shopify visitor statistics

All my books and other Pearson books available via this Web site at a greater discount than online bookstores. Go to discount book purchase.

www_iconUseful Web Sites and Documents
orangeball Computer Science Student Resource Site: Help and advice for the long-suffering, overworked student.
orangeball Errata sheet: Latest list of errors, updated at most monthly. So far, no errors reported. If you spot any errors, please contact me at Email.
orangeball Video slide presentation: These videos provide a chapter-by-chapter presentation of the material in the textbook, developed by Teacher and Researcher Todd Booth. The site is still under construction with new chapters being added. Recommended. new3
orangeball Introduction to Cryptography: Provides a Web-based introduction to cryptography for non-CS majors. Although elementary, it provides a useful feel for some key concepts. Originally appeared in the on-line Journal on Educational Resources in Computing, September 2002.
orangeball Security Cartoon: A cartoon-based approach aimed at improving the understanding of security risk among typical Internet users.

Chapter 1 - Overview

orangeball IETF Security Area: Provides up-to-date information on Internet security standardization efforts.
orangeball Tom Dunigan's Security Page: An excellent list of pointers to cryptography and network security web sites.
orangeball Helger Lipmaa's Cryptology Pointers: Another excellent list of pointers to cryptography and network security web sites.
orangeball IEEE Technical Committee on Security and Privacy: Home of the electronic newsletter Cipher, which provides book reviews, new crypto and security links, and links to reports and papers available online.
orangeball Computer Security Resource Center: Maintained by NIST; contains a broad range of information on security threats, technology, and standards.
orangeball European Network and Information Security Agency A source of expertise on security issues for the EU. Includes an excellent set of technical reports, plus numerous other documents and links.
orangeball Computer and Network Security Reference Index: A good index to vendor and commercial products, FAQs, newsgroup archives, papers, and other Web sites.
orangeball Security Focus: A wide variety of security information, with an emphasis on vendor products and end-user concerns. Maintains the Bugtraq, a mailing list for the detailed discussion and announcement of computer security vulnerabilities.
orangeball SANS Institute: Similar to Security Focus. Extensive collection of white papers. Maintains Internet Storm Center, which provides a warning service to Internet users and organizations concerning security threats.
orangeball Center for Internet Security: Provides freeware benchmark and scoring tools for evaluating security of operating systems, network devices, and applications. Includes case studies and technical papers.
orangeball Institute for Security and Open Methodologies: An open, collaborative security research community. Lots of interesting information.
orangeball Freefire Project: Provides freeware benchmark and scoring tools for evaluating security of operating systems, network devices, and applications. Includes case studies and technical papers.

Chapter 2 - Symmetric Encryption and Message Confidentiality

orangeball NIST Block Ciphers: NIST documents on AES and DES.
orangeball AES Lounge: Contains a comprehensive bibliography of documents and papers on AES, with access to electronic copies.
orangeball A Stick Figure Guide to AES A fun but worthwhile explanation.
orangeball Stan Trenholme’s AES Page A series of articles which describe various aspects of AES, including annotated C code.new3
orangeball Block Cipher Modes of Operation: NIST page with full information on NIST-approved modes of operation.

Chapter 3 - Public-Key Cryptography and Message Authentication

page22-orangeball RSA Laboratories: The research center of RSA Security, Inc., it offers an extensive collection of technical material on RSA and other topics in cryptography.
orangeball NIST Secure Hashing Page: SHA FIPS and related documents.
orangeball Digital Signatures: NIST page with information on NIST-approved digital signature options.

