Contents

• Contents
• 1. Introduction
  • 1.1 Security in computing
  • 1.2 The paradigm shift: from passive to proactive security management
  • 1.3 The need for a general framework
• 2. An adaptive security system framework
  • 2.1 Components of an adaptive security system
  • 2.2 Communication between the adaptive security management components
• 3. Adaptive security system applications
  • 3.1 Interactions in adaptive security management systems
  • 3.2 Use of formal security models
• 4. Adaptive security system vulnerabilities
  • 4.1 Management of the adaptive security management system
  • 4.2 Performance versus risk
  • 4.3 Software development and acquisition
  • 4.4 System configuration
  • 4.5 Physical access
• 5. Discussion of the framework
  • 5.1 Features of the framework
  • 5.2 Ease of use, cost-efficiency and effectiveness
  • 5.3 A need for standards, evaluation criteria and independent accreditation
• 6. Summary
• 7. Introduction to security management
  • 7.1 Developing and managing a security strategy
  • 7.2 Cost aspects of security
  • 7.3 A gentle introduction to risk analysis
  • 7.4 The security policy
• 8. Concepts of network security
  • 8.1 General concepts in network security
  • 8.2 Network security controls
  • 8.3 ISO transport and network layer security - physical layer security
  • 8.4 Internet TCP/IP security
• List of Figures
• List of Tables
• Bibliography