[ open folder ] Thomas Hungenberg's Homepage
      [ open folder ] Informationssicherheit
            [ document ] Einleitung
            [ closed folder ] Grundlagen
            [ closed folder ] Tips zum sicheren Arbeiten
            [ closed folder ] Online-Lexikon der Informationssicherheit
            [ document ] Literatur
            [ document ] Links zu externen Servern

Literatur


Informations- / Computer- / Internetsicherheit

Bücher

  • Chapman, D. Brent und Elizabeth D. Zwicky: Building Internet Firewalls. O'Reilly & Associates, 1995.
  • Garfinkel, Simson und Gene Spafford: Practical Unix & Internet Security. O'Reilly & Associates, Second Edition 1996.
  • Hutt, Arthur E., Seymour Bosworth und Douglas B. Hoyt: Computer Security Handbook, Third Edition. John Wiley & Sons, New York, 1995.
  • Hunt, Craig: TCP/IP Network Administration. O'Reilly & Associates, 1992.
  • Icove, David, Karl Seger und William VonStorch: Computer Crime: A Crimefighter's Handbook. O'Reilly & Associates, 1995.
  • Kersten, Heinrich: Sicherheit in der Informationstechnik: Einführung in Probleme, Konzepte und Lösungen. 2. Auflage, Oldenbourg Verlag, München, 1995.
  • Longley, Dennis, Michael Shain und William Caelli: Information Security: Dictionary of Concepts, Standards and Terms. Stockton Press, New York, 1992.
  • Russel, Deborah und G. T. Gangemi Sr.: Computer Security Basics. O'Reilly & Associates, 1991.
  • Schneier, Bruce: Secrets and Lies: Digital Security in a Networked World. John Wiley & Sons, 2000.
    Deutsche Ausgabe: Secrets and Lies: IT-Sicherheit in einer vernetzten Welt. dpunkt.Verlag, Heidelberg, 2001.
  • Stevens, Richard W.: TCP/IP Illustrated. The Protocols, Volume 1. Addison-Wesley, 1994.

  • Stoll, Cliff: The Cuckoo's Egg: Tracing a Spy Through the Maze of Computer Espionage. Doubleday, New York, 1989.

Request For Comments (RFC)

  • Fraser, B.: Site Security Handbook. RFC 2196, September 1997.
  • Guttman, E., L. Leong und G. Malkin: Users' Security Handbook. RFC 2504, February 1999.
  • Malkin, G.: Internet Users' Glossary. RFC 1983, August 1996.
  • Pethia, R., S. Croker und B. Fraser: Guidelines for the Secure Operation of the Internet. RFC 1281, November 1991.
  • Shirey, R.: Internet Security Glossary. RFC 2828, May 2000.

Kriterienwerke / Standards

  • IT-Grundschutzhandbuch, Bundesamt für Sicherheit in der Informationstechnik, halbjährliche Aktualisierung. (Online-Version)
  • Information Technology Security Evaluation Criteria (ITSEC). Version 1.2, Office for Official Publications of the European Communities, Juni 1991 (englische Fassung).
  • Kriterien für die Bewertung der Sicherheit von Systemen in der Informationstechnik (ITSEC). Vorläufige Form der harmonisierten Kriterien, Version 1.2, Juni 1991, hrsg. v. d. Europäischen Union, Bundesanzeiger-Verlag Köln (1991).
  • Common Criteria for Information Technology Security Evaluation (Common Criteria 2.1), ISO/IEC 15408, August 1999.
  • Information technology. Code of practice for information security management, ISO/IEC 17799:2000 (BS 7799-1:2000), 2000.
  • Information security management. Specification for information security management systems, BS 7799-2:1999, 1999.
  • IT-Sicherheitskriterien (ITS): Kriterien für die Bewertung der Sicherheit von Systemen der Informationstechnik (IT). Hrsg. v. d. Zentralstelle für Sicherheit in der Informationstechnik, 1. Fassung, Bundesanzeiger Verlagsgesellschaft, Köln, 1989.
  • Trusted Computer System Evaluation Criteria (TCSEC, "Orange Book"), US DoD 5200.28-STD, Department of Defense, December 1985.
  • Canadian Trusted Computer Product Evaluation Criteria (CTCPEC), Version 3.0, Canadian Systems Security Centre, Communications Security Establishment, Government of Canada, January 1993.
  • NATO Trusted Computer System Evaluation Criteria, NATO AC/35-D/1027, 1987.
  • Nibaldi, G. H.:Proposed Technical Evaluation Criteria for Trusted Computer Systems, M79-225, MITRE Corporation, Bedford (MA), 1979.
  • Nibaldi, G. H.:Specification of a Trusted Computing Base, M79-228, MITRE Corporation, Bedford (MA), 1979.

Sicherheitspolitiken und -modelle

  • Bell, David E. and Leonard J. LaPadula: Secure Computer Systems: Unified Exposition and Multics Interpretation, Technical Report MTR-2997 Rev. 1, MITRE Corporation, Bedford, Massachusetts, March 1976.
  • Biba, K. J.: Integrity Considerations for Secure Computer Systems, Technical Report MTR-3153, MITRE Corporation, Bedford, Massachusetts, April 1977.
  • Brewer, David F. C. and Michael J. Nash: The Chinese Wall Security Policy, Proceedings of the 1989 IEEE Symposium on Security and Privacy, IEEE Computer Society Press, May 1989, pp. 206-214.
  • Clark, D. and D. Wilson: A Comparision of Commercial and Military Computer Security Policies, Proceedings of the 1987 IEEE Symposium on Security and Privacy, IEEE Computer Society Press, 1987, pp. 184-194.
  • Landwehr, Carl E., Constance L. Heitmeyer and John McLean: A Security Model for Military Message Systems, ACM Transactions on Computer Systems, Vol. 2 No. 3, August 1984, pp. 198-222.



Kryptografie

Bücher

  • Garfinkel, Simson: PGP: Pretty Good Privacy. O'Reilly & Associates, 1994.
  • Kahn, David: The Codebreakers. Macmillan Company, 1972.
  • Schneier, Bruce: Applied Cryptography: Protocols, Algorithms and Source Code in C. John Wiley & Sons, Second Edition 1996.
  • Stinson, Douglas R.: Cryptography Theory and Practice. Fourth Printing, CRC Press, Florida, 1996.



[ HTML 4.0 validated ] [ Best viewed with ANY browser! ]
http://www.hungenberg.net/th/home/sicherheit/literatur.phtml
Hinweise (Impressum, Urheberrecht, Haftung) zu dieser Homepage.