Мельников Д. А. - Организация и обеспечение безопасности информационно-технологических сетей и систем - 2012

Список литературы

1.Алферов А.П., Зубов А.Ю., Кузьмин А.С., Черемушкин А.В., Основы криптографии. - Гелиос-АРВ, Москва, 2002.

2.Анин Б., Петрович А. Радиошпионаж. - М.: Международные отношения, 1996.

3.Бабаш А.В., Шанкин Г.П., Криптография. - М.: СОЛОН-Р, 2007.

4.Белов Е.Б., Лось В.П., Мещеряков Р.В., Шелупанов А.А. Основы информационной безопасности. Учебное пособие для вузов. - М.: Горячая линия - Телеком, 2006.

5.Григорьев В.А. Передача сообщений по зарубежным инфор­ мационным сетям. - Л.: ВАС, 1989.

6.Романец Ю.В., Тимофеев П.А., Шаньгин В.Ф. Защита информа­ ции в компьютерных системах и сетях. - М.: Радио и связь, 1999.

7.Мельников Д.А. Организация информационного обмена в информационно-вычислительных сетях. Учебное пособие. - М.: ФАПСИ, 1998.

8.Мельников Д.А. Информационные процессы в компьютерных сетях. Протоколы, стандарты, интерфейсы, модели... - М.: КУДИЦ-ОБРАЗ, 1999, ISBN 5-93378-0002-2.

9.Мельников Д.А., Савельев М.С. Скрытые под маской. PCWeek. - 2005. - №6.

10.Орлов В.А., Мельников Д.А. Современная криптография и ар­ хитектура безопасности компьютерных сетей: Учебное посо­ бие. - М.: МГУПИ, 2009.

11.Диффи у., Хеллман М.Э. Защищенность и имитостойкость: Введение в криптографию. / / ТИИЭР.- 1979. - Т. 67, №3.

12.Диффи у. Первые десять лет криптографии с открытым клю­ чом. / / ТИИЭР.- 1988.- Т. 76, № 5.

13.Мафтик С. Механизмы защиты в сетях ЭВМ. - М.: Мир, 1993.

14.Melnikov D., Jones A., 'Masquerade' Attacks and a Process for Their Detection. Proceedings of the 3rd European Conference on In­ formation Warfare and Security. - Royal Holloway University of London, UK. - 28-29 June 2004. - p.269.

15.Melnikov D., Jones A., Static Image Data Hiding and Encryption Method. Proceedings of the 3rd European Conference on Informa­ tion Warfare and Security. - Royal Holloway University of London, UK. - 28-29 June 2004. - p.279.

16.Denning D.E. "Cryptography and Data Security". - AddisonWesley, 1982.

17.American National Standards Institute, "Public key Cryptography for the Financial Service Industry: Agreement of Symmetric Keys Using Diffie-Hellman and MQV Algorithms", X9.42, 29 Jan 1999.

18.American Bar Association, "Digital Signature Guidelines: Legal In­ frastructure for Certification Authorities and Secure Electronic Commerce", Chicago, IL, 1 Aug 1996.

19.U.S. Army Corps of Engineers, "Electromagnetic Pulse (EMP) and Tempest Protection for Facilities", E P 1110-3-2, 31 Dec 1990.

20.British Standards Institution, "Information Security Management, Part 1: Code of Practice for Information Security Management", BS 7799-1:1999, effective 15 May 1999.

21.British Standards Institution, "Information Security Management, Part 2: Specification for Information Security Management Sys­ tems", BS 7799-2:1999, effective 15 May 1999.

22.D. E. Bell and L. J. LaPadula, "Secure Computer Systems: Mathe­ matical Foundations and Model", M74-244, The MITRE Corpora­ tion, Bedford, MA, May 1973.

23.Common Criteria Implementation Board, "Common Criteria for In­ formation Technology Security Evaluation, Part 1: Introduction and General Model", ver. 2.1, CCIB-99-01, Aug 1999.

