安全之美
2010 年6月
东南大学出版社
Andy Oram,John Viega
281
无
|F ONE BELIEVES THAT NEWS HEADLINES REVEAL TRENDS, THESE ARE INTERESTING times forcomputer security buffs. As Beautiful Securitywent to press, I read that a piece of softwarecapable of turning on microphones and cameras and stealing data has been discovered on morethan 1,200 computers in 103 countries, particularly in embassies and other sensitivegovernment sites. On another front, a court upheld the right of U.S. investigators to look atphone and Internet records without a warrant (so long as one end of the conversation is outsidethe U.S.). And this week's routine vulnerabilities include a buffer overflow in Adobe Acrobatand Adobe Reader——with known current exploits——that lets attackers execute arbitrary codeon your system using your privileges after you open their PDF.Headlines are actually not good indicators of trends, because in the long run history is drivenby subtle evolutionary changes noticed only by a few——such as the leading security expertswho contributed to this book. The current directions taken by security threats as well asresponses can be discovered in these pages.All the alarming news items I mentioned in the first paragraph are just business as usual in thesecurity field. Yes, they are part of trends that should worry all of us, but we also need to lookat newer and less dramatic vulnerabilities. The contributors to this book have, for decades,been on the forefront of discovering weaknesses in our working habits and suggestingunconventional ways to deal with them.
尽管大多数人在他们个人或者公司的系统没有遭到攻击之前不会给予安全高度的重视,这本充满激辩的书籍依然表明了数字安全不仅仅是值得思考而已,它还是一个可以令人陶醉的话题。罪犯通过大量富有创造力的行为得以成功,防御方也需要付出同等的代价。 本书通过一些有着深刻见解的文章和分析探索了这样一个具有挑战性的主题,其内容包括: 个人信息的秘密机制:它如何工作,罪犯之间的关系,以及一些他们针对被掠食对象发起突袭时所使用的新方法 社交网络、云计算和其他流行趋势如何帮助和伤害我们的在线安全 衡量标准、需求收集、设计和法律如何能够把安全提升到一个更高的高度 PGP真实又少为人知的历史
编者:(美国)奥莱姆(Andy Oram) (美国)卫加(John Viega)
PREFACE1 PSYCHOLOGICAL SECURITY TRAPS by Peiter“Mudge”Zatko Learned Helplessness and NaTvet6 Confirmation Traps FunctionaI Fixation Summary2 WIRELESS NETWORKING:FERTILE GROUND FOR SOCIAL ENGINEERING byJim Stickle), Easy Money Wi reless Gone Wild Still.Wireless Is the Future3 BEAUTIFUL SECURITY METRICS byElizabeth A.Nichols Security Metrics by Analogy:Health Security Metrics by Example Summary4 THE UNDERGROUND ECONOMY OF SECURITY BREACHES by Chenxi Wang The Makeup and Infrastructure ofthe Cyber Underground The Payoff How Can We Combat This Growing Underg'round Economy? Summary5 BEAUTlFUL TRADE:RETHINKlNG E.COMMERCE SECURITY byEdBellis DeconslructIng Commerce Weak Amelioration Attempts E-Commerce Redone:A New Security Model The New ModeI6 SECURING ONLINE ADVERTISlNG:RUSTLERS AND SHERIFFS IN THE NEW WILD WEST by Benjamin Edelman Attacks on Users Advertisers As Vi Clims Creating Accountability in Online Advertising7 THE EVOLUTl0N OF PGP’S WEB OF TRUST byPhil Zimmermann andJon Callas PGP and OpenPGP Trust,Validity,and Authority PGP and C rypto History Enhancements to the Original Web of Trust Model Interesting A reas for Further Research References8 OPEN SOURCE HONEYCLIENT:PROACTIVE DETECTION OF CLIENT.SIDE EXPLOITS byKathywang Enter Honeyclients Introducing the World’S Fi rst Open Source Honeyclient Second-Generation Honeyclients Honeyclient OperationaI Results Analysis of Exploits Limitations ofthe Current Honeyclient Implementation Related Work The Future of Honeyclients9 TOMORROW’S SECURITY COGS AND LEVERS byMark Curphey Cloud Computing and Web Services:The Single Machine Is Here ConnectimJ People,Process,and Technology:The Potential for Business Process Management Social Networkin9:When People Start Communicatin9,Big Things Change Information Security Economics:Supercrunching andthe New Rules oftheGrid Platforms ofthe Lon9·Tail Variety:Why the Future Will Be Different for Us All Conclusion Acknowledgmenls10 SECURITY BY DESIGN byJohn McManus Metrics with No Meaning Time to Market or Time to Quality? How a Di sciplined System Development Lifecycle Can Help Conclusion:Beautiful Security Is an Attribute of Beautiful Systems11 FORClNG FIRMS TO FOCUS:IS SECURE SOFTWARE IN YOUR FUTURE? byJim Routh Implicit Requi remenls Can StilI Be Powerful How One Firm Came to Demand Secure Software Enforcing Security in Off—the—ShelfSoftware Analysis:How to Make the World’S Software More Secure12 0H N0,HERE COME THE INFOSECURITY LAWYERS! byRandyv.Sabett Culture Balance Communication Doing the Right Thing13 BEAUTIFUL LOG HANDLING byAnton Chuuakin Logs in Security Laws and Standards Focus on Logs When Logs Are Invaluable Challenges with Logs Case Study:Behind a Trashed Server Future Logging Conclusions14 INCIDENT DETECTION:FINDING THE OTHER 68% by Grant Geyer and Brian Dunphy A Common Starting Point Improving Detection with Context Improving Perspective with Host Logging Summary15 DOING REAL WORK WITHOUT REAL DATA by Peter Wayner How Data Translucency Works A Real.Life Example PersonaI Data Stored As a Convenience Trade—offs Going Deeper References16 CASTING SPELLS:PC SECURITY THEATER by Michael Wood and Fernando Francisco Growing Attacks.Defenses in Retreat The lIlusion Revealed Better Practices for Desktop Security Conclusion CONTRIBUTORS INDEX
插图:In a flat world, workforces are decentralized. Instead of being physically connected in officesor factories as in the industrial revolution, teams are combined onto projects, and in manycases individuals combined into teams, over the Internet.Many security principles are based on the notion of a physical office or a physical or logicalnetwork. Some technologies (such as popular file-sharing protocols such as Common InternetFile System [CIFS] and LAN-based synchronization protocols such as Address ResolutionProtocol [ARP]) take this local environment for granted. But those foundations becomeirrelevant as tasks, messages, and data travel a mesh of loosely coupled nodes.The effect is similar to the effects of global commerce, which takes away the advantage ofrenting storefront property on your town's busy Main Street or opening a bank office near abusy seaport or railway station. Tasks are routed by sophisticated business rules engines thatdetermine whether a call center message should be routed to India or China, or whether thecheapest supplier for a particular good has the inventory in stock.BPM software changes the very composition of supply chains, providing the ability todynamically reconfigure a supply chain based on dynamic business conditions. Businesstransactions take place across many companies under conditions ranging from microsecondsto many years. Business processes are commonly dehydrated and rehydrated as technologiesevolve to automatically discover new services. The complexity and impact of this way ofworking will only increase.
“这一系列富有思想性的文章使读者可以超越对于耀眼的安全技术的恐惧、不确定和怀疑,从而能够感受到那些需要立即处理的安全问题的更多微妙之美。《安全之美》展示了安全的阴阳两面,以及壮观的破坏力和灿烂的创造力之间基础性的张力。” ——Gary McGraw,Cigital的CTO,《Software Security》和其他九本书的作者
无