxying
• Network Address Translation
• Firewall Architectures
• Incidents
• Maintenance
• VPN Architectures
• Tunneling
• Defence in Depth Example
• Bibliography
• Web Security, and Mobile Code
• Web Security Requirements
• User Privacy
• Malicious Applets
• The Java Sandbox Model
• ActiveX and Code Signing
• Javascript
• Cookies
• Protecting the Internet Explorer
• Protecting the Netscape Navigator
• User Authentication
• Application-layer Attacks
• Server Security and scripting
• State Variable Manipulation
• Cross-site Scripting
• Bibliography
• Software Security
• Principles for Software Security
• Buffer Overflows
• Unix Access Control
• Windows Access Control
• Race Conditions
• Randomness and Determinism
• Applying Cryptography
• Trust Management
• Password Authentication
• Database Security
• Application Security
• Bibliography

• PreviousSchedule
• Contents
• NextNotes

 Last change: Friday, November 5, 2004 2:51 pm
 Unless otherwise expressly stated, all original material on this page created by Diomidis Spinellis is licensed under a Creative Commons Attribution-Share Alike 3.0 Greece License.