24.U.S. Department of Defense Computer Security Center, "Computer Security Requirements: Guidance for Applying the Department of Defense Trusted Computer System Evaluation Criteria in Specific Environments", CSC-STD-003-85, 25 Jun 1985.

25.Denning D. E., "A Lattice Model of Secure Information Flow", in "Communications of the ACM", vol. 19, no. 5, May 1976, pp. 236-243.

26.U.S. Department of Defense, "Department of Defense Trusted Computer System Evaluation Criteria", DoD 5200.28-STD, 26 Dec 1985.

27.U.S. Department of Defense, Directive 5200.28, "Security Require­ ments for Automated Information Systems (AISs)", 21 Mar 1988.

28.U.S. Department of Defense, "X.509 Certificate Policy", ver. 2, Mar 1999.

29.U.S. Department of Defense, "NSA Key Recovery Assessment Cri­ teria", 8 Jun 1998.

30.W. Ford, "Computer Communications Security: Principles, Stan­ dard Protocols and Techniques", ISBN 0-13-799453-2,1994.

31.W. Ford and M. Baum, "Secure Electronic Commerce: Building the Infrastructure for Digital Signatures and Encryption", ISBN 0-13- 476342-4,1997.

32.U.S. Department of Commerce, "Glossary for Computer Systems Security", FIPS PUB 39,15 Feb 1976.

33.U.S. Department of Commerce, "Public Key Infrastructure (PKI) Technical Specifications: Part A - Technical Concept of Opera­ tions", National Institute of Standards, 4 Sep 1998.

34.U.S. Department of Commerce, "Underlying Technical Models for Information Technology Security", National Institute of Standards Special Publication, December 2001.

35.ITU-T, "Security Architecture for Open Systems Interconnection for CCITT Applications", Recommendation X.800,1991.

36.ITU-T, "Information technology - Security techniques - Guidelines for the use and management of trusted third party services", Rec­ ommendation X.842, 2000.

37.ISO, "Information Processing Systems - Open Systems Intercon­ nection Reference Model - Part V. Basic Reference Model", ISO/IEC 7498-1.

38.ISO, "Information Processing Systems - Open Systems Intercon­ nection Reference Model - Part 2: Security Architecture", ISO/IEC 7499-2.

39.David Kahn, "The Codebreakers: The Story of Secret Writing", The Macmillan Company, New York, 1967.

40.Markus G. Kuhn and Ross J. Anderson, "Soft Tempest: Hidden Da­ ta Transmission Using Electromagnetic Emanations", in David Aucsmith, ed., "Information Hiding, Second International Work­ shop, IH'98", Portland, Oregon, USA, 15-17 Apr 1998, LNCS 1525, Springer-Verlag, ISBN 3-540-65386-4, pp. 124-142.

41.U.S. Department of Commerce, "Minimum Interoperability Speci­ fication for PKI Components (MISPC), Version 1", National Insti­ tute of Standards Special Publication 800-15, Sep 1997.

42.National Computer Security Center, "A Guide to Understanding Audit in Trusted Systems", NCSC-TG-001,1 Jun 1988.

43.National Computer Security Center, "Glossary of Computer Securi­ ty Terms", NCSC-TG-004, ver. 1, 21 Oct 1988. (Part of the Rainbow Series.)

44.National Computer Security Center, "Trusted Network Interpreta­ tion of the Trusted Computer System Evaluation Criteria", NCSC- TG-005, ver. 1, 31 Jul 1987. (Part of the Rainbow Series.)

45.Simson Garfinkel, "PGP: Pretty Good Privacy", O'Reilly & Asso­ ciates, Inc., Sebastopol, CA, 1995.

46.Postel, J., "User Datagram Protocol", STD 6, RFC-768, August 1980.

47.Postel, J., "Internet Protocol", STD 5, RFC-791, September 1981.

