cryptography
Cryptography
Access Control Techniques
► Biometrics
o Biometrics Research: biometrics.cse.msu.edu
o The Biometric Digest: www.biodigest.com
o National Biometric Test Center: www.engr.sjsu.edu/biometrics
► Password Authentication
o RSA Secure ID: www.rsasecurity.com/products/securid
o Token Based Authentication: www.networkcomputing.com/1018/1018f1.html
► Single Sign-On:
o The Open Group: “Single Sign-On”: www.opengroup.org/security/sso
o Kerberos Papers and Documentation: www.mit.edu/afs/athena.mit.edu/astaff/project/kerberos/www/papers.html
► Authentication, Authorization and Accounting Charter: http://www.ietf.org/internet-drafts/draft-ietf-idwg-beep-idxp-07.txt
► Intrusion Detection
o www.robertgraham.com/pubs/network-intrusion-detection.html
o http://event.on24.com/eventRegistration/eventRegistrationServlet
o www.sans.org/resources/idafaq
Security Models and Architecture
► Computer Architecture
o How RAM works : www.howstuffworks.com/ram.htm
o http://www.softpanorama.org/Security/intrusion_detection.shtml
o The Reference Monitor Concept: citeseer.nj.nec.com/299300.html
► Security Models
o Access Control Policies and Mechanisms: www.cs.cornell.edu/html/cs513-sp99/NL03.html
o Models of OS Protection: all.net/books/ip/Chap3-3.html
o Computer Security Models: http://en.wikipedia.org/wiki/Security_Architecture_and_Models
► Security Modes Of Operation
o Personal Computer Security: http://www.cert.org/tech_tips/home_networks.html
o Defense Security Service, NISPOM Chapter 8: http://www.dss.mil/isec/
► Systems Evaluation Methods
o Trusted Computing System Evaluation Criteria: www.boran.com/security/tcsec.html
o Trusted Computer Systems: williamstallings.com/Extras/Security-Notes/lectures/trusted.html
o Rainbow Series: csrc.ncsl.nist.gov/secpubs/rainbow
o ITSEC: www.iwar.org.uk/comsec/resources/standards/itsec.htm
o Common Criteria:csrc.nist.gov/cc
Physical Security
► Physical Security
o Internet/Network Security: ntsecurity.about.com/library/weekly/aa020501a.htm
o Locks, Safes, and Security: security.org/dial-80/links.htm
o FIPS Publication Series: www.itl.nist.gov/fipspubs/0-toc.htm
Telecommunications and Networking Security
► Protocols
o Directory.google.com/Top/Computers/Internet/Protocols
► Networking
o IEEE Standards Working Groups: grouper.ieee.org/groups
o www.lantronix.com/learning/wp/index.html
o IEEE LAN/MAN standards Committee: grouper.ieee.org/groups/802
o Fast Ethernet Consortium: www.iol.unh.edu/consortiums/fe
o http://www.ethermanage.com/ethernet/ethernet.html
o www.techfest.com/networking/lan/token.htm
o Media Access Methods: www.frick-cpa.com/netess/Net_MAC.asp
o Address Resolution Protocol (ARP): www.erg.abdn.ac.uk/users/gorry/course/inet-pages/arp.html
o Routing: www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/routing.htm
► Network Operating Systems
o Compnetworking.about.com/compute/compnetworking/cs/networknos
o NOS Research Center: www.nwfusion.com/netresources/nos.html
► Network Safety
o Network Safety: www.networksafety.com
o NAT: www.tcpipprimer.com/nat.cfm
o NAT Basics: www.homenethelp.com/web/explain/about-NAT.asp
o www.iec.org/online/tutorials
o Wide Area Networks: www.techfest.com/networking/wan.htm
► WAN Technologies
o Frame Relay Forum: www.frforum.com
o www.alliancedatacom.com/framerelay.asp
o The ATM Forum: www.atmforum.com
o Cable Modem Info: www.cablemodeminfo.com
o Remote Access: www.microsoft.com/windows2000/techinfo/howitworks/communications/remoteaccess
o RAID Basics: www.raidweb.com/whatis.html
o Spread Spectrum Primer: www.sss-mag.com/primer.html
o Guide to Wireless LAN Technologies: www.utdallas.edu/ir/wlans/whitepapers/wlan_wp.pdf
o IEEE Wireless Standards Zone: standards.ieee.org/wireless
Cryptography
► History of Cryptography
o Short History: all.net/books/ip/Chap2-1.html
o An Introduction to Cryptography: home.earthlink.net/~mylnir/crypt.intro.html
► Cryptosystem Definitions
o Classical Cryptography: www-math.cudenver.edu/~wcherowi/courses/m5410/m5410cc.html
o Escrowed Encryption Standards: www.itl.nist.gov/fipspubs/fip185.htm
► Symmetric Key Cryptography
o http://csrc.nist.gov/publications/fips/fips140-2/fips1402annexd.pdf
o Security Technology Issues: www.sims.berkeley.edu/courses/is224/s99/GroupC/pr2/s4.html
► Asymmetric Key Cryptography
o http://csrc.nist.gov/publications/nistpubs/800-32/sp800-32.pdf
o www.maths.mq.edu.au/~steffen/old/PCry/report/node8.html
► Cryptography
o Advanced Encryption Standards: csrc.nist.gov/encryption/aes
o Elliptic Curve Cryptography: www.cryptoman.com/elliptic.htm
o Public Key Infrastructure (PKI): www.pki-page.org
o Cryptography A-Z: www.ssh.fi/tech/crypto/intro.html
o How PGP Works: www.pgpi.org/doc/pgpintro
o A Cryptographic Evaluation of IPSec: www.counterpane.com/ipsec.html
Business Continuity Planning
► Business Impact Analysis
o www.disasterrecoveryworld.com/bia.htm
► BCP Requirements
o BCP Model: www.drj.com/new2dr/model/bcmodel.htm
► Emergency Response
o Disaster Recovery Planning: www.utoronto.ca/security/drp.htm
Operations Security
► Operational Security
o S/MIME Mail Security: www.ietf.org/html.charters/smime-charter.html
o Internet Mail Consortium: www.imc.org
o eMailman: www.emailman.com
o Interstar Fax Server: www.faxserver.com