Chapter 4 - Key Distribution and User Authentication

orangeball MIT Kerberos Site: Information about Kerberos, including the FAQ, papers and documents, and pointers to commercial product sites.
orangeball MIT Kerberos Consortium: Created to establish Kerberos as the universal authentication platform for the world's computer networks.
orangeball USC/ISI Kerberos Page: Another good source of Kerberos material.
orangeball Kerberos Working Group: IETF group developing standards for Kerberos.
orangeball Public-Key Infrastructure Working Group: IETF group developing standards based on X.509v3.
orangeball NIST PKI Program: Good source of information.
orangeball Verisign: A leading commercial vendor of X.509-related products; white papers and other worthwhile material at this site.
orangeball NIST Trusted Identities Group: Documents related to user authentication and password usage.new3

Chapter 5 - Network Access Control and Cloud Security

orangeball NIST CLoud Computing Program:Useful information, links, and documents.
orangeball Extensible Authentication Protocol (EAP) Working Group: IETF working group responsible for EAP and related issues.

Chapter 6 - Transport-Level Security

orangeball IETF TLS Page: Latest RFCs and internet drafts for TLS.
orangeball OpenSSL Project: Project to develop open-source SSL and TLS software. Site includes documents, links, and software.

Chapter 7 - Wireless Network Security

orangeball Wi-Fi Alliance: An industry group promoting the interoperabiltiy of 802.11 products with each other and with Ethernet.
orangeball IEEE 802.11 Wireless LAN Working Group: Contains working group documents plus discussion archives.
orangeball Extensible Authentication Protocol (EAP) Working Group: IETF working group responsible for EAP and related issues.
orangeball Open Mobile Alliance: Consolidation of the WAP Forum and the Open Mobile Architecture Initiative. Provides WAP technical specifications and industry links.

Chapter 8 - Electronic Mail Security

orangeball Symantec PGP Page: PGP Web site of Symantec, the leading PGP commercial vendor.
orangeball International PGP Home Page: Designed to promote worldwide use of PGP. Contains documents and links of interest.
orangeball S/MIME Charter: Latest RFCs and internet drafts for S/MIME.
orangeball DKIM Website hosted by Mutual Internet Practices Association, this site contains a wide range of documents and information related to DKIM.
orangeball DKIM Charter: Latest RFCs and internet drafts for DKIM.

Chapter 9 - IP Security

orangeball NIST IPsec Project: Contains papers, presentations, and reference implementations.
orangeball IPsec Maintenance and Extensions Charter: Latest RFCs and internet drafts for IPsec.

Chapter 10 - Malicious Software

orangeball Vmyths: Dedicated to exposing virus hoaxes and dispelling misconceptions about real viruses.
orangeball SecureList: Site maintained by commercial antivirus software provider. Good collection of useful information on viruses, hackers, and spam.
orangeball DDoS Attacks/Tools: Extensive list of links and documents.

Chapter 11 - Intruders

orangeball Open Security Foundation: Runs the DataLossDB project, which compiles a wide variety of statistics, charts, graphs, and incident report.new3
orangeball CERT Coordination Center: The organization that grew from the computer emergency response team formed by the Defense Advanced Research Projects Agency. Site provides good information on Internet security threats, vulnerabilities, and attack statistics.
orangeball Packet Storm: Resource of up-to-date and historical security tools, exploits, and advisories.
orangeball Honeynet Project: A research project studying the techniques of predatory hackers and developing honeypot products
orangeball Honeypots: A good collection of research papers and technical articles.

Chapter 12 - Firewalls

orangeball Numerous links to firewall references and software resources.

Chapter 12 - Network Management Security

orangeballSNMPv3 Web Site: Maintained by the Technical University of Braunschweig. It provides links to the RFCs and internet drafts, copies of clarifications and proposed changes posted by the working group, and links to vendors with SNMPv3 implementations.
orangeballSimple Web Site: Maintained by the University of Twente. It is a good source of information on SNMP, including pointers to many public-domain implementations and lists of books and articles.

Chapter 14 - Legal and Ethical Aspects

orangeball Criminal Justice Resources: CyberCrime: Excellent collection of links maintained by Michigan State University.
orangeball International High Technology Crime Investigation Association: A collaborative effort of law enforcement and the private sector. Contains useful set of links and other resources.
orangeball Computer Ethics Institute: Includes documents, case studies, and links.