A Multidisciplinary Introduction to Information Security  book cover
1st Edition

A Multidisciplinary Introduction to Information Security

Edited By

Stig F. Mjolsnes

ISBN 9781138112131
Published June 13, 2017 by Chapman and Hall/CRC
348 Pages 83 B/W Illustrations

SAVE $25.49
was $84.95
USD $59.46

Prices & shipping based on shipping country


Book Description

With most services and products now being offered through digital communications, new challenges have emerged for information security specialists. A Multidisciplinary Introduction to Information Security presents a range of topics on the security, privacy, and safety of information and communication technology. It brings together methods in pure mathematics, computer and telecommunication sciences, and social sciences.

The book begins with the cryptographic algorithms of the Advanced Encryption Standard (AES) and Rivest, Shamir, and Adleman (RSA). It explains the mathematical reasoning behind public key cryptography and the properties of a cryptographic hash function before presenting the principles and examples of quantum cryptography. The text also describes the use of cryptographic primitives in the communication process, explains how a public key infrastructure can mitigate the problem of crypto-key distribution, and discusses the security problems of wireless network access. After examining past and present protection mechanisms in the global mobile telecommunication system, the book proposes a software engineering practice that prevents attacks and misuse of software. It then presents an evaluation method for ensuring security requirements of products and systems, covers methods and tools of digital forensics and computational forensics, and describes risk assessment as part of the larger activity of risk management. The final chapter focuses on information security from an organizational and people point of view.

As our ways of communicating and doing business continue to shift, information security professionals must find answers to evolving issues. Offering a starting point for more advanced work in the field, this volume addresses various security and privacy problems and solutions related to the latest information and communication technology.

Table of Contents

Introduction, Stig F. Mjølsnes
What Is Information Security?
Some Basic Concepts
A Synopsis of the Topics
Further Reading and Web Sites

Security Electronics, E.J. Aas and P.G. Kjeldsberg
Examples of Security Electronics
Side Channel Attacks
Further Reading and Web Sites

Public Key Cryptography, S.O. Smalø
Hash Functions and One Time Pads
Public Key Cryptography
RSA-Public Key Cryptography
RSA-Public Key Cryptography with Signature
Problem with Signatures
Secret Sharing Based on Discrete Logarithm Problems
Further Reading

Cryptographic Hash Functions, D. Gligoroski
Definition for Cryptographic Hash Function
Iterated Hash Functions
Most Popular Cryptographic Hash Function
Application of Cryptographic Hash Function
Further Reading and Web Sites

Quantum Cryptography, Dag Roar Hjelme, Lars Lydersen, and Vadim Makarov
Quantum Bit
Quantum Copying
Quantum Key Distribution
Practical Quantum Cryptography
Further Reading and Web Sites

Cryptographic Protocols, Stig F. Mjølsnes
The Origins
Information Policies
Some Concepts
Protocol Failures
Tools for Automated Security Analysis
Further Reading and Web Sites

Public Key Distribution, Stig F. Mjølsnes
The Public Key Distribution Problem
Authenticity and Validity of Public Keys
The Notion of Public Key Certificates
Public Key Infrastructure
Identity-Based Public Key
Further Reading and Web Sites

Wireless Network Access, Stig F. Mjølsnes and Martin Eian
Wireless Local Area Networks
The 802.11 Security Mechanisms
Wired Equivalent Privacy
Assumptions and Vulnerabilities
Further Reading and Web Sites

Mobile Security, Jan Audestad
The GSM Security
3G Architecture
Extent of Protection
Security Functions in the Authentication Center
Security Functions in the SGSN/RNC
Security Functions in the Mobile Terminal (USIM)
Encryption and Integrity
Example: Anonymous Roaming in a Mobile Network
Using GSM/3G Terminals as Authentication Tokens
Further Reading

A Lightweight Approach to Secure Software Engineering, Martin Gilje Jaatun, Jostein Jensen, Per Häkon Meland, and Inger Anne Tøndel
Asset Identification
Security Requirements
Secure Software Design
Testing for Software Security
Further Reading and Web Sites

ICT Security Evaluation, S.J. Knapskog
ISO/IEC 15408, Part 1/3 Evaluation Criteria for IT Security (CC)
Definition of Assurance
Building Confidence in the Evaluation Process
Organizing the Requirements in the CC
Assurance Elements
Functional Classes
Protection Profiles (PPs)
PP Registries
Definition of a Security Target (ST)
Evaluation of a ST
Evaluation Schemes
Evaluation Methodology

ICT and Forensic Science, Stig F. Mjølsnes and Svein Y. Willassen
ICT and Forensic Science
The Crime Scene
Forensic Science
The Digital Investigation Process
Digital Evidence Extraction
Digital Evidence Analysis Techniques
Further Reading and Web Sites

Risk Assessment, Stein Haugen
Risk Assessment in the Risk Management Process
Main Elements of the Risk Assessment Process
Further Reading and Web Sites

Information Security Management—From Regulations to End-Users, Eirik Albrechtsen and Jan Hovden
A Risk Governance Framework Applied to Information Security
Regulations and Control
Information Security Management


A Bibliography appears at the end of each chapter.

View More



Stig F. Mjølsnes is a professor in the Department of Telematics at the Norwegian University of Science and Technology. His research focuses on the development and application of cryptographic protocols and security models.