Figure 1.1: A generic security model for computer networks and distributed systems.
Chapter 2: HTTP Security
Figure 2.1: The Internet Explorer 5.5 ˜Enter Network Password prompt using the HTTP basic authentication scheme. (2002 Microsoft Corporation.)
Figure 2.2: The Opera 6.0 ˜Password required prompt using the HTTP basic authentication scheme. (2002 Opera Software.)
Figure 2.3: The Opera 6.0 ˜Password required prompt using the HTTP digest access authentication scheme. (2002 Opera Software.)
Chapter 3: Proxy Servers and Firewalls
Figure 3.1: A simple dual- homed firewall configuration.
Figure 3.2: A more realistic configuration of a dual-homed firewall.
Figure 3.3: A simple configuration of a screened host firewall.
Figure 3.4: A screened subnet firewall configuration.
Figure 3.5: A screened subnet firewall configuration with multiple bastion hosts .
Figure 3.6: A firewall supporting NAT.
Figure 3.7: Configuring Microsofts Internet Explorer using the Local Area Network (LAN) Settings panel. (2002 Microsoft Corporation.)
Figure 3.8: Configuring the use of proxy servers in Microsofts Internet Explorer. (2002 Microsoft Corporation.)
Figure 3.9: Configuring the use of proxy servers in the Proxy servers panel of Opera. (2002 Opera Software.)
Chapter 4: Cryptographic Techniques
Figure 4.1: The use of a secret key cryptosystem.
Figure 4.2: The use of a public key cryptosystem.
Figure 4.3: The structure of a digital signature giving (a) message recovery and (b) a digital signature with appendix.
Chapter 5: Internet Security Protocols
Figure 5.1: The layer 2 and layer 3 tunneling encapsulation schemes.
Figure 5.2: Encapsulated IP packet.
Figure 5.3: High-level overview of the IP security architecture.
Figure 5.4: IPsec transport and tunnel modes.
Figure 5.5: The authentication header (AH) format.
Figure 5.6: The encapsulating security payload (ESP) format.
Figure 5.7: The three possibilities to implement the IPsec architecture.
Chapter 6: SSL and TLS Protocols
Figure 6.1: The architecture of SSL and the SSL protocol.
Figure 6.2: The SSL Record Protocol steps.
Figure 6.3: PKCS #1 block format for encryption.
Figure 6.4: Microsoft Internet Explorers Certificate Manager. (2002 Microsoft Corporation.)
Figure 6.5: The Preferences panel in the Opera 6.0 browser. (2002 Opera Software.)
Figure 6.6: The screen to manage CA certificates in the Opera 6.0 browser. (2002 Opera Software.)
Chapter 7: Certificate Management and Public Key Infrastructures
Figure 7.1: The structures of PGP and X.509 certificates.
Figure 7.2: Microsoft Internet Explorers Security Alert panel, which is displayed if the browser does not know or trust a server or site certificate. (2002 Microsoft Corporation.)
Figure 7.3: Microsoft Internet Explorers Certificate panel. (2002 Microsoft Corporation.)
Figure 7.4: The ˜Details tab of Microsoft Internet Explorers Certificate panel. (2002 Microsoft Corporation.)
Figure 7.5: The Certification Path tab of Microsoft Internet Explorers Certificate panel. (2002 Microsoft Corporation.)
Chapter 8: Authentication and Authorization Infrastructures
Figure 8.1: The .NET Passport registration screen. (2002 Microsoft Corporation.)
Figure 8.2: The .NET Passport screen to edit a user profile. (2002 Microsoft Corporation.)
Figure 8.3: The .NET Passport screen to enter the users payment information. (2002 Microsoft Corporation.)
Figure 8.4: The .NET Passport Protocols message flows.
Figure 8.5: The Kerberos system and the corresponding protocol steps.
Chapter 10: Client-side Security
Figure 10.1: Microsoft Internet Explorers Security menu to configure security zones. (2002 Microsoft Corporation.)
Figure 10.2: Microsoft Internet Explorers Security Settings menu to configure the Internet zone. (2002 Microsoft Corporation.)
Chapter 11: Server-side Security
Figure 11.1: A multitier Web-based application architecture.
Figure 11.2: A simple HTML fill-out form displayed using the Opera browser. (2002 Opera Software.)
Chapter 12: Privacy Protection and Anonymity Services
Figure 12.1: Privacy.nets dynamically created Web page to illustrate the client-side settings rendered by the Opera browser. (2002 Opera Software.)
Figure 12.2: Microsoft Internet Explorers Security Settings menu to enable or disable cookies. (2002 Microsoft Corporation.)
Figure 12.3: Operas Preferences menu to configure the use of cookies. (2002 Opera Software).
Chapter 14: Censorship on the WWW
Figure 14.1: Microsoft Internet Explorers Content tab of the Internet Options menu. (2002 Microsoft Corporation.)
Figure 14.2: Microsoft Internet Explorers Create Supervisor Password panel. (2002 Microsoft Corporation.)
Figure 14.3: Microsoft Internet Explorers Content Advisor panel. (2002 Microsoft Corporation.)
Chapter 15: Risk Management
Figure 15.1: The individual steps in a risk management process.