Wireless Security and Privacy: Best Practices and Design Techniques
CHM | 304 pages | 1.4 MB
Author: Tara M., Charles R. Elden
Publisher: Addison Wesley
Pub Date: September 13, 2002
Written for wireless development professionals new to security, and for security professionals moving into the wireless arena, this book presents the foundation upon which to design and develop secure wireless systems. It looks in depth at the key issues faced by those who develop wireless devices and applications, describes the technology and tools that are now available, and offers a proven methodology for designing a comprehensive wireless risk management solution.
The book also examines such important topics as:
- Fundamental wireless and security principles
- Specific wireless technologies, including 802.11b, Bluetooth, and WAP
- The security implications of the architecture of PDAs, cell phones, and wireless network cards for laptops
- The security shortcomings of wireless development languages
- Development of a risk model for a wireless system
- Cryptography essentials
- The role of COTS products in a comprehensive security solution
- Analysis of known and theoretical attacks
- Security, financial, and functionality tradeoffs
Several case studies run throughout the book, illustrating the application of important concepts, techniques, strategies, and models.
In all, this practical guide book builds a framework for understanding the present and future of wireless security and offers the specific security strategies and methodologies that are critical for success in this fast-moving market.
About the Authors:
Tara M. Swaminatha is an Information Security Administrator for the International Finance Corporation, a part of the World Bank Group. Tara is responsible for educating the IFC about information security, conducting technical product evaluations, offering security classes to employees, and assisting with the definition and implementation of plans for security best practices and technologies. Previously, Tara was a software security consultant with Cigital's Software Security Group (SSG). The SSG provides software security risk analysis for a broad range of clients. Tara also worked for PEC Solutions on a team that developed software and infrastructure for agencies within the U.S. Department of Justice. She implemented configuration control practices, maintained integrity of the development and production environments, and performed software, hardware, and multi-system integration. Tara holds both a B.A. in sociology and an M.T. in special education from the University of Virginia, where she graduated with high distinction. While working at the IFC, Tara is also currently pursuing her J.D. at Georgetown University.
Charles R. Elden is an Independent Security Consultant. He worked most recently at Cigital, where he was a manager and software security consultant with Cigital's Software Security Group. He has experience performing communication and software systems risk analysis and risk management. Prior to this, Charles worked for the Central Intelligence Agency for 12 years and has worked for over 11 years in the Directorate of Science and Technology's Office of Technical Services. Charles has extensive experience designing, developing, deploying, and exploiting secure and covert computing and communication systems. Charles received his M.S. in computer science from George Mason University and his B.S. in computer science/computer engineering from Michigan State University.