Links from the book
Chapter 1: Setting the Scene
- http://www.radium.ncsc.mil/tpep/process/faq.html - the US TCSEC programme
- http://www.itsec.gov.uk, - UK ITSEC Scheme (seems to have moved to http://www.cesg.gov.uk/site/iacs/index.cfm?menuSelected=1&displayPage=1 )
- ftp://ftp.cse-cst.gc.ca/pub/criteria/CTCPEC - the Canadian evaluation criteria (can't find it, see http://www.cse-cst.gc.ca )
Chapter 2: Identification and Authentication
Chapter 3: Access Control
Chapter 4: Security Models
Chapter 5: The Security Kernel
Chapter 6: Unix Security
- http://www.sri.ucl.ac.be/SRI/documents/unix-secure
- http://back.cis.temple.edu/linux/linux-security (dead)
- http://info.cert.org (dead, see http://www.cert.org )
- ftp://info.cert.org/pub/cert_advisories
- ftp://ftp.win.tue.nl/pub/security/index.html (dead)
- http://www.axent.com (dead)
- http://www.ov.com
- http://www.secnet.com/nav2.html
Chapter 7: Windows NT Security
Chapter 8: How Things Go Wrong
Chapter 9: Security Evaluation
- http://www.radium.ncsc.mil/tpep/process/faq.html - the US TCSEC programme
- http://www.itsec.gov.uk, - UK ITSEC Scheme (seems to have moved to http://www.cesg.gov.uk/site/iacs/index.cfm?menuSelected=1&displayPage=1 )
- ftp://ftp.cse-cst.gc.ca/pub/criteria/CTCPEC - the Canadian evaluation criteria (can't find it, see http://www.cse-cst.gc.ca )
- http://csrc.ncsl.nist.gov/cc - the Common Criteria
Chapter 10: Distributed Systems Security
Chapter 11: World Wide Web Security
- http://www.w3.org - World Wide Web Consortium
- http://java.sun.com/sfaq - JavaSoft's introduction to Java Applet security
- http://java.sun.com/forum/securityForum.html - more on Java security (dead, see http://java.sun.com/security/ )
- http://hoohoo.ncsa.uiuc.edu/cgi - the de facto CGI standard
- http://www.microsoft.com/intdev/security/authcode/authwp.zip - Microsoft's authenticode (dead)
- http://wwwcgi.umr.edu/~cgiwrap/ - for CGIwrap
Chapter 12: Cryptography
Chapter 13: Network Security
- http://www.ietf.org
- ds.internic.net (US East Coast)
- nic.nordu.net (Europe)
- http://ftp.isi.edu (US West Coast)
- munnari.oz.au (Pacific Rim)
- http://www.netscape.com/eng/ssl3 - SSL spec
- http://www.tis.com - Trusted Infrastructure Systems, firewall toolkit
- http://www.clark.net/pub/mjr/pubs (dead)
- http://www.sctc.com - Sidewinder firewall (see http://www.securecomputing.com/index.cfm?skey=232 )
Chapter 14: Database Security
Chapter 15: Multi-Level Secure Databases
(see chapter 14)
Chapter 16: Concurrency Control and Multi-Level Security
Chapter 17: Object-Oriented Security