The Huawei and Snowden Questions (Simula SpringerBriefs on Computing, Vol. 4)
Lysne, Olav 著
目次
1 Introduction: 1.1 A New Situation.- 1.2 What are we Afraid of?.- 1.3 Huawei and ZTE.- 1.4 Trust in Vendors.- 1.5 Points of Attack.- 1.6 Trust in Vendors is Different from Computer Security.- 1.7 Why the Problem is Important.- 1.8 Advice for Readers.- 2 Trust: 2.1 Prisoner's Dilemma.- 2.2 Trust and Game Theory.- 2.3 Trust and Freedom of Choice.- 2.4 Trust, Consequence and Situation.- 2.5 Trust and Security.- 2.6 Trusted Computing Base---Trust between Components.- 2.7 Discussion.- 3 What is an ICT-System?: 3.1 Transistors and Integrated Circuits.- 3.2 Memory and Communication.- 3.3 Processors and Instruction Sets.- 3.4 Firmware.- 3.5 Operating Systems, Device Drivers, Hardware Adaptation Layers and Hypervisors.- 3.6 Bytecode Interpreters.- 3.7 The Application on Top.- 3.8 Infrastructures and Distributed Systems.- 3.9 Discussion.- 4 Development of ICT Systems: 4.1 Software Development.- 4.2 Hardware Development .- 4.3 Security Updates and Maintenance.- 4.4 Discussion.- 5 Theoretical Foundation: 5.1 Gödel and the Liar's Paradox.- 5.2 Turing and the Halting Problem.- 5.3 Decidability of Malicious Behaviour.- 5.4 Is there Still Hope?.- 5.5 Where does this Lead Us?.- 6 Reverse Engineering of Code: 6.1 Application of Reversing in ICT.- 6.2 Static Code Analysis.- 6.3 Disassemblers.- 6.4 Decompilers.- 6.5 Debuggers.- 6.6 Antireversing.- 6.7 Hardware.- 6.8 Discussion.- 7 Static Detection of Malware: 7.1 Classes of Malware.- 7.2 Signatures, and Static Code Analysis.- 7.3 Encrypted and Oligomorphic Malware.- 7.4 Obfuscation Techniques.- 7.5 Polymorphic and Metamorphic Malware.- 7.6 Heuristic Approaches.- 7.7 Malicious Hardware.- 7.8 Specification Based Techniques.- 7.9 Discussion.- 8 Dynamic Detection Methods: 8.1 Dynamic Properties.- 8.2 Unrestricted Execution.- 8.3 Emulator Based Analysis.- 8.4 Virtual Machines.- 8.5 Evasion Techniques.- 8.6 Analysis.- 8.7 Hardware.- 8.8 Discussion.- 9 Formal Methods: 9.1 Formal Methods Overview.- 9.2 Specification.- 9.3 Programming Languages.- 9.4 Hybrid Programming and Specification Languages.- 9.5 Semantic Translation.- 9.6 Logics.- 9.7 Theorem Proving and Model Checking.- 9.8 Proofcarrying Code.- 9.9 Conclusion.- 10 Software Quality and Quality Management: 10.1 What is Software Quality Management?.- 10.2 Software Development Process.- 10.3 Software Quality Models.- 10.4 Software Quality Management.- 10.5 Software Quality Metrics.- 10.6 Standards.- 10.7 Common Criteria (ISO/IEC-15408).- 10.8 Software Testing.- 10.9 Verification through Formal Methods.- 10.10 Code Review.- 10.11 Discussion.- 11 Containment of Untrusted Modules: 11.1 Overview.- 11.2 Partial Failures and Fault Models.- 11.3 Erlang---a Programming Language Supporting Containment.- 11.4 Microservices---an Architecture Model Supporting Containment.- 11.5 Hardware Containment.- 11.6 Discussion.- 12 Summary and Way Forward: 12.1 Summary of Findings.- 12.2 Way Forward.- 12.3 Concluding Remarks.
カート
カートに商品は入っていません。