本书由著名作者William Stallings编写，是网络安全领域最重要、影响最广泛的教材。
本书是网络安全方面的一本入门书籍，系统地介绍了网络安全的基础知识，包括构成网络安全原理所必需的密码学知识、网络安全原理和主要的工业标准与应用。全书分为三大部分。第一部分为密码学，主要介绍对称加密方法、公钥密码学原理和消息认证方法；第二部分为网络安全应用，主要介绍网络安全解决方案中的密钥分配、用户认证、网络访问控制、云安全、传输层安全、无线网络安全、电子邮件安全和IP层安全等方面的重要协议或工业标准：第三部分为系统安全，主要介绍互联网系统中的恶意软件、入侵者和防火墙等方面内容。
本书适合作为本科生或研究生网络安全课程的教材，也可作为从事计算机、通信和电子工程等领域的科技人员理解网络安全基本原理的参考用书。

Preface
About the Author
Chapter 1 Introduction
1.1 Computer Security Concepts
1.2 The OSI Security Architecture
1.3 Security Attacks
1.4 Security Services
1.5 Security Mechanisms
1.6 A Model for Network Security
1.7 Standards
1.8 Outline of This Book
1.9 Recommended Reading
1.10 Internet and Web Resources
1.11 Key Terms, Review Questions, and Problems
PART ONE CRYPTOGRAPHY
Chapter 2 Symmetric Encryption and Message Confidentiality
2.1 Symmetric Encryption Principles
2.2 Symmetric Block Encryption Algorithms
2.3 Random and Pseudorandom Numbers
2.4 Stream Ciphers and RC4
2.5 Cipher Block Modes of Operation
2.6 Recommended Reading
2.7 Key Terms, Review Questions, and Problems
Chapter 3 Public-Key Cryptography and Message Authentication
3.1 Approaches to Message Authentication
3.2 Secure Hash Functions
3.3 Message Authentication Codes
3.4 Pubhc-Key Cryptography Principles
3.5 Public-Key Cryptography Algorithms
3.6 Digital Signatures
3.7 Recommended Reading
3.8 Key Terms, Review Questions, and Problems
PART TWO NETWORK SECURITY APPLICATIONS
Chapter 4 Key Distribution and User Authentication
4.1 Symmetric Key Distribution Using Symmetric Encryption
4.2 Kerberos
4.3 Key Distribution Using Asymmetric Encryption
4.4 X.50 9 Certificates
4.5 Public-Key Infrastructure
4.6 Federated Identity Management
4.7 Recommended Reading
4.8 Key Terms, Review Questions, and Problems
Chapter 5 Network Access Control and Cloud Security
5.1 Network Access Control
5.2 Extensible Authentication Protocol
5.3 IEEE 802.1 X Port-Based Network Access Control
5.4 Cloud Computing
5.5 Cloud Security Risks and Countermeasures
5.6 Data Protection in the Cloud
5.7 Cloud Security as a Service
5.8 Recommended Reading
5.9 Key Terms, Review Questions, and Problems
Chapter 6 Transport-Level Security
6.1 Web Security Considerations
6.2 Secure Sockets Layer (SSL)
6.3 Transport Layer Security (TLS)
6.4 HTTPS
6.5 Secure Shell (SSH)
6.6 Recommended Reading
6.7 Key Terms, Review Questions, and Problems
Chapter 7 Wireless Network Security
7.1 Wireless Security
7.2 Mobile Device Security
7.3 IEEE 802.11 Wireless LAN Overview
7.4 IEEE 802.11 i Wireless LAN Security
7.5 Recommended Reading
7.6 Key Terms, Review Questions, and Problems
Chapter 8 Electronic Mail Security
8.1 Pretty Good Privacy (PGP)
8.2 S/MIME
8.3 DomainKeys Identified Mail (DKIM)
8.4 Recommended Reading
8.5 Key Terms, Review Questions, and Problems
Chapter 9 IP Security
9.1 IP Security Overview
9.2 IP Security Policy
9.3 Encapsulating Security Payload
9.4 Combining Security Associations
9.5 Internet Key Exchange
9.6 Cryptographic Suites
9.7 Recommended Reading
9.8 Key Terms, Review Questions, and Problems
PART THREE SYSTEM SECURITY
Chapter 10 Malicious Software
10.1 Types of Malicious Software (Malware)
10.2 Propagation--Infected Content--Viruses
10.3 Propagation--Vulnerability Exploit--Worms
10.4 Propagation--Social Engineering--SPAM E-mail, Trojans
10.5 Payload--System Corruption
10.6 Payload--Attack Agent--Zombie, Bots
10.7 Payload--Information Theft--Keyloggers, Phishing, Spyware
10.8 Payload--Stealthing--Backdoors, Rootkits
10.9 Countermeasures
10.10 Distributed Denial of Service Attacks
10.11 Recommended Reading
10.12 Key Terms, Review Questions, and Problems
Chapter 11 Intruders
11.1 Intruders
11.2 Intrusion Detection
11.3 Password Management
11.4 Recommended Reading
11.5 Key Terms, Review Questions, and Problems
Chapter 12 Firewalls
12.1 The Need for Firewalls
12.2 Firewall Characteristics
12.3 Types of Firewalls
12.4 Firewall Basing
12.5 Firewall Location and Configurations
12.6 Recommended Reading
12.7 Key Terms,