Excerpt
... upon receiving on her ninety-second birthday the first copy of
Why Buildings Stand Up, my mother-in-law said matter-of-factly, "This is nice, but I'd be much more interested in reading why they fall down."
Mario G. Salvadori, Why Buildings Fall Down
What This Book Is About
Although we're all inspired by engineering triumphs, we often learn the most from engineering failures. This observation was behind the book Why Buildings Fall Down by Levy and Salvadori, and it's the driving force behind this book, too. Not only do failures have important lessons to teach, but they have a special power to capture one's interest unlike a dry recitation of technical criteria or even the breathless evocation of some techno-utopian ideal.
This book looks at the problem of authentication: how computers can confidently associate an identity with a person. Most computers use passwords to do this, but even password systems can pose subtle and difficult problems for users, administrators, and developers. Once we decide to use something fancier than a list of passwords stored in a server, we face a broad range of choices and their associated risks. In this book we explore those choices by looking at situations in which different techniques fail and by examining ways to strengthen them. Often it becomes a game of ping-pong in which the new defense falls to a new attack, which inspires an even newer defense, and so on.
Individual security measures don't work in a vacuum: they work in an interconnected web with other measures. This book takes a high-level, architectural view of that web instead of diving into the details. Discussions cover physical and procedural requirements for security as well as technical requirements. Moreover, our technical discussions will bring up only as much detail as needed to clarify the security issues. Readers can find the exact order of bits for a particular protocol elsewhere. Here we focus on why the bits need to be there and what they need to convey. We look at what could happen, or may have happened, if we omit that part of the protocol.
I've tried to include real world examples of every important concept and mechanism. Such examples take abstract concepts and make them concrete. Every example here has a published source or comes from my own experiences assisting others with computer security. In the latter case, names must often be changed to protect the privacy of people and enterprises. When not threatened with retribution, people can be quite honest about how they handle passwords and about unauthorized shortcuts they might employ. Names have been changed or omitted to protect both the innocent and the guilty.
Who This Book Is For
This book is written for people who want to understand both the how and why of computer authentication. Such people may be designers, developers, administrators, planners, or managers. Authentication is often their first line of defense against attack. The book's principal focus is on existing, off-the-shelf solutions. But in order to understand what we can buy, we often need enough design detail to guide an independent developer to achieve the same security results.
The book assumes a general familiarity with computer systems and the Internet as people typically use them today. It does not require specific knowledge about operating systems, networking protocols, or computer security. The book explains new technical concepts before discussing their implications, and uses plain English, graphical diagrams, and examples to make the important points. Some people learn by reading, others by seeing, and still others by doing. The book tries to accommodate the first two groups directly and, at least, entertain the third with stories of disaster.
It isn't practical to purge mathematical notation entirely from a book like this, even though some readers confront it like a poorly understood second language. Since there are a few places where a little simple algebra goes a long way, the book doesn't try to avoid algebraic notation entirely, but strives to make it straightforward.
0201615991P10012001