Table of Contents

Introduction, Stig F. Mjolsnes
Motivation
What Is Information Security?
Some Basic Concepts
A Synopsis of the Topics
Further Reading and Web Sites

Security Electronics, E.J. Aas and P.G. Kjeldsberg
Introduction
Examples of Security Electronics
Side Channel Attacks
Summary
Further Reading and Web Sites

Public Key Cryptography, S.O. Smalo
Introduction
Hash Functions and One Time Pads
Public Key Cryptography
RSA-Public Key Cryptography
RSA-Public Key Cryptography with Signature
Problem with Signatures
Receipt
Secret Sharing Based on Discrete Logarithm Problems
Further Reading

Cryptographic Hash Functions, D. Gligoroski
Introduction
Definition for Cryptographic Hash Function
Iterated Hash Functions
Most Popular Cryptographic Hash Function
Application of Cryptographic Hash Function
Further Reading and Web Sites

Quantum Cryptography, Dag Roar Hjelme, Lars Lydersen, and Vadim Makarov
Introduction
Quantum Bit
Quantum Copying
Quantum Key Distribution
Practical Quantum Cryptography
Technology
Applications
Summary
Further Reading and Web Sites

Cryptographic Protocols, Stig F. Mjolsnes
The Origins
Information Policies
Some Concepts
Protocol Failures
Heuristics
Tools for Automated Security Analysis
Further Reading and Web Sites

Public Key Distribution, Stig F. Mjolsnes
The Public Key Distribution Problem
Authenticity and Validity of Public Keys
The Notion of Public Key Certificates
Revocation
Public Key Infrastructure
Identity-Based Public Key
Further Reading and Web Sites

Wireless Network Access, Stig F. Mjolsnes and Martin Eian
Introduction
Wireless Local Area Networks
The 802.11 Security Mechanisms
Wired Equivalent Privacy
RSN with CCMP
Assumptions and Vulnerabilities
Summary
Further Reading and Web Sites

Mobile Security, Jan Audestad
The GSM Security
3G Architecture
Extent of Protection
Security Functions in the Authentication Center
Security Functions in the SGSN/RNC
Security Functions in the Mobile Terminal (USIM)
Encryption and Integrity
Anonymity
Example: Anonymous Roaming in a Mobile Network
Using GSM/3G Terminals as Authentication Tokens
Further Reading

A Lightweight Approach to Secure Software Engineering, Martin Gilje Jaatun, Jostein Jensen, Per Hakon Meland, and Inger Anne Tondel
Introduction
Asset Identification
Security Requirements
Secure Software Design
Testing for Software Security
Summary
Further Reading and Web Sites

ICT Security Evaluation, S.J. Knapskog
Introduction
ISO/IEC 15408, Part 1/3 Evaluation Criteria for IT Security (CC)
Definition of Assurance
Building Confidence in the Evaluation Process
Organizing the Requirements in the CC
Assurance Elements
Functional Classes
Protection Profiles (PPs)
PP Registries
Definition of a Security Target (ST)
Evaluation of a ST
Evaluation Schemes
Evaluation Methodology
Conclusion

ICT and Forensic Science, Stig F. Mjolsnes and Svein Y. Willassen
ICT and Forensic Science
The Crime Scene
Forensic Science
Evidence
The Digital Investigation Process
Digital Evidence Extraction
Digital Evidence Analysis Techniques
Anti-Forensics
Further Reading and Web Sites

Risk Assessment, Stein Haugen
Risk Assessment in the Risk Management Process
Terminology
Main Elements of the Risk Assessment Process
Summary
Further Reading and Web Sites

Information Security Management-From Regulations to End-Users, Eirik Albrechtsen and Jan Hovden
A Risk Governance Framework Applied to Information Security
Regulations and Control
Information Security Management

Index

A Bibliography appears at the end of each chapter.

About the Author

Stig F. Mjolsnes is a professor in the Department of Telematics at the Norwegian University of Science and Technology. His research focuses on the development and application of cryptographic protocols and security models.