cryptography and network security principles and practice 7th global editionالمؤلف: William Stallings التصنيفات: Applied Cryptography الناشر: الناشر: 17 May, 2021 ISBN: 10:1-292-15858-1 عدد الصفحات: 767 Pages الدولة: اللغة: English Dimension: حجم الملف: 9.03 MB تحميل :
WHAT’S NEW IN THE SEVENTH EDITION
In the four years since the sixth edition of this book was published, the field has seen continued
innovations and improvements. In this new edition, I try to capture these changes while
maintaining a broad and comprehensive coverage of the entire field. To begin this process of
revision, the sixth edition of this book was extensively reviewed by a number of professors
who teach the subject and by professionals working in the field. The result is that, in many
places, the narrative has been clarified and tightened, and illustrations have been improved.
Beyond these refinements to improve pedagogy and user-friendliness, there have been
substantive changes throughout the book. Roughly the same chapter organization has been
retained, but much of the material has been revised and new material has been added. The
most noteworthy changes are as follows:
■ Fundamental security design principles: Chapter 1 includes a new section discussing the
security design principles listed as fundamental by the National Centers of Academic
Excellence in Information Assurance/Cyber Defense, which is jointly sponsored by the
U.S. National Security Agency and the U.S. Department of Homeland Security.
■ Attack surfaces and attack trees: Chapter 1 includes a new section describing these two
concepts, which are useful in evaluating and classifying security threats.
■ Number theory coverage: The material on number theory has been consolidated
into a single chapter, Chapter 2. This makes for a convenient reference. The relevant
portions of Chapter 2 can be assigned as needed.
■ Finite fields: The chapter on finite fields has been revised and expanded with additional
text and new figures to enhance understanding.
■ Format-preserving encryption: This relatively new mode of encryption is enjoying
increasing commercial success. A new section in Chapter 7 covers this method.
■ Conditioning and health testing for true random number generators: Chapter 8 now
provides coverage of these important topics.
■ User authentication model: Chapter 15 includes a new description of a general model
for user authentication, which helps to unify the discussion of the various approaches
to user authentication.
■ Cloud security: The material on cloud security in Chapter 16 has been updated and
expanded to reflect its importance and recent developments.
■ Transport Layer Security (TLS): The treatment of TLS in Chapter 17 has been updated,
reorganized to improve clarity, and now includes a discussion of the new TLS version 1.3.
■ Email Security: Chapter 19 has been completely rewritten to provide a comprehensive
and up-to-date discussion of email security. It includes:
— New: discussion of email threats and a comprehensive approach to email security.
— New: discussion of STARTTLS, which provides confidentiality and authentication
— Revised: treatment of S/MIME has been updated to reflect the latest version 3.2.
— New: discussion of DNSSEC and its role in supporting email security.
— New: discussion of DNS-based Authentication of Named Entities (DANE) and the
use of this approach to enhance security for certificate use in SMTP and S/MIME.
— New: discussion of Sender Policy Framework (SPF), which is the standardized way
for a sending domain to identify and assert the mail senders for a given domain.
— Revised: discussion of DomainKeys Identified Mail (DKIM) has been revised.
— New: discussion of Domain-based Message Authentication, Reporting, and Conformance
(DMARC) allows email senders to specify policy on how their mail should
be handled, the types of reports that receivers can send back, and the frequency
those reports should be sent.