Network Security Essentials Applications and Standards William Stallings Download PDF Chapter

Network security essentials:
applications and standards William

Stallings
Visit to download the full and correct content document:
https://ebookmass.com/product/network-security-essentials-applications-and-standar
ds-william-stallings/
Global Global
edition edition
For these Global Editions, the editorial team at Pearson has
Network Security Essentials

collaborated with educators across the world to address a
Applications and Standards

wide range of subjects and requirements, equipping students
with the best possible learning tools. This Global Edition
preserves the cutting-edge approach and pedagogy of the
original, but also features alterations, customization, and
adaptation from the North American version.
Network Security
Essentials
edition
sixth
Stallings
This is a special edition of an established
title widely used by colleges and universities sixth edition
throughout the world. Pearson published this
exclusive edition for the benefit of students
outside the United States and Canada. If you
William Stallings
purchased this book within the United States
edition
GLOBal
or Canada, you should be aware that it has

been imported without the approval of the
Publisher or Author.
Pearson Global Edition
Stallings_06_1292154853_Final.indd 1 07/09/16 7:47 PM

Network Security
Essentials:
Sixth Edition
Global Edition
William Stallings
Harlow, England • London • New York • Boston • San Francisco • Toronto • Sydney • Dubai • Singapore • Hong Kong
Tokyo • Seoul • Taipei • New Delhi • Cape Town • Sao Paulo • Mexico City • Madrid • Amsterdam • Munich • Paris • Milan
A01_STAL4855_06_GE_FM.indd 1 9/8/16 9:01 PM

Vice President and Editorial Director, ECS: Senior Manufacturing Controller, Production, Global
Marcia J. Horton Edition: Trudy Kimber
Executive Editor: Tracy Johnson (Dunkelberger) R&P Manager: Rachel Youdelman
Editorial Assistant: Kristy Alaura R&P Senior Project Manager: William Opaluch
Program Manager: Carole Snyder Senior Operations Specialist: Maura Zaldivar-Garcia
Project Manager: Robert Engelhardt Inventory Manager: Meredith Maresca
Media Team Lead: Steve Wright Marketing Manager: Demetrius Hall
Acquisitions Editor, Global Edition: Sourabh Product Marketing Manager: Bram Van Kempen
Maheshwari Marketing Assistant: Jon Bryant
Assistant Project Editor, Global Edition: Shaoni Cover Designer: Marta Samsel
Mukherjee Cover Art: Africa Studio
Manager, Media Production, Global Edition: Vikram Full-Service Project Management: Chandrasekar
Kumar Subramanian, SPi Global
Credits and acknowledgments borrowed from other sources and reproduced, with permission, in this textbook
appears on page 448.
Pearson Education Limited

Edinburgh Gate
Harlow
Essex CM20 2JE
England
and Associated Companies throughout the world
Visit us on the World Wide Web at:

www.pearsonglobaleditions.com
© Pearson Education Limited 2017
The right of William Stallings to be identified as the author of this work has been asserted by him in accordance
with the Copyright, Designs and Patents Act 1988.
Authorized adaptation from the United States edition, entitled Network Security Essentials: Applications and
Standards, 6th Edition, ISBN 978-0-134-52733-8, by William Stallings published by Pearson Education © 2017.
All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted in
any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without either the prior
written permission of the publisher or a license permitting restricted copying in the United Kingdom issued by the
Copyright Licensing Agency Ltd, Saffron House, 6–10 Kirby Street, London EC1N 8TS.
All trademarks used herein are the property of their respective owners. The use of any trademark in this text does
not vest in the author or publisher any trademark ownership rights in such trademarks, nor does the use of such
trademarks imply any affiliation with or endorsement of this book by such owners.
British Library Cataloguing-in-Publication Data
A catalogue record for this book is available from the British Library
10 9 8 7 6 5 4 3 2 1
ISBN 10: 1-292-15485-3

ISBN 13: 978-1-292-15485-5
Typeset by SPi Global

Printed and bound in Malaysia.

For Tricia never
dull never boring
the smartest
and bravest
person I know

This page intentionally left blank

Contents
Preface 10
About the Author 16
Chapter 1 Introduction 17
1.1 Computer Security Concepts 20
1.2 The OSI Security Architecture 24
1.3 Security Attacks 25
1.4 Security Services 27
1.5 Security Mechanisms 31
1.6 Fundamental Security Design Principles 32
1.7 Attack Surfaces and Attack Trees 36
1.8 A Model for Network Security 39
1.9 Standards 42
1.10 Key Terms, Review Questions, and Problems 42
Part One: Cryptography 45

Chapter 2 Symmetric Encryption and Message Confidentiality 45
2.1 Symmetric Encryption Principles 46
2.2 Symmetric Block Encryption Algorithms 52
2.3 Random and Pseudorandom Numbers 59
2.4 Stream Ciphers and RC4 63
2.5 Cipher Block Modes of Operation 68
Chapter 3 Public-Key Cryptography and Message Authentication 78
3.1 Approaches to Message Authentication 79
3.2 Secure Hash Functions 84
3.3 Message Authentication Codes 91
3.4 Public-Key Cryptography Principles 96
3.5 Public-Key Cryptography Algorithms 100
3.6 Digital Signatures 109
Part Two: Network Security Applications 119

Chapter 4 Key Distribution and User Authentication 119
4.1 Remote User Authentication Principles 120
4.2 Symmetric Key Distribution Using Symmetric Encryption 123
4.3 Kerberos 124
4.4 Key Distribution Using Asymmetric Encryption 137
4.5 X.509 Certificates 139
4.6 Public-Key Infrastructure 146

6 Contents
4.7 Federated Identity Management 149
Chapter 5 Network Access Control and Cloud Security 160
5.1 Network Access Control 161
5.2 Extensible Authentication Protocol 164
5.3 IEEE 802.1X Port-Based Network Access Control 168
5.4 Cloud Computing 170
5.5 Cloud Security Risks and Countermeasures 176
5.6 Data Protection in the Cloud 178
5.7 Cloud Security as a Service 182
5.8 Addressing Cloud Computing Security Concerns 185
Chapter 6 Transport-Level Security 187
6.1 Web Security Considerations 188
6.2 Transport Layer Security 190
6.3 HTTPS 207
6.4 Secure Shell (SSH) 208
Chapter 7 Wireless Network Security 222
7.1 Wireless Security 223
7.2 Mobile Device Security 226
7.3 IEEE 802.11 Wireless LAN Overview 230
7.4 IEEE 802.11i Wireless LAN Security 236
Chapter 8 Electronic Mail Security 253
8.1 Internet Mail Architecture 254
8.2 E-mail Formats 258
8.3 E-mail Threats and Comprehensive E-mail Security 266
8.4 S/MIME 268
8.5 Pretty Good Privacy 279
8.6 DNSSEC 280
8.7 DNS-Based Authentication of Named Entities 285
8.8 Sender Policy Framework 286
8.9 DomainKeys Identified Mail 289
8.10 Domain-Based Message Authentication, Reporting, and Conformance 295
Chapter 9 IP Security 302
9.1 IP Security Overview 303
9.2 IP Security Policy 309
9.3 Encapsulating Security Payload 314
9.4 Combining Security Associations 322
9.5 Internet Key Exchange 325
9.6 Cryptographic Suites 333

Contents 7
Part Three: System Security 337
Chapter 10 Malicious Software 337
10.1 Types of Malicious Software (Malware) 338
10.2 Advanced Persistent Threat 341
10.3 Propagation—Infected Content—Viruses 342
10.4 Propagation—Vulnerability Exploit—Worms 347
10.5 Propagation—Social Engineering—Spam E-mail, Trojans 353
10.6 Payload—System Corruption 355
10.7 Payload—Attack Agent—Zombie, Bots 356
10.8 Payload—Information Theft—Keyloggers, Phishing, Spyware 357
10.9 Payload—Stealthing—Backdoors, Rootkits 359
10.10 Countermeasures 360
10.11 Distributed Denial of Service Attacks 367
Chapter 11 Intruders 375
11.1 Intruders 376
11.2 Intrusion Detection 381
11.3 Password Management 396
Chapter 12 Firewalls 410
12.1 The Need for Firewalls 411
12.2 Firewall Characteristics and Access Policy 412
12.3 Types of Firewalls 414
12.4 Firewall Basing 420
12.5 Firewall Location and Configurations 423
Appendices 432
Appendix A Some Aspects of Number Theory 432
A.1 Prime and Relatively Prime Numbers 433
A.2 Modular Arithmetic 435
Appendix B Projects for Teaching Network Security 437
B.1 Research Projects 438
B.2 Hacking Project 439
B.3 Programming Projects 439
B.4 Laboratory Exercises 440
B.5 Practical Security Assessments 440
B.6 Firewall Projects 440
B.7 Case Studies 441
B.8 Writing Assignments 441
B.9 Reading/Report Assignments 441
References 442
Credits 448
Index 450

8 Contents
Online Chapters and Appendices1
Chapter 13 Network Management Security

13.1 Basic Concepts of SNMP
13.2 SNMPv1 Community Facility
13.3 SNMPv3
13.4 Recommended Reading
13.5 Key Terms, Review Questions, and Problems
Part FIVE: Legal And Ethical Issues

Chapter 14 Legal and Ethical Issues
14.1 Cybercrime and Computer Crime
14.2 Intellectual Property
14.3 Privacy
14.4 Ethical Issues
14.5 Recommended Reading
14.6 References
14.A Information Privacy
Chapter 15 SHA-3
15.1 The Origins of SHA-3
15.2 Evaluation Criteria for SHA-3
15.3 The Sponge Construction
15.4 The SHA-3 Iteration Function f
15.5 Recommended Reading and Referencess
Appendix C Standards and Standards-Setting Organizations

C.1 The Importance of Standards
C.2 Internet Standards and the Internet Society
C.3 The National Institute of Standards and Technology
C.4 The International Telecommunication Union
C.5 The International Organization for Standardization
C.6 Significant Security Standards and Documents
Appendix D TCP/IP and OSI
D.1 Protocols and Protocol Architectures
D.2 The TCP/IP Protocol Architecture
D.3 The Role of an Internet Protocol
D.4 IPv4
D.5 IPv6
D.6 The OSI Protocol Architecture
1
Online chapters, appendices, and other documents are at the Companion Website, available via the
access code on the inside front cover of this book.

