I X Table of Contents XII 340

Invitation to Cybersecurity

Chapter 6 6. The Skill of Cybersecurity: Adversarial Thinking ��123 6.1 Adversarial Thinking Defined ��125 6.2 Game Theory ��129 6.2.1 Real Life Through the Lens of Game Theory �� 133 6.2.2 Game Theory Summary �� 136 6.3 Behavioral Game Theory ��137 6.3.1 Level-k Reasoning in Security Games �� 140 6.3.2 Behavioral Game Theory Summary �� 143 6.4 Conclusion ��143 Chapter 7 7. The Bedrock of Cybersecurity: Cryptography ��145 7.1 Classic Cryptography ��146 7.1.1 Letter Substitution: Ciphers �� 146 7.1.2 Word Substitution: Codebooks �� 154 7.1.3 Letter and Word Transposition �� 155 7.1.4 Combinations �� 156 7.2 Computer Cryptography ��157 7.2.1 Symmetric Key Cryptography �� 158 7.2.2 Public Key Cryptography �� 165 7.2.3 Cryptographic Hashing ��170 7.3 Steganography ��177 7.4 Principles of Cryptography ��181 7.4.1 Kerckhoffs’s Principle ��181 7.4.2 Schneier’s Law �� 182 7.4.3 Simplicity and Security. . . . . . . ....... �� 183 7.5 Conclusion ��184 Chapter 8 8. The Means of Cybersecurity: Access Control ��185 8.1 Authentication ��185 8.1.1 Something You Know �� 188 8.1.2 Something You Are ��191 8.1.3 Something You Have �� 195 8.1.4 Multi-factor Authentication �� 198 8.1.5 Network-based Authentication �� 199 8.1.6 Authentication on the Web �� 200 8.2 Authorization ��202 8.2.1 Operating Systems ��202 8.2.2 Multi-level Security �� 206 8.2.3 Authorization in Applications �� 208 8.2.4 Firewalls �� 209

Made with FlippingBook

RkJQdWJsaXNoZXIy MTM4ODY=