Explains what cryptography can and can't do in achieving digital security
Comments by the Author
I started writing this book in 1997; it was originally due to the publisher by April 1998. I eventually delivered it in April 2000, two years late. I have never before missed a publication deadline: books,articles, or essays. I pride myself on timeliness: A piece of writing is finished when it's due, not when it's done.
This book was different. I got two-thirds of the way through the book without giving the reader any hope at all. And it was about then I realized that I didn't have the hope to give. I had reached the limitations of what I thought security technology could do. I had to hide the manuscript away for over a year; it was too depressing to work on.
I came to security from cryptography, and framed the problem with classical
cryptography thinking. Most writings about security come from this perspective, and it can be summed up pretty easily: Security threats are to be avoided using preventive countermeasures.
For decades we have used this approach to computer security. We draw boxes around the different players and lines between them. We define different attackers -- eavesdroppers, impersonators, thieves -- and their capabilities. We use preventive countermeasures like
encryption and access control to avoid different threats. If we can avoid the threats, we've won. If we can't, we've lost.
Imagine my surprise when I learned that the world doesn't work this way.
I had my epiphany in April 1999: that security was about risk management, that detection and response were just as important as prevention, and that reducing the "window of exposure" for an enterprise is security's real purpose. I was finally able to finish the book: offer solutions to the problems I posed, a way out of the darkness, hope for the future of computer security.
"Secrets and Lies" discusses computer security in this context, in words that a business audience will understand. It explains, in my typical style, how different security technologies work and how they fail. It discusses the process of security: what the threats are, who the attackers are, and how to live in their world.
It'll change the way you think about computer security. I'm very proud of it...
Table Of Contents:
THE LANDSCAPE
Digital Threats
Attacks
Adversaries
Security Needs
TECHNOLOGIES
Cryptography
Cryptography in Context
Computer Security
Identification and Authentication
Networked-Computer Security
Network Security
Network Defenses
Software Reliability
Secure Hardware
Certificates and Credentials
Security Tricks
The Human Factor.
STRATEGIES
Vulnerabilities and the Vulnerability Landscape
Threat Modeling and Risk Assessment
Security Policies and Countermeasures
Attack Trees
Product Testing and Verification
The Future of Products
Security Processes
Conclusion
Afterword
Resources
Index
Annotation:
In this straightforward how-to manual, an encryption expert outlines how to protect computer networks from internal and external threats.