Contents 9
Appendix E Pseudorandom Number Generation
E.1 Prng Requirements
E.2 Pseudorandom Number Generation Using a Block Cipher
E.3 Pseudorandom Number Generation Using Hash Functions and MACs
Appendix F Kerberos Encryption Techniques

F.1 Password-To-Key Transformation
F.2 Propagating Cipher Block Chaining Mode
Appendix G Data Compression Using ZIP

G.1 Compression Algorithm
G.2 Decompression Algorithm
Appendix H PGP
H.1 Notation
H.2 Operational Description
H.3 Cryptographic Keys and Key Rings
H.4 Public-Key Management
H.5 Pgp Random Number Generation
Appendix I The International Reference Alphabet
Appendix J The Base-Rate Fallacy

J.1 Conditional Probability and Independence
J.2 Bayes’ Theorem
J.3 The Base-Rate Fallacy Demonstrated
J.4 References
Appendix K Radix-64 Conversion

Preface
In this age of universal electronic connectivity, of viruses and hackers, of electronic eaves-
dropping and electronic fraud, there is indeed no time at which security does not matter. Two
trends have come together to make the topic of this book of vital interest. First, the explosive
growth in computer systems and their interconnections via networks has increased the de-
pendence of both organizations and individuals on the information stored and communicat-
ed using these systems. This, in turn, has led to a heightened awareness of the need to protect
data and resources from disclosure, to guarantee the authenticity of data and messages, and
to protect systems from network-based attacks. Second, the disciplines of cryptography and
network security have matured, leading to the development of practical, readily available
applications to enforce network security.
What’s New In The SIXTH Edition
In the four years since the fifth edition of this book was published, the field has seen contin-
ued innovations and improvements. In this new edition, I try to capture these changes while
maintaining a broad and comprehensive coverage of the entire field. To begin this process of
revision, the fifth edition of this book was extensively reviewed by a number of professors
who teach the subject and by professionals working in the field. The result is that, in many
places, the narrative has been clarified and tightened, and illustrations have been improved.
Beyond these refinements to improve pedagogy and user-friendliness, there have been
substantive changes throughout the book. Roughly the same chapter organization has been
retained, but much of the material has been revised and new material has been added. The
most noteworthy changes are as follows:
■■ Fundamental security design principles: Chapter 1 includes a new section discussing the
security design principles listed as fundamental by the National Centers of Academic
Excellence in Information Assurance/Cyber Defense, which is jointly sponsored by the
U.S. National Security Agency and the U.S. Department of Homeland Security.
■■ Attack surfaces and attack trees: Chapter 1 includes a new section describing these two
concepts, which are useful in evaluating and classifying security threats.
■■ Practical use of RSA: Chapter 3 expands the discussion of RSA encryption and RSA
digital signatures to show how padding and other techniques are used to provide prac-
tical security using RSA.
■■ User authentication model: Chapter 4 includes a new description of a general model
for user authentication, which helps to unify the discussion of the various approaches
to user authentication.
■■ Cloud security: The material on cloud security in Chapter 5 has been updated and
expanded to reflect its importance and recent developments.
■■ Transport Layer Security (TLS): The treatment of TLS in Chapter 6 has been updated,
reorganized to improve clarity, and now includes a discussion of the new TLS version 1.3.
10

Preface 11
■■ E-mail Security: Chapter 8 has been completely rewritten to provide a comprehensive
and up-to-date discussion of e-mail security. It includes:
—— New: discussion of e-mail threats and a comprehensive approach to e-mail security.
—— New: discussion of STARTTLS, which provides confidentiality and authentication
for SMTP.
—— Revised: treatment of S/MIME has been substantially expanded and updated to
reflect the latest version 3.2.
—— New: discussion of DNSSEC and its role in supporting e-mail security.
—— New: discussion of DNS-based Authentication of Named Entities (DANE) and the
use of this approach to enhance security for certificate use in SMTP and S/MIME.
—— New: discussion of Sender Policy Framework (SPF), which is the standardized way
for a sending domain to identify and assert the mail senders for a given domain.
—— Revised: discussion of DomainKeys Identified Mail (DKIM) has been revised.
—— New: discussion of Domain-based Message Authentication, Reporting, and Confor-
mance (DMARC), allows e-mail senders to specify policy on how their mail should
be handled, the types of reports that receivers can send back, and the frequency
those reports should be sent.
Objectives
It is the purpose of this book to provide a practical survey of network security applications
and standards. The emphasis is on applications that are widely used on the Internet and for
corporate networks, and on standards (especially Internet standards) that have been widely
deployed.
Support Of ACM/IEEE Computer Science Curricula 2013
The book is intended for both academic and professional audiences. As a textbook, it is
intended as a one-semester undergraduate course in cryptography and network security for
computer science, computer engineering, and electrical engineering majors. The changes
to this edition are intended to provide support of the current draft version of the ACM/
IEEE Computer Science Curricula 2013 (CS2013). CS2013 adds Information Assurance
and Security (IAS) to the curriculum recommendation as one of the Knowledge Areas in
the Computer Science Body of Knowledge. The document states that IAS is now part of the
curriculum recommendation because of the critical role of IAS in computer science educa-
tion. CS2013 divides all course work into three categories: Core-Tier 1 (all topics should be
included in the curriculum), Core-Tier-2 (all or almost all topics should be included), and
elective (desirable to provide breadth and depth). In the IAS area, CS2013 recommends
topics in Fundamental Concepts and Network Security in Tier 1 and Tier 2, and Cryptog-
raphy topics as elective. This text covers virtually all of the topics listed by CS2013 in these
three categories.
The book also serves as a basic reference volume and is suitable for self-study.

12 Preface
Plan Of The Text
The book is organized in three parts:

■■ Part One. Cryptography: A concise survey of the cryptographic algorithms and pro-
tocols underlying network security applications, including encryption, hash functions,
message authentication, and digital signatures.
■■ Part Two. Network Security Applications: Covers important network security tools
and applications, including key distribution, Kerberos, X.509v3 certificates, Extensible
Authentication Protocol, S/MIME, IP Security, SSL/TLS, IEEE 802.11i WiFi security,
and cloud security.
■■ Part Three. System Security: Looks at system-level security issues, including the threat
of and countermeasures for malicious software and intruders, and the use of firewalls.
The book includes a number of pedagogic features, including the use of numerous fig-
ures and tables to clarify the discussions. Each chapter includes a list of key words, review
questions, homework problems, and suggestions for further reading. The book also includes
an extensive glossary, a list of frequently used acronyms, and a list of references. In addition,
a test bank is available to instructors.
Instructor Support Materials
The major goal of this text is to make it as effective a teaching tool for this exciting and fast-
moving subject as possible. This goal is reflected both in the structure of the book and in the
supporting material. The following supplementary materials that will aid the instructor ac-
company the text:
■■ Solutions manual: Solutions to all end-of-chapter Review Questions and Problems.
■■ Projects manual: Suggested project assignments for all of the project categories listed
below.
■■ PowerPoint slides: A set of slides covering all chapters, suitable for use in lecturing.
■■ PDF files: Reproductions of all figures and tables from the book.
■■ Test bank: A chapter-by-chapter set of questions with a separate file of answers.
■■ Sample syllabi: The text contains more material than can be conveniently covered in
one semester. Accordingly, instructors are provided with several sample syllabi that
guide the use of the text within limited time. These samples are based on real-world
experience by professors who used the fourth edition.
All of these support materials are available at the Instructor Resource C enter
(IRC) for this textbook, which can be reached through the Publisher’s Website
www.pearsonglobaleditions.com/stallings. To gain access to the IRC, please contact your
local Pearson sales representative.