48.Postel, J., "Internet Control Message Protocol", STD 5, RFC-792, September 1981.

49.Postel, J., ed., "Transmission Control Protocol", STD 7, RFC-793, September 1981.

50.Postel, J., "Simple Mail Transfer Protocol", STD 10, RFC-821, Au­ gust 1982.

51.Postel, J. and J. Reynolds, "TELNET Protocol Specification", STD 8, RFC-854,May 1983.

52.Postel,J. and J.Reynolds, "File Transfer Protocol (FTP)", STD 9, RFC-959, Octoberl985.

53.Mockapetris, P., "Domain Names - Concepts and Facilities", STD 13, RFC-1034, November 1987.

54.Rivest, R., "The MD5 Message-Digest Algorithm", RFC-1321, April 1992.

55.Lloyd, B. and W. Simpson, "PPP Authentication Protocols", RFC1334, October 1992.

56.Finseth,C., "An Access Control Protocol, Sometimes Called TACACS", RFC-1492, July 1993.

57.Kaufman, C , "DASS: Distributed Authentication Security Service", RFC-1507, September 1993.

58.Kohl, J. and C. Neuman, "The Kerberos Network Authentication Service (V5)", RFC-4120 (RFC-4537), July 2005.

59.Berners-Lee, T., "Universal Resource Identifiers in WWW", RFC1630, June-1994.

60.Simpson, W., ed.," The Point-to-Point Protocol (PPP)", STD 51, RFC-1661, July 1994.

61.Myers, J., "Uniform Resource Locators (URL)", RFC-1738, Decem­ ber 1994.

62.Eastlake, D., Crocker, S. and J. Schiller, "Randomness Recommen­ dations for Security", RFC-4086, June 2005.

63.Metzger, P. and W. Simpson, "IP Authentication using Keyed MD5", RFC-1828, August 1995.

64.Berners-Lee, T., "Hypertext Markup Language - 2.0", RFC-1866, November 1995.

65.Conta, A. and S. Deering, "Internet Control Message Protocol (ICMPv6) for the Internet Protocol Version 6 (IPv6) Specification", RFC-1885, December 1995.

66.Eastlake D. 3rd, ed., "CyberCash Credit Card Protocol Version 0.8", RFC-1898, February 1996.

67.Leech M., Ganis M., Lee Y., Kuris R., Koblas D. and L. Jones, "SOCKS Protocol Version 5", RFC-1928, March 1996.

68.Haller N. and C. Metzion, "A One-Time Password System", RFC1938, May 1996.

69.Myers J. and M.Rose, "Post Office Protocol - Version 3", STD 53, RFC-1939, May 1996.

70.Carpenter, B.,ed., "Architectural Principles of the Internet", RFC1958, June 1996.

71.Malkin, G., ed., "Internet Users' Glossary", F Y I18, RFC-1983, Au­ gust 1996.

72.Freed, N. and N. Borenstein, "Multipurpose Internet Mail Exten­ sions (MIME) Part One: Format of Internet Message Bodies", RFC2045, November 1996.

73.Eastlake D., 3rd, "Domain Name System Security Extensions", RFC-2065, January 1997.

74.Linn J., "Generic Security Service Application Program Interface, Version 2", RFC-2078, January 1997.

75.Rigney, C , Rubens, A., Simpson, W. and S. Willens, "Remote Au­ thentication Dial In User Service (RADIUS)", RFC-2138, April 1997.

76.Eastlake, D., "Secure Domain Name System Dynamic Update", RFC-2137, April 1997.

77.Gwinn, A., "Network Security For Trade Shows", RFC-2179, July 1997.

78.Fraser, B., "Site Security Handbook", FYI 8, RFC-2196, September 1997.

79.Myers, J., "Simple Authentication and Security Layer (SASL)", RFC-2222, October 1997.

80.Dierks, T. and C. Allen, "The TLS Protocol, Version 1.0", RFC-2246, January 1999.

