Đang chuẩn bị liên kết để tải về tài liệu:
Federal Information Processing Standards Publication 191

The report is outlined as follows. In chapter 2, we give an overview of, and a background to, Cryptography, Public Key Infrastructure (PKI), DNS and Secure Messaging, which is used throughout this report. In chapter 3 we demonstrate our implementation of a secure mail application and of a certificate publishing application. In chapter 4 we compare LDAP and DNS for certificate locating and retrieval purposes. In chapter 5 we discuss privacy threats due to Secure DNS and present a possible remedy. In the final chapter we present our conclusions and suggest topics for further investigations | FIPS PUB 191 Federal Information Processing Standards Publication 191 November 9 1994 Specifications for Guideline for The Analysis Local Area Network Security Contents 1 INTRODUCTION . 5 1.1 Why LAN Security is Important . 5 1.2 Purpose . 5 1.3 Overview of Document. 6 1.4 LAN Definition . 6 1.4.1 Distributed File Storing. 6 1.4.2 Remote Computing . 7 1.4.3 Messaging. 7 1.5 The LAN Security Problem. 7 1.5.1 Distributed File Storing - Concerns . 7 1.5.2 Remote Computing - Concerns. 8 1.5.3 Topologies and Protocols - Concerns . 8 1.5.4 Messaging Services - Concerns. 8 1.5.5 Other LAN Security Concerns. 8 1.6 Goals of LAN Security . 9 2 THREATS VULNERABILITIES SERVICES MECHANISMS . . 10 2.1 Threats and Vulnerabilities . 10 2.1.1 Unauthorized LAN Access . 11 2.1.2 Inappropriate Access to LAN Resources . 12 2.1.3 Disclosure of Data . 13 2.1.4 Unauthorized Modification of Data and Software . 13 2.1.5 Disclosure of LAN Traffic . 14 2.1.6 Spoofing of LAN Traffic . 14 2.1.7 Disruption of LAN Functions. 15 2.2 Security Services and Mechanisms. 16 2.2.1 Identification and Authentication. 17 2.2.2 Access Control. 19 2.2.3 Data and Message Confidentiality . 21 3 FIPS PUB 191 2.2.4 Data and Message Integrity . 22 2.2.5 Non-repudiation. 24 2.2.6 Logging and Monitoring . 24 3 RISK MANAGEMENT . 26 3.1 Current Approaches . 26 3.2 Participants. 28 3.3 Elements of Risk Management . 29 3.4 Risk Assessment. 30 3.4.1 Process 1 - Define the Scope and Boundary and Methodology . . 30 3.4.2 Process 2 -Identify and Value Assets. 31 3.4.3 Process 3 - Identify Threats and Determine Likelihood. 32 3.4.4 Process 4 - Measure Risk. 34 3.5 Risk Mitigation . 35 3.5.1 Process 5 - Select Appropriate Safeguards . 35 3.5.2 Process 6 - Implement And Test Safeguards. 37 3.5.3 Process 7 - Accept Residual Risk . 38 Appendix A - LAN Security Policy. 39 Appendix B - Personal Computer Considerations . 48 Appendix C - Contingency Planning for LANs . 49 Appendix D - Training and Awareness . 50 References. 52 .