Preface 13
Projects And Other Student Exercises
For many instructors, an important component of a network security course is a project or

set of projects by which the student gets hands-on experience to reinforce concepts from the
text. This book provides an unparalleled degree of support, including a projects component
in the course. The IRC includes not only guidance on how to assign and structure the projects,
but also a set of project assignments that covers a broad range of topics from the text:
■■ Hacking project: This exercise is designed to illuminate the key issues in intrusion
detection and prevention.
■■ Lab exercises: A series of projects that involve programming and experimenting with
concepts from the book.
■■ Research projects: A series of research assignments that instruct the student to research
a particular topic on the Internet and write a report.
■■ Programming projects: A series of programming projects that cover a broad range of
topics and that can be implemented in any suitable language on any platform.
■■ Practical security assessments: A set of exercises to examine current infrastructure and
practices of an existing organization.
■■ Firewall projects: A portable network firewall visualization simulator is provided, to-
gether with exercises for teaching the fundamentals of firewalls.
■■ Case studies: A set of real-world case studies, including learning objectives, case de-
scription, and a series of case discussion questions.
■■ Writing assignments: A set of suggested writing assignments, organized by chapter.
■■ Reading/report assignments: A list of papers in the literature—one for each chapter—
that can be assigned for the student to read and then write a short report.
This diverse set of projects and other student exercises enables the instructor to use the
book as one component in a rich and varied learning experience and to tailor a course plan to
meet the specific needs of the instructor and students. See Appendix B in this book for details.
Online CONTENT For Students
For this new edition, a tremendous amount of original supporting material for students has
been made available online.

14 Preface
Purchasing this textbook new also grants the reader one year of access to the
Companion Website, which includes the following materials:
■■ Online chapters: To limit the size and cost of the book, three chapters of the book are
provided in PDF format. This includes a chapter on SHA-3, a chapter on SNMP security,
and one on legal and ethical issues. The chapters are listed in this book’s table of contents.
■■ Online appendices: There are numerous interesting topics that support material found
in the text but whose inclusion is not warranted in the printed text. A number of online
appendices cover these topics for the interested student. The appendices are listed in
this book’s table of contents.
■■ Homework problems and solutions: To aid the student in understanding the material,
a separate set of homework problems with solutions are available. These enable the
students to test their understanding of the text.
■■ Key papers: A number of papers from the professional literature, many hard to find,
are provided for further reading.
■■ Supporting documents: A variety of other useful documents are referenced in the text
and provided online.
To access the Companion Website, click on the Premium Content link at the Com-
panion Website or at pearsonglobaleditions.com/stallings and enter the student access code
found on the card in the front of the book.
Relationship To Cryptography And Network Security
This book is adapted from Cryptography and Network Security, Seventh Edition, Global
Edition (CNS7eGE). CNS7eGE provides a substantial treatment of cryptography, key man-
agement, and user authentication, including detailed analysis of algorithms and a significant
mathematical component, all of which covers nearly 500 pages. Network Security Essentials:
Applications and Standards, Sixth Edition, Global Edition (NSE6eGE), provides instead
a concise overview of these topics in Chapters 2 through 4. NSE6eGE includes all of the
remaining material of CNS7eGE. NSE6eGE also covers SNMP security, which is not cov-
ered in CNS7eGE. Thus, NSE6eGE is intended for college courses and professional readers
whose interest is primarily in the application of network security and who do not need or
desire to delve deeply into cryptographic theory and principles.
Acknowledgments
This new edition has benefited from review by a number of people who gave generously of
their time and expertise. The following professors reviewed the manuscript: Jim Helm (Ari-
zona State University, Ira A. Fulton College of Engineering, Information Technology), Ali
Saman Tosun (University of Texas at San Antonio, Computer Science Department), Haibo
Wang (DIBTS, Texas A&M International University), Xunhua Wang (James Madison Uni-
versity, Department of Computer Science), Robert Kayl (University of Maryland University
College), Scott Anderson (Southern Adventist University, School of Computing), and Jona-
than Katz (University of Maryland, Department of Computer Science).

Preface 15
Thanks also to the people who provided detailed technical reviews of one or more
chapters: Kashif Aftab, Alan Cantrell, Rajiv Dasmohapatra, Edip Demirbilek, Dan Dieterle,
Gerardo Iglesias Galvan, Michel Garcia, David Gueguen, Anasuya Threse Innocent, Dennis
Kavanagh, Duncan Keir, Robert Knox, Bo Lin, Kousik Nandy, Nickolay Olshevsky, Massi-
miliano Sembiante, Oscar So, and Varun Tewari.
Nikhil Bhargava (IIT Delhi) developed the set of online homework problems and
solutions. Professor Sreekanth Malladi of Dakota State University developed the hacking
exercises. Sanjay Rao and Ruben Torres of Purdue developed the laboratory exercises that
appear in the IRC.
The following people contributed project assignments that appear in the instructor’s
supplement: Henning Schulzrinne (Columbia University), Cetin Kaya Koc (Oregon State
University), and David Balenson (Trusted Information Systems and George Washington
University). Kim McLaughlin developed the test bank.
Finally, I thank the many people responsible for the publication of this text, all of whom
did their usual excellent job. This includes the staff at Pearson, particularly my editor Tracy
Johnson, program manager Carole Snyder, and production manager Bob Engelhardt. Thanks
also to the marketing and sales staffs at Pearson, without whose efforts this text would not
be in front of you.
ACKNOWLEDGEMENTS FOR THE GLOBAL EDITION
The publishers would like to thank the following for contributing to and reviewing the
Global Edition: A. Kannammal (Coimbatore Institute of Technology), Somitra Sanadhya
(IIIT Delhi), Atul Kahate (Symbiosis University and Pune University), Anwitaman Datta
(NTU Singapore), and Khyat Sharma.

About the Author
Dr. William Stallings has authored 18 titles, and counting revised editions, over 40 books
on computer security, computer networking, and computer architecture. His writings have
appeared in numerous publications, including the Proceedings of the IEEE, ACM Computing
Reviews, and Cryptologia.
He has 13 times received the award for the best Computer Science textbook of the year
from the Text and Academic Authors Association.
In over 30 years in the field, he has been a technical contributor, technical manager,
and an executive with several high-technology firms. He has designed and implemented both
TCP/IP-based and OSI-based protocol suites on a variety of computers and operating sys-
tems, ranging from microcomputers to mainframes. As a consultant, he has advised govern-
ment agencies, computer and software vendors, and major users on the design, selection, and
use of networking software and products.
He created and maintains the Computer Science Student Resource Site at Computer-
ScienceStudent.com. This site provides documents and links on a variety of subjects of gener-
al interest to computer science students (and professionals). He is a member of the editorial
board of Cryptologia, a scholarly journal devoted to all aspects of cryptology.
Dr. Stallings holds a Ph.D. from MIT in Computer Science and a B.S. from Notre Dame
in electrical engineering.
16

Chapter
Introduction
1.1 Computer Security Concepts
A Definition of Computer Security
Examples
The Challenges of Computer Security
1.2 The OSI Security Architecture
1.3 Security Attacks
Passive Attacks
Active Attacks
1.4 Security Services
Authentication
Access Control
Data Confidentiality
Data Integrity
Nonrepudiation
Availability Service
1.5 Security Mechanisms
1.6 Fundamental Security Design Principles
1.7 Attack Surfaces and Attack Trees
Attack Surfaces
Attack Trees
1.8 A Model for Network Security
1.9 Standards
17
M01_STAL4855_06_GE_C01.indd 17 8/11/16 8:31 AM

18 chapter 1 / Introduction
Learning Objectives
After studying this chapter, you should be able to:
◆◆ Describe the key security requirements of confidentiality, integrity, and
availability.
◆◆ Describe the X.800 security architecture for OSI.
◆◆ Discuss the types of security threats and attacks that must be dealt with
and give examples of the types of threats and attacks that apply to d
ifferent
categories of computer and network assets.
◆◆ Explain the fundamental security design principles.
◆◆ Discuss the use of attack surfaces and attack trees.
◆◆ List and briefly describe key organizations involved in cryptography
standards.
The requirements of information security within an organization have undergone two

major changes in the last several decades. Before the widespread use of data process-
ing equipment, the security of information felt to be valuable to an organization was
provided primarily by physical and administrative means. An example of the former
is the use of rugged filing cabinets with a combination lock for storing sensitive docu-
ments. An example of the latter is personnel screening procedures used during the
hiring process.
With the introduction of the computer, the need for automated tools for pro-
tecting files and other information stored on the computer became evident. This
is especially the case for a shared system, such as a time-sharing system, and the
need is even more acute for systems that can be accessed over a public telephone
network, data network, or the Internet. The generic name for the collection of tools
designed to protect data and to thwart hackers is computer security.
The second major change that affected security is the introduction of distrib-
uted systems and the use of networks and communications facilities for carrying
data between terminal user and computer and between computer and computer.
Network security measures are needed to protect data during their transmission. In
fact, the term network security is somewhat misleading, because virtually all busi-
ness, government, and academic organizations interconnect their data processing
equipment with a collection of interconnected networks. Such a collection is often
referred to as an internet,1 and the term internet security is used.
1
We use the term internet with a lowercase “i” to refer to any interconnected collection of network.
A corporate intranet is an example of an internet. The Internet with a capital “I” may be one of the facili-
ties used by an organization to construct its internet.
M01_STAL4855_06_GE_C01.indd 18 8/11/16 8:31 AM