81.Haller N., ed., "A One-Time Password System", RFC-2289, Febru­ ary 1998.

82.Ramos, A., "IETF Identification and Security Guidelines", RFC2323, April 1998.

83.Brownlee, N. and E. Guttman, "Expectations for Computer Securi­ ty Incident Response", RFC-2350, June 1998.

84.Hinden,R. and S.Deering, "IP Version 6 Addressing Architecture", RFC-2373, July 1998.

85.Berners-Lee, T., Fielding, R. and L. Masinter, "Uniform Resource Identifiers (URI): Generic Syntax", RFC-2396, August 1998.

86.Kent, S. and K. Seo, "Security Architecture for the Internet Proto­ col", RFC-4301, December 2005.

87.Kent, S., "IP Authentication Header", RFC-4302, December 2005.

88.Kent, S., "IP Encapsulating Security Payload (ESP)", RFC-4303, De­ cember 2005.

89.3rd Eastlake, D., "Cryptographic Algorithm Implementation Re­ quirements For Encapsulating Security Payload (ESP) and Authen­ tication Header (AH)", RFC 4305, December 2005.

90.Kaufman, C , Ed., "The Internet Key Exchange (IKEv2) Protocol"/ RFC 4306, December 2005.

91.Callas J., ed., "OpenPGP Message Format", RFC-2440, November 1998.

92.Newman С., "The One-Time-Password SASL Mechanism", RFC2444, October 1998.

93.Deering S. and R. Hinden, "Internet Protocol, Version 6 (IPv6) Spe­ cification", RFC-2460, December 1998.

94.Guttman, E., Leong, L. and G. Malkin, "Users' Security Hand­ book", RFC-2504, February 1999.

95.Cooper D., Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile, RFC-5280, May 2008.

96.Case J., Mundy R., Partain D. and B. Stewart, "Introduction to Ver­ sion 3 of the Internet-Standard Network Management Frame­ work", RFC-2570, April 1999.

97.Blumenthal, U. and B. Wijnen, "User-based Security Model (USM) for Version 3 of the Simple Network Management Protocol (SNMPv3)", RFC-2574, April 1999.

98.Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter, L., Leach, P. and T. Berners-Lee, "Hypertext Transfer Protocol - HTTP/1.1", RFC-2616, June 1999.

99.Housley, R., "Cryptographic Message Syntax", RFC-2630, June 1999.

100.Ramsdell, B., ed., "S/MIME Version 3 Message Specification", RFC-2633, June 1999.

101.Burdett D., "Internet Open Trading Protocol - IOTP, Version 1.0", RFC-2801, April 2000.

102.Davidson, K. and Y. Kawatsura, "Digital Signatures for the vl.O Internet Open Trading Protocol (IOTP)", RFC-2802, April 2000.

103.Maruyama H., Tamura K. and N. Uramot, "Digest Values for DOM (DOMHASH)", RFC-2803, April 2000.

104.Shirey R., "Internet Security Glossary", RFC-2828, May 2000.

105.Prafullchandra H., Schaad J., "Diffie-Hellman Proof-of-Possession Algorithms", RFC-2875, July 2000.

106.Eastlake D. 3rd, Smith C , "Internet Open Trading Protocol (IOTP) HTTP Supplement", RFC-2935, September 2000.

107.Kawatsura Y., Payment Application Programmers Interface (API) for vl.O Internet Open Trading Protocol (IOTP), RFC-3867, No­ vember 2004.

108.Tim Bray, Jean Paoli, С. M. Sperber-McQueen, "Extensible Markup Language (XML) 1.0", http://www.w3.org/TR/1998/REC-xml- 19980210.

109.E.S. Raymond, ed., "The On-Line Hacker Jargon File", ver. 4.0.0, 24 Jul 1996.

110."The New Hacker's Dictionary", 2d edition, MIT Press, Sep 1993, ISBN 0-262-18154-1.