chapter 1 / Introduction 19
There are no clear boundaries between these two forms of security. For ex-
ample, a computer virus may be introduced into a system physically when it arrives
on a flash drive or an optical disk and is subsequently loaded onto a computer.
Viruses may also arrive over an internet. In either case, once the virus is resident
on a computer system, internal computer security tools are needed to detect and
recover from the virus.
This book focuses on internet security, which consists of measures to deter,
prevent, detect, and correct security violations that involve the transmission of
information. That is a broad statement that covers a host of possibilities. To give
you a feel for the areas covered in this book, consider the following examples of
security violations:
1. User A transmits a file to user B. The file contains sensitive information (e.g.,
payroll records) that is to be protected from disclosure. User C, who is not
authorized to read the file, is able to monitor the transmission and capture a
copy of the file during its transmission.
2. A network manager, D, transmits a message to a computer, E, under its man-
agement. The message instructs computer E to update an authorization file
to include the identities of a number of new users who are to be given access
to that computer. User F intercepts the message, alters its contents to add or
delete entries, and then forwards the message to E, which accepts the message
as coming from manager D and updates its authorization file accordingly.
3. Rather than intercept a message, user F constructs its own message with
the desired entries and transmits that message to E as if it had come from
manager D. Computer E accepts the message as coming from manager D and
updates its authorization file accordingly.
4. An employee is fired without warning. The personnel manager sends a mes-
sage to a server system to invalidate the employee’s account. When the invali-
dation is accomplished, the server is to post a notice to the employee’s file as
confirmation of the action. The employee is able to intercept the message and
delay it long enough to make a final access to the server to retrieve sensitive
information. The message is then forwarded, the action taken, and the confir-
mation posted. The employee’s action may go unnoticed for some consider-
able time.
5. A message is sent from a customer to a stockbroker with instructions for vari-
ous transactions. Subsequently, the investments lose value and the customer
denies sending the message.
Although this list by no means exhausts the possible types of security violations, it
illustrates the range of concerns of network security.
This chapter provides a general overview of the subject matter that struc-
tures the material in the remainder of the book. We begin with a general discussion
of network security services and mechanisms and of the types of attacks they are
designed for. Then we develop a general overall model within which the security
services and mechanisms can be viewed.
M01_STAL4855_06_GE_C01.indd 19 8/11/16 8:31 AM

1.1 Computer Security Concepts
A Definition of Computer Security

The NIST Computer Security Handbook [NIST95] defines the term computer
security as
Computer Security: The protection afforded to an automated information sys-

tem in order to attain the applicable objectives of preserving the integrity, avail-
ability, and confidentiality of information system resources (includes hardware,
software, firmware, information/data, and telecommunications).
This definition introduces three key objectives that are at the heart of
computer security.
■■ Confidentiality: This term covers two related concepts:
Data2 confidentiality: Assures that private or confidential information is
not made available or disclosed to unauthorized individuals.
Privacy: Assures that individuals control or influence what information
related to them may be collected and stored and by whom and to whom
that information may be disclosed.
■■ Integrity: This term covers two related concepts:
Data integrity: Assures that data (both stored and in transmitted packets)
and programs are changed only in a specified and authorized manner.
System integrity: Assures that a system performs its intended function in
an unimpaired manner, free from deliberate or inadvertent unauthorized
manipulation of the system.
■■ Availability: Assures that systems work promptly and service is not denied to
authorized users.
These three concepts form what is often referred to as the CIA triad. The
three concepts embody the fundamental security objectives for both data and for
information and computing services. For example, the NIST Standards for Security
Categorization of Federal Information and Information Systems (FIPS 199) lists
confidentiality, integrity, and availability as the three security objectives for infor-
mation and for information systems. FIPS 199 provides a useful characterization of
these three objectives in terms of requirements and the definition of a loss of secu-
rity in each category.
■■ Confidentiality: Preserving authorized restrictions on information access and
disclosure, including means for protecting personal privacy and proprietary in-
formation. A loss of confidentiality is the unauthorized disclosure of information.
2
RFC 4949 defines information as “facts and ideas, which can be represented (encoded) as various forms
of data,” and data as “information in a specific physical representation, usually a sequence of symbols
that have meaning; especially a representation of information that can be processed or produced by a
computer.” Security literature typically does not make much of a distinction, nor does this book.
M01_STAL4855_06_GE_C01.indd 20 8/11/16 8:31 AM

1.1 / Computer Security Concepts 21
■■ Integrity: Guarding against improper information modification or destruction,
including ensuring information nonrepudiation and authenticity. A loss of in-
tegrity is the unauthorized modification or destruction of information.
■■ Availability: Ensuring timely and reliable access to and use of information.
A loss of availability is the disruption of access to or use of information or an
information system.
Although the use of the CIA triad to define security objectives is well estab-
lished, some in the security field feel that additional concepts are needed to present
a complete picture (Figure 1.1). Two of the most commonly mentioned are
■■ Authenticity: The property of being genuine and being able to be verified and
trusted; confidence in the validity of a transmission, a message, or message
originator. This means verifying that users are who they say they are and that
each input arriving at the system came from a trusted source.
■■ Accountability: The security goal that generates the requirement for actions
of an entity to be traced uniquely to that entity. This supports nonrepudiation,
deterrence, fault isolation, intrusion detection and prevention, and after-action
recovery and legal action. Because truly secure systems are not yet an achiev-
able goal, we must be able to trace a security breach to a responsible party.
Systems must keep records of their activities to permit later forensic analysis
to trace security breaches or to aid in transaction disputes.
Examples
We now provide some examples of applications that illustrate the requirements just
enumerated.3 For these examples, we use three levels of impact on organizations or
individuals should there be a breach of security (i.e., a loss of confidentiality, integ-
rity, or availability). These levels are defined in FIPS 199:
■■ Low: The loss could be expected to have a limited adverse effect on organiza-
tional operations, organizational assets, or individuals. A limited adverse effect
means that, for example, the loss of confidentiality, integrity, or availability might
y
lit
ntia In
de teg
nfi rit
Co y
Data
Acco
and
unta
services
ty
ntici
bilit
e
y
Auth
Availability
Figure 1.1 Essential Network and Computer

Security Requirements
3
These examples are taken from a security policy document published by the Information Technology
Security and Privacy Office at Purdue University.
M01_STAL4855_06_GE_C01.indd 21 8/11/16 8:32 AM

(i) cause a degradation in mission capability to an extent and duration that the
organization is able to perform its primary functions, but the effectiveness of the
functions is noticeably reduced; (ii) result in minor damage to organizational
assets; (iii) result in minor financial loss; or (iv) result in minor harm to individuals.
■■ Moderate: The loss could be expected to have a serious adverse effect on orga-
nizational operations, organizational assets, or individuals. A serious adverse
effect means that, for example, the loss might (i) cause a significant degrada-
tion in mission capability to an extent and duration that the organization is
able to perform its primary functions, but the effectiveness of the functions is
significantly reduced; (ii) result in significant damage to organizational assets;
(iii) result in significant financial loss; or (iv) result in s ignificant harm to indi-
viduals that does not involve loss of life or serious, life-threatening injuries.
■■ High: The loss could be expected to have a severe or catastrophic adverse effect
on organizational operations, organizational assets, or individuals. A severe or
catastrophic adverse effect means that, for example, the loss might (i) cause
a severe degradation in or loss of mission capability to an extent and dura-
tion that the organization is not able to perform one or more of its primary
functions; (ii) result in major damage to organizational assets; (iii) result in
major financial loss; or (iv) result in severe or catastrophic harm to individuals
involving loss of life or serious, life-threatening injuries.
Confidentiality Student grade information is an asset whose confidentiality is

considered to be highly important by students. In the United States, the release of
such information is regulated by the Family Educational Rights and Privacy Act
(FERPA). Grade information should only be available to students, their parents,
and employees that require the information to do their job. Student enrollment
information may have a moderate confidentiality rating. While still covered by
FERPA, this information is seen by more people on a daily basis, is less likely to be
targeted than grade information, and results in less damage if disclosed. Directory
information (such as lists of students, faculty, or departmental lists) may be assigned
a low confidentiality rating or indeed no rating. This information is typically freely
available to the public and published on a school’s Web site.
Integrity Several aspects of integrity are illustrated by the example of a hospital

patient’s allergy information stored in a database. The doctor should be able to
trust that the information is correct and current. Now suppose that an employee
(e.g., a nurse) who is authorized to view and update this information deliberately
falsifies the data to cause harm to the hospital. The database needs to be restored
to a trusted basis quickly, and it should be possible to trace the error back to the
person responsible. Patient allergy information is an example of an asset with a high
requirement for integrity. Inaccurate information could result in serious harm or
death to a patient and expose the hospital to massive liability.
An example of an asset that may be assigned a moderate level of integrity
requirement is a Web site that offers a forum to registered users to discuss some
specific topic. Either a registered user or a hacker could falsify some entries or
deface the Web site. If the forum exists only for the enjoyment of the users, brings
in little or no advertising revenue, and is not used for something important such
M01_STAL4855_06_GE_C01.indd 22 8/11/16 8:32 AM

1.1 / Computer Security Concepts 23
as research, then potential damage is not severe. The Web master may experience
some data, financial, and time loss.
An example of a low-integrity requirement is an anonymous online poll. Many
Web sites, such as news organizations, offer these polls to their users with very few
safeguards. However, the inaccuracy and unscientific nature of such polls are well
understood.
Availability The more critical a component or service, the higher is the level of
availability required. Consider a system that provides authentication services for
critical systems, applications, and devices. An interruption of service results in the
inability for customers to access computing resources and for the staff to access the
resources they need to perform critical tasks. The loss of the service translates into
a large financial loss due to lost employee productivity and potential customer loss.
An example of an asset that typically would be rated as having a moderate
availability requirement is a public Web site for a university; the Web site provides
information for current and prospective students and donors. Such a site is not a
critical component of the university’s information system, but its unavailability will
cause some embarrassment.
An online telephone directory lookup application would be classified as a low-
availability requirement. Although the temporary loss of the application may be
an annoyance, there are other ways to access the information, such as a hardcopy
directory or the operator.
The Challenges of Computer Security

Computer and network security is both fascinating and complex. Some of the reasons
include:
1. Security is not as simple as it might first appear to the novice. The require-
ments seem to be straightforward; indeed, most of the major requirements for
security services can be given self-explanatory, one-word labels: confidential-
ity, authentication, nonrepudiation, and integrity. But the mechanisms used to
meet those requirements can be quite complex, and understanding them may
involve rather subtle reasoning.
2. In developing a particular security mechanism or algorithm, one must always
consider potential attacks on those security features. In many cases, successful
attacks are designed by looking at the problem in a completely different way,
therefore exploiting an unexpected weakness in the mechanism.
3. Because of point 2, the procedures used to provide particular services are
often counterintuitive. Typically, a security mechanism is complex, and it is not
obvious from the statement of a particular requirement that such elaborate
measures are needed. It is only when the various aspects of the threat are con-
sidered that elaborate security mechanisms make sense.
4. Having designed various security mechanisms, it is necessary to decide where
to use them. This is true both in terms of physical placement (e.g., at what points
in a network are certain security mechanisms needed) and in a logical sense
[e.g., at what layer or layers of an architecture such as TCP/IP (Transmission
Control Protocol/Internet Protocol) should mechanisms be placed].
M01_STAL4855_06_GE_C01.indd 23 8/11/16 8:32 AM

5. Security mechanisms typically involve more than a particular algorithm or pro-
tocol. They also require that participants be in possession of some secret infor-
mation (e.g., an encryption key), which raises questions about the creation,
distribution, and protection of that secret information. There also may be a reli-
ance on communications protocols whose behavior may complicate the task of
developing the security mechanism. For example, if the proper functioning of
the security mechanism requires setting time limits on the transit time of a
message from sender to receiver, then any protocol or network that introduces
variable, unpredictable delays may render such time limits meaningless.
6. Computer and network security is essentially a battle of wits between a per-
petrator who tries to find holes and the designer or administrator who tries to
close them. The great advantage that the attacker has is that he or she need
only find a single weakness, while the designer must find and eliminate all
weaknesses to achieve perfect security.
7. There is a natural tendency on the part of users and system managers to
perceive little benefit from security investment until a security failure occurs.
8. Security requires regular, even constant, monitoring, and this is difficult in
today’s short-term, overloaded environment.
9. Security is still too often an afterthought to be incorporated into a system after
the design is complete rather than being an integral part of the design process.
10. Many users (and even security administrators) view strong security as an
impediment to efficient and user-friendly operation of an information system
or use of information.
The difficulties just enumerated will be encountered in numerous ways as we
examine the various security threats and mechanisms throughout this book.
1.2 The Osi Security Architecture
To assess effectively the security needs of an organization and to evaluate and

choose various security products and policies, the manager responsible for com-
puter and network security needs some systematic way of defining the requirements
for security and characterizing the approaches to satisfying those requirements.
This is difficult enough in a centralized data processing environment; with the use of
local and wide area networks, the problems are compounded.
ITU-T4 Recommendation X.800, Security Architecture for OSI, defines such a
systematic approach.5 The OSI security architecture is useful to managers as a way
of organizing the task of providing security. Furthermore, because this architecture
4
The International Telecommunication Union (ITU) Telecommunication Standardization Sector (ITU-T)
is a United Nations-sponsored agency that develops standards, called Recommendations, relating to
telecommunications and to open systems interconnection (OSI).
5
The OSI security architecture was developed in the context of the OSI protocol architecture, which is
described in Appendix D. However, for our purposes in this chapter, an understanding of the OSI proto-
col architecture is not required.
M01_STAL4855_06_GE_C01.indd 24 8/11/16 8:32 AM

1.3 / Security Attacks 25
Table 1.1 Threats and Attacks (RFC 4949)
Threat
A potential for violation of security, which exists when there is a circumstance, capability, action,
or event that could breach security and cause harm. That is, a threat is a possible danger that might
exploit a vulnerability.
Attack
An assault on system security that derives from an intelligent threat. That is, an intelligent act that
is a deliberate attempt (especially in the sense of a method or technique) to evade security services
and violate the security policy of a system.
was developed as an international standard, computer and communications vendors

have developed security features for their products and services that relate to this
structured definition of services and mechanisms.
For our purposes, the OSI security architecture provides a useful, if abstract, over-
view of many of the concepts that this book deals with. The OSI security architecture
focuses on security attacks, mechanisms, and services. These can be defined briefly as
■■ Security attack: Any action that compromises the security of information
owned by an organization.
■■ Security mechanism: A process (or a device incorporating such a process) that
is designed to detect, prevent, or recover from a security attack.
■■ Security service: A processing or communication service that enhances the
security of the data processing systems and the information transfers of an
organization. The services are intended to counter security attacks, and they
make use of one or more security mechanisms to provide the service.
In the literature, the terms threat and attack are commonly used to mean more
or less the same thing. Table 1.1 provides definitions taken from RFC 4949, Internet
Security Glossary.
1.3 Security Attacks
A useful means of classifying security attacks, used both in X.800 and RFC 4949, is
in terms of passive attacks and active attacks. A passive attack attempts to learn or
make use of information from the system but does not affect system resources. An
active attack attempts to alter system resources or affect their operation.
Passive Attacks
Passive attacks (Figure 1.2a) are in the nature of eavesdropping on, or monitoring
of, transmissions. The goal of the opponent is to obtain information that is being
transmitted. Two types of passive attacks are the release of message contents and
traffic analysis.
The release of message contents is easily understood. A telephone conver-
sation, an electronic mail message, and a transferred file may contain sensitive or
confidential information. We would like to prevent an opponent from learning the
contents of these transmissions.
M01_STAL4855_06_GE_C01.indd 25 8/11/16 8:32 AM

Darth
Internet or
other comms facility
Bob Alice
(a) Passive attacks
Darth
1 2
3
Internet or
other comms facility
Bob Alice
(b) Active attacks
Figure 1.2 Security Attacks
A second type of passive attack, traffic analysis, is subtler. Suppose that we

had a way of masking the contents of messages or other information traffic so that
opponents, even if they captured the message, could not extract the information
from the message. The common technique for masking contents is encryption. If we
had encryption protection in place, an opponent still might be able to observe the
pattern of these messages. The opponent could determine the location and identity
of communicating hosts and could observe the frequency and length of messages
being exchanged. This information might be useful in guessing the nature of the
communication that was taking place.
Passive attacks are very difficult to detect, because they do not involve any
alteration of the data. Typically, the message traffic is sent and received in an
M01_STAL4855_06_GE_C01.indd 26 8/11/16 8:32 AM

1.4 / Security Services 27
apparently normal fashion, and neither the sender nor the receiver is aware that
a third party has read the messages or observed the traffic pattern. However, it is
feasible to prevent the success of these attacks, usually by means of encryption.
Thus, the emphasis in dealing with passive attacks is on prevention rather than
detection.
Active Attacks
Active attacks (Figure 1.2b) involve some modification of the data stream or the
creation of a false stream and can be subdivided into four categories: masquerade,
replay, modification of messages, and denial of service.
A masquerade takes place when one entity pretends to be a different entity
(path 2 of Figure 1.2b is active). A masquerade attack usually includes one of the
other forms of active attack. For example, authentication sequences can be captured
and replayed after a valid authentication sequence has taken place, thus enabling an
authorized entity with few privileges to obtain extra privileges by impersonating an
entity that has those privileges.
Replay involves the passive capture of a data unit and its subsequent retrans-
mission to produce an unauthorized effect (paths 1, 2, and 3 active).
Modification of messages simply means that some portion of a legitimate mes-
sage is altered, or that messages are delayed or reordered, to produce an unauthor-
ized effect (paths 1 and 2 active). For example, a message meaning “Allow John
Smith to read confidential file accounts” is modified to mean “Allow Fred Brown
to read confidential file accounts.”
The denial of service prevents or inhibits the normal use or management of
communications facilities (path 3 active). This attack may have a specific target; for
example, an entity may suppress all messages directed to a particular destination
(e.g., the security audit service). Another form of service denial is the disruption of
an entire network—either by disabling the network or by overloading it with mes-
sages so as to degrade performance.
Active attacks present the opposite characteristics of passive attacks. Whereas
passive attacks are difficult to detect, measures are available to prevent their success.
On the other hand, it is quite difficult to prevent active attacks absolutely because
of the wide variety of potential physical, software, and network vulnerabilities.
Instead, the goal is to detect active attacks and to recover from any disruption or
delays caused by them. If the detection has a deterrent effect, it also may contribute
to prevention.
1.4 Security Services
X.800 defines a security service as a service that is provided by a protocol layer of

communicating open systems and that ensures adequate security of the systems or
of data transfers. Perhaps a clearer definition is found in RFC 4949, which provides
the following definition: A processing or communication service that is provided by
M01_STAL4855_06_GE_C01.indd 27 8/11/16 8:32 AM

Table 1.2 Security Services (X.800)
Authentication Data Integrity
The assurance that the communicating entity is the The assurance that data received are exactly
one that it claims to be. as sent by an authorized entity (i.e., contain no
modification, insertion, deletion, or replay).
Peer Entity Authentication
Used in association with a logical connection to Connection Integrity with Recovery
provide confidence in the identity of the entities Provides for the integrity of all user data on a
connected. connection and detects any modification, insertion,
deletion, or replay of any data within an entire data
Data-Origin Authentication sequence, with recovery attempted.
In a connectionless transfer, provides assurance that
the source of received data is as claimed. Connection Integrity without Recovery
As above, but provides only detection without
Access Control recovery.
The prevention of unauthorized use of a resource
Selective-Field Connection Integrity
(i.e., this service controls who can have access to a
Provides for the integrity of selected fields within the
resource, under what conditions access can occur,
user data of a data block transferred over a connec-
and what those accessing the resource are allowed
tion and takes the form of determination of whether
to do).
the selected fields have been modified, inserted,
Data Confidentiality deleted, or replayed.
The protection of data from unauthorized Connectionless Integrity

disclosure. Provides for the integrity of a single connectionless
data block and may take the form of detection of
Connection Confidentiality data modification. Additionally, a limited form of
The protection of all user data on a connection. replay detection may be provided.
Connectionless Confidentiality Selective-Field Connectionless Integrity
The protection of all user data in a single data block. Provides for the integrity of selected fields within a
Selective-Field Confidentiality single connectionless data block; takes the form of
The confidentiality of selected fields within the user determination of whether the selected fields have
data on a connection or in a single data block. been modified.
Traffic-Flow Confidentiality Nonrepudiation

The protection of the information that might be Provides protection against denial by one of the
derived from observation of traffic flows. entities involved in a communication of having
participated in all or part of the communication.
Nonrepudiation, Origin
Proof that the message was sent by the specified
party.
Nonrepudiation, Destination
Proof that the message was received by the specified
party.
a system to give a specific kind of protection to system resources; security services

implement security policies and are implemented by security mechanisms.
X.800 divides these services into five categories and fourteen specific services
(Table 1.2). We look at each category in turn.6
6
There is no universal agreement about many of the terms used in the security literature. For example, the
term integrity is sometimes used to refer to all aspects of information security. The term authentication is
sometimes used to refer both to verification of identity and to the various functions listed under integrity
in this chapter. Our usage here agrees with both X.800 and RFC 4949.
M01_STAL4855_06_GE_C01.indd 28 8/11/16 8:32 AM

Another random document with
no related content on Scribd:
The old man left the place accordingly, and Arthur, seizing the
opportunity, retired to one corner with Edith, where the nature of
their conversation could be only guessed from the animated looks
and gestures of the affectionate pair.
The stranger in the meantime strode up and down the place,
regardless of the affrighted servants, singing to himself—
“O whaur will I get a bonny boy,
That will win hose and shoon;
That will rin to Lord Barnard’s yett,
And bid his ladye come?”
“What say you, my little man?” he continued, addressing a boy of

twelve or thirteen years, who sat before the fire, sharing, with a
shaggy collie, the contents of an ample cog, altogether unheeding the
agitation which reigned around him; “will you run to Wemyss Castle
with a message to Sir David?”
“I’ the noo!” said the boy, looking up with an air expressive of the
sense of the unparalleled oppression proposed in interrupting him
during the sacred ceremony of supper.
The stranger laughed, and drawing from his bosom the purse we
have so often spoken of, he displayed a Jacobus, and offered it to the
boy. “Na, I’ll no gang for the yellow bawbee,” said the urchin; “but if
ye’ll gie me the braw whittle, I’ll rin.” The stranger immediately put
into his hand the dagger he coveted, and drawing him aside,
conveyed to him in whispers the message he was to deliver.
Walter Colville now re-entered, and informed them that he had
reconnoitred the Egyptians, who, including women and children,
seemed to amount to above a hundred.
“Could I but get this younker beyond their clutches,” said the
stranger, “a short half hour would disperse them like the leaves in
autumn.”
Colville stared at this avowal, but was silent. The conviction of
Arthur, that the speaker was not what he seemed, now seized on his
mind also, but it appeared to inspire him with no pleasant feeling; on
the contrary, anxiety deepened on his countenance the more and
more he gazed on the handsome features of his guest, and the wild
shouts of the Egyptians, which he had previously heard with
comparative indifference, now evidently inspired him with the
deepest terror.
It was agreed at length that the boy should make the attempt. To
get him out of the house, without endangering the inmates, was
comparatively easy, as the Egyptians as yet stood at some distance
from the door. Once out, they had only his own ready wit and speed
of foot to trust to. While Colville and Arthur therefore undid with due
caution the massive bars and bolts which protected the oaken door,
the stranger, anxious to witness the success of his messenger,
ascended to the upper storey, and stood at the open casement. He
was immediately observed by the Egyptians, who set up a yell of
savage impatience at the sight, the men brandishing their weapons,
and the women waving their arms, as if threatening vengeance
against him.
Their attention was now, however, directed from him to the
youthful messenger, who approached towards them undauntedly.
They went forward to meet him.
“The master sent me to see what ye’re a’ here for,” said the boy.
“Tell him,” said one of the Egyptians harshly, “we are come to
demand the two strangers who have just entered his dwelling. Let
him give them to our vengeance, and we will depart peaceably—not a
feather or a rag of his shall be scathed by us.”
“And what if he shouldna just agree to this?” said the boy, edging
towards the west, covering the manœuvre, as if retiring towards the
house.
“If he refuse us, woe unto him. We will leave him neither corn nor
cattle, kith nor kin; burn his house with fire, and his own red blood
shall lapper on his cold hearth-stone.”
“Haith, carle, you maun tell him that yoursel,” said the boy, as with
one wild bound he sprung from the group, and, with the speed of a
grayhound, made for the wood.
There was a cry of disappointment burst forth from the Egyptians
as they perceived his intention, and many set out in pursuit. The
chase was viewed with deep interest by the inmates of the house—for
Colville, Edith, and Arthur Winton had now joined the stranger. The
wood was not far distant; the boy was famous for his swiftness of
foot; and they could see that his pursuers were falling fast behind. To
their dismay, however, they perceived at length that there was a
powerful dog among the number, who continued the chase after all
his human competitors had abandoned it in despair. He gained fast
upon the boy. “He is lost!” said Edith, piteously; “that villanous dog
will tear him to pieces.” But the event belied the maiden’s fear. Just
as the ferocious animal seemed about to seize him, the boy was seen
to turn upon his pursuer. The dog gave a loud howl, and fell to the
ground, and the stranger could perceive his own dagger gleaming in
the stripling’s hand, as he waved it in triumph o’er his head ere he
disappeared among the trees.
“I could stake an earldom,” said the stranger exultingly, “on that
boy’s proving a noble soldier! By the soul of Bruce, he can both fight
and flee.”
Colville’s terror, as he listened to these words, fairly mastered the
composure which he had hitherto affected. He took off his bonnet,
and bending lowly to the stranger, said in a tremulous voice—
“In Heaven’s name, say, oh! say, sir, you are not the king!”
“Even so, good Walter, James of Scotland stands before you. Are
you sorry to see me? By Saint Andrew, I had hoped I should be
welcome to every honest house,—ay, and every honest heart, in my
dominions.”
Walter had dropped on his knee as the truth, which he had for
some time suspected, was confirmed to him, and, looking up to his
royal guest, while tears stood in his eyes—“Welcome, my noble
prince; what is it of Walter Colville’s, from the bodle in his purse to
the last drop of his heart’s blood, that the king’s not welcome to? I
and mine, my liege, have fought, and bled, and died for the royal
house. But to see your grace here in peril, surrounded by so many
villains, and this old arm alone left to assist you! Oh! for the six braw
fellows that I have seen prancing on yonder lea,—they would have
cleared a way for your highness through them all!”
“Never fear for me, Walter Colville; I am not doomed to fall by a
brawl of this kind, or in mine own land;—so runs the rede.”
The king now turned round, and perceived Arthur and Edith, who
had retired to a little distance. When they saw they were observed,
they advanced and would have kneeled; but the prince prevented
this. He took them both by the hand, and imprinted on the lips of
Edith a kiss, savouring as much of warm affection as of kingly
courtesy.
Their attention was now directed to the operations of the
Egyptians. They perceived, with some surprise, that a considerable
number of them left the rest, and made for the wood, and that those
who remained ceased the yelling manifestations of sorrow and
revenge which had so affrighted Edith.
“They are meditating a retreat, methinks,” said the king.
“I fear, my liege,” said Colville, “they are rather planning some
mode of successful assault;” and the return of the Egyptians too soon
verified the apprehension. They bore with them the trunk of a fallen
tree, and the besieged at once saw the use for which this powerful
engine was intended.
“My door can never withstand the shock of a ram like this,” cried
Walter; “they will force a passage, and out and alas! your highness
will be murdered—murdered in the house of Balmeny!”
James was proverbially brave, but it cannot be denied that he
looked a little grave as he perceived the ponderous engine borne
along, which in all probability would, in a few minutes, lay open the
passage to a band of miscreants thirsting for his blood, and against
whose rage the bravery of himself and his friends seemed a poor
defence.
“Let the worst come to the worst,” said he at length, “we three will
make good this staircase for a stricken hour at least; before then the
rescue must arrive.”
The king, Colville, and Arthur now sought the floor below; Edith,
with the serving-maidens, being stationed above, to be, in case of the
Egyptians forcing an entry, still within the defence of the stair.
The door was of massive oak, studded with iron nails, and
supported by three iron bolts of considerable thickness. An
additional defence was now added in the shape of planks placed
diagonally under these bolts, and for a few moments the besieged
imagined it might withstand the efforts of the assailants. But a few
strokes of the tree soon showed the fallacy of this hope. The door
shook under the first blow, and ere a score had been given, the
yielding hinges showed that the Egyptians had well calculated the
force of their instrument.
“It must be cold steel that saves us after all,” said the king,
retreating to the staircase.
“Oh, that I and all my kin were stark dead on this floor, and your
highness safe on Falkland green!” exclaimed Colville, wringing his
wrinkled hands, and following.
They had scarcely gained their intended position at the upper
landing of the staircase, when, yielding to a desperate stroke, the
door flew open, and the infuriated Egyptians, shouting, made their
way to the interior. Not finding those they sought below, they next
proceeded to ascend the stair. This, however, was an ascent fatal to
all who attempted it. Corpse after corpse fell backward among the
enraged ruffians under the blows of the king and Arthur, until no one
could be found daring enough to attempt the passage.
“Let us smeek them in their hive,” at length cried a hoarse voice,
“and so let them either roast or come forth.”
A shout of approbation followed this advice, and, while a chosen
few remained to guard the stair, the remainder roamed about the
house collecting together everything which could assist their
diabolical design.
The king’s heart, and that of his brave companions, sunk as they
heard this resistless plan of destruction proposed and set about. It
was for a moment only, however, for suddenly they heard the clear
sweet voice of Edith exclaiming, “We are saved, we are saved! yonder
comes the Lord of Wemyss and his gallant followers!” and
immediately after the maiden herself appeared to reiterate the
tidings.
“Are you sure of what you say, Edith?” asked the king eagerly.
“How do the horsemen ride?”
“As if their coursers were winged,” replied Edith, “all of them; but
one who backs a gray steed of surpassing power, is far before the
rest, and ever and anon turns round, as if upbraidingly, to his
followers.”
“My trusty David!” exclaimed the king, with emotion, “well wert
thou worthy of the gallant gray!”
There was now heard a peculiar shout from among the Egyptians
without, which was rightly interpreted as a signal of retreat; for it
was immediately followed by the evacuation of the house; and so
speedy and simultaneous was their flight, that the king could only
perceive the latest of the tribe as they made for the wood, leaving to
Wemyss and his companions a deserted field and an open entrance.
“Thanks, David, for this timely rescue,” said the king, as the knight
bended the knee before him. “By my crown, the spurs were well
bestowed on one who can so fairly use them!”
James, followed by Sir David, Walter, Arthur, and the rest, now led
the way to the upper chamber where the immoderate joy and
hospitality of the old man displayed itself in the most substantial
form. When they had caroused for some time, the king, turning to
Colville, said,—
“Mine host, did I hear rightly when you said there was nothing
beneath this roof-tree to which I was not welcome?”
“Your highness heard rightly.”
“Give me then this fair maiden. We kings, you know, seldom
choose the least valuable of our subjects’ chattels.”
“Your grace may command me,” said Colville, though somewhat
hesitatingly, for he saw the turn which things were taking.
“And you too, sweet Edith?” said the king, again saluting the
blushing girl; and then, without waiting for an answer, continued,
“that you may all know, my lieges, that we accept your benevolences
merely for your own benefits, I give away this treasure, tempting as it
is, to one who has well deserved the favour at our hand. Take her,
Arthur, and confess that I have found a way to repay the debt I owed
you. Receive his hand, fair maiden, and if it will add anything to its
value in your eyes, know that it has this day saved a king’s life.”
The old man’s sentiments in regard to Arthur Winton had been
undergoing a change imperceptible even to himself, from the
moment he had perceived him the companion and probable
favourite of the king; but the revolution was completed when he was
made acquainted with the particulars of his interference in the royal
behalf,—a merit which in his eyes would have outweighed a thousand
faults in his intended son-in-law.
King James shortly afterwards left the house of Balmeny amid the
blessings of its inmates; and to close our tale, we have only to add,
that the gift of the monarch was shortly after confirmed at the altar,
where Edith became the happy bride of Arthur Winton; and that the
royal gratitude flowed freely on the wedded pair, as any who chooses
to pursue the time-worn records of the Great Seal may satisfy
himself.
HELEN WATERS:
A TRADITIONARY TALE OF THE ORKNEYS.
By John Malcolm.
The lost, the castaway on desert isles,
Or rocks of ocean, where no human aid
Can reach them more.
The mountains of Hoy, the highest of the Orkney Islands, rise

abruptly out of the ocean to an elevation of fifteen hundred feet, and
terminate on one side in a cliff, sheer and stupendous, as if the
mountain had been cut down through the middle, and the severed
portion of it buried in the sea. Immediately on the landward side of
this precipice lies a soft green valley, embosomed among huge black
cliffs, where the sound of the human voice, or the report of a gun, is
reverberated among the rocks, where it gradually dies away into faint
and fainter echoes.
The hills are intersected by deep and dreary glens, where the hum
of the world is never heard, and the only voices of life are the bleat of
the lamb and the shriek of the eagle;—even the sounds of inanimate
nature are of the most doleful kind. The breeze wafts not on its wings
the whisper of the woodland; for there are no trees in the island, and
the roar of the torrent-stream and the sea’s eternal moan for ever
sadden these solitudes of the world.
The ascent of the mountains is in some parts almost
perpendicular, and in all exceedingly steep; but the admirer of nature
in her grandest and most striking aspects will be amply compensated
for his toil, upon reaching their summits, by the magnificent
prospect which they afford. Towards the north and east, the vast
expanse of ocean, and the islands, with their dark heath-clad hills,
their green vales, and gigantic cliffs, expand below as far as the eye
can reach. The view towards the south is bounded by the lofty
mountains of Scarabin and Morven, and by the wild hills of
Strathnaver and Cape Wrath, stretching towards the west. In the
direction of the latter, and far away in mid-ocean, may be seen,
during clear weather, a barren rock, called Sule Skerry, which
superstition in former days had peopled with mermaids and
monsters of the deep. This solitary spot had been long known to the
Orcadians as the haunt of seafowl and seals, and was the scene of
their frequent shooting excursions, though such perilous adventures
have been long since abandoned. It is associated in my mind with a
wild tale, which I have heard in my youth, though I am uncertain
whether or not the circumstances which it narrates are yet in the
memory of living men.
On the opposite side of the mountainous island of which I speak,
and divided from it by a frith of several miles in breadth, lie the flat
serpentine shores of the principal island or mainland, where, upon a
gentle slope, at a short distance from the sea-beach, may still be
traced the site of a cottage, once the dwelling of a humble couple of
the name of Waters, belonging to that class of small proprietors
which forms the connecting link betwixt the gentry and the
peasantry.
Their only child Helen, at the time to which my narrative refers,
was just budding into womanhood; and though uninitiated into what
would now be considered the indispensable requisites of female
education, was yet not altogether unaccomplished for the simple
times in which she lived; and, though a child of nature, had a grace
beyond the reach of art, untaught and unteachable. There was a
softness and delicacy in her whole demeanour, never looked for and
seldom found in the humble sphere of life to which she belonged. Yet
her beauty did not startle or surprise, but stole over the heart almost
insensibly, like the gentle fall of the summer evenings of her own
native isles, and, like that, produced in the beholder an emotion
almost allied to sadness.
Such a being was not likely to be appreciated by the rude and
commonplace minds by whom she was surrounded, and with whom
a rosy cheek and a laughing eye constitute the beau-ideal of woman;
but she awakened a world of romance in one young heart, with which
her own gentle bosom shared the feelings she inspired.
Henry Graham, the lover of Helen Waters, was the son of a small
proprietor in the neighbourhood; and being of the same humble rank
with herself, and, though not rich, removed from poverty, their views
were undisturbed by the dotage of avarice or the fears of want, and
the smiles of approving friends seemed to await their approaching
union.
The days of courtship were drawing towards a close, and the
period of their marriage was at last condescended upon by the bride.
Among the middling and lower classes of society in the Orkneys, it is
customary for the bridegroom to invite the wedding-guests in
person; for which purpose, a few days previous to the marriage,
young Graham, accompanied by his friend, took a boat and
proceeded to the island of Hoy, to request the attendance of a family
residing there; which done, on the following day they joined a party
of young men upon a shooting excursion to Rackwick, a village
romantically situated on the opposite side of the island. They left the
house of their friends on a bright, calm, autumnal morning, and
began to traverse the wild and savage glens which intersect the hills,
where their progress might be guessed at by the reports of their guns,
which gradually became faint and fainter among the mountains, and
at last died away altogether in the distance.
That night and the following day passed, and they did not return to
the house of their friends; but the weather being extremely fine, it
was supposed they had extended their excursion to the opposite
coast of Caithness, or to some of the neighbouring islands, so that
their absence created no alarm whatever.
The same conjectures also quieted the anxieties of the bride, until
the morning previous to that of the marriage, when her alarm could
no longer be suppressed. A boat was manned in all haste, and
dispatched to Hoy in quest of them, but did not return during that
day nor the succeeding night.
The morning of the wedding-day dawned at last, bright and
beautiful, but still no intelligence arrived of the bridegroom and his
party; and the hope which lingered to the last, that they would still
make their appearance in time, had prevented the invitations from
being postponed, so that the marriage party began to assemble about
mid-day.
While the friends were all in amazement, and the bride in a most
pitiable state, a boat was seen crossing from Hoy, and hope once
more began to revive; but, upon landing her passengers, they turned
out to be the members of the family invited from that island, whose
surprise at finding how matters stood was equal to that of the other
friends.
Meantime all parties united in their endeavours to cheer the poor
bride; for which purpose it was agreed that the company should
remain, and that the festivities should go on,—an arrangement to
which the guests the more willingly consented, from a lingering hope
that the absentees would still make their appearance, and partly with
a view to divert in some measure the intense and painful attention of
the bride from the untoward circumstance; while she, on the other
hand, from feelings of hospitality, exerted herself, though with a
heavy heart, to make her guests as comfortable as possible; and, by
the very endeavour to put on an appearance of tranquillity, acquired
so much of the reality as to prevent her from sinking altogether
under the weight of her fears.
Meantime the day advanced, the festivities went on, and the glass
began to circulate so freely, that the absence of the principal actor of
the scene was so far forgotten, that at length the music struck up, and
dancing commenced with all the animation which that exercise
inspires among the natives of Scotland.
Things were going on in this way, when, towards night, and during
one of the pauses of the dance, a loud rap was heard at the door, and
a gleam of hope was seen to lighten every face, when there entered,
not the bridegroom and his party, but a wandering lunatic, named
Annie Fae, well known and not a little feared in all that country-side.
Her garments were little else than a collection of fantastic and party-
coloured rags, bound close around her waist with a girdle of straw,
and her head had no other covering than the dark tangled locks that
hung, snake-like, over her wild and weather-beaten face, from which
peered forth her small, deep-sunk eyes, gleaming with the baleful
light of insanity.
Before the surprise and dismay excited by her sudden and
unwelcome appearance had subsided, she addressed the company in
the following wild and incoherent manner:—
“Hech, sirs, but here’s a merry meeting indeed,—a fine company,
by my faith; plenty o’ gude meat and drink here, and nae expense
spared! Aweel, it’s no a’ lost neither; this blithe bridal will mak a
braw burial, and the same feast will do for baith. But what’s the folk
a’ glowering at? I’se warrant now ye’re cursing Annie Fae for spoiling
your sport. But ye ken I maun just say my say, and that being done,
I’ll no detain you langer, but jog on my journey; only I wad just hint,
that, for decency’s sake, ye suld stop that fine fiddling and dancing;
for ye may weel believe that thae kind o’ things gie nae great pleasure
to the dead!”
Having thus delivered herself, she made a low curtsey, and
brushed out of the house, leaving the company in that state of painful
excitement which, in such circumstances, even the ravings of a poor
deranged wanderer could not fail to produce.
In this state we, too, will leave them for the present, and proceed
with the party who set off on the preceding day in search of the
bridegroom and his friends. The latter were traced to Rackwick; but
there no intelligence could be gained, except that, some days
previous, a boat, having on board several sportsmen, had been seen
putting off from the shore, and sailing away in the direction of Sule
Skerry.
The weather continuing fine, the searching party hired a large
boat, and proceeded to that remote and solitary rock, upon which, as
they neared it, they could discover nothing, except swarms of seals,
which immediately began to flounder towards the water-edge. Upon
landing, a large flock of sea-fowl arose from the centre of the rock
with a deafening scream; and upon approaching the spot, they
beheld, with dumb amazement and horror, the dead bodies of the
party of whom they had come in search, but so mangled and
disfigured by the seals and sea-fowl, that they could barely be
recognised.
It appeared that these unfortunates, upon landing, had forgot their
guns in the boat, which had slipt from her fastenings, and left them
upon the rock, where they had at last perished of cold and hunger.
Fancy can but feebly conceive, and still less can words describe,
the feelings with which the lost men must have beheld their bark
drifting away over the face of the waters, and found themselves
abandoned in the vast solitude of the ocean. Their sensations must
have resembled his who wakens in the grave from a death-like
trance, to find himself buried alive!
With what agony must they have gazed upon the distant sails,
gliding away over the deep, but keeping far aloof from the rock of
desolation, and have heard the shrieks which they sent over the
flood, in the vain hope of their reaching some distant ship, mocked
by the doleful scream of the sea-fowl! How must their horrors have
been aggravated by the far-off view of their native hills, lifting their
lonely peaks above the wave, and awakening the dreadful
consciousness that they were still within the grasp of humanity, yet
no arm stretched forth to save them; while the sun was riding high in
the heavens, and the sea basking in his beams below, and nature
looking with reckless smiles upon their dying agonies!
As soon as the stupor of horror and amazement had subsided, the
party placed the dead bodies in their boat, and, crowding all sail,
stood for the Orkneys. They landed at night upon the beach,
immediately below the house where the wedding guests were
assembled; and there, while they were debating in what manner to
proceed, were overheard by the insane wanderer, the result of whose
visit has already been described.
She had scarcely left the house, when a low sound of voices was
heard approaching. An exclamation of joy broke from the bride. She
rushed out of the house with outstretched arms to embrace her lover,
and the next moment, with a fearful shriek, fell upon his corpse!
With that shriek reason and memory passed away for ever. She was
carried to bed delirious, and died towards morning. The bridal was
changed into a burial, and Helen Waters and her lover slept in the
same grave!
LEGEND OF THE LARGE MOUTH.
By Robert Chambers, LL.D.
“Here’s a large mouth indeed!”

Shakspeare—King John.
Arriving one evening at an inn in Glasgow, I was shown into a

room which already contained a promiscuous assemblage of
travellers. Amongst these gentlemen—commercial gentlemen chiefly
—there was one whose features struck me as being the most ill-
favoured I had ever beheld. He was a large, pursy old man, with a
forehead “villanous low,” hair like bell-ropes, eyes the smallest and
most porkish of all possible eyes, and a nose which showed no more
prominence in a side-view than that of the moon, as exhibited in her
first quarter upon a freemason’s apron. All these monstrosities were,
however, as beauties, as absolute perfections, compared with the
mouth—the enormous mouth, which, grinning beneath, formed a
sort of rustic basement to the whole superstructure of his facial
horrors. This mouth—if mouth it could be called, which bore so little
resemblance to the mouths of mankind in general—turned full upon
me as I entered, and happening at the moment to be employed in a
yawn, actually seemed as if it would have willingly received me into
its prodigious crater, and consigned me to the fate of Empedocles,
without so much as a shoe being left to tell the tale.
The company of a traveller’s room is generally very stiff, every man
sitting by his own table in his own corner, with his back turned upon
the rest. It was not so, however, on the present occasion. The most of
the present company seemed to have been so long together in the
hotel as to have become very gracious with each other; while any
recent comers, finding themselves plumped into a society already
thawed and commingled, had naturally entered into the spirit of the
rest. Soon discovering how matters stood, I joined in the
conversation, and speedily found that the man with the large mouth
was one of the most polite and agreeable of mankind. He was one of
those old, experienced gentlemen of the road, who know everything
that is necessary to be known, and are never at a loss about anything.
His jokes, his anecdotes, his remarks, were all excellent, and kept the
rest bound, as it were, in a chain. The best of him was, that he
seemed quite at ease on the subject of his mouth.
No doubt he was conscious of his preternatural ugliness—for
whatever may be said about the blinding effect of self-love, and so
forth, I hold that the most of people know pretty nearly how they
stand as to personal attractions; but he had none of that boggling,
unsteady, uncomplacent deportment, so remarkable in the generality
of ill-looking people. On the contrary, there was an air of perfect self-
satisfaction about him, which told that he either was so familiar with
the dreadful fact as to mind it not, or that he was a thorough man of
the world, above considering so trivial a particular, or that he was
rich, and could afford to be detested. It was curious, however, that
even while he almost convulsed the rest with his jokes, he never
laughed in the least himself. He evidently dared not; the guffaw of
such a man must have produced consequences not to be calmly
contemplated. Part, indeed, of the humorous effect of his
conversation arose from the cautious way in which he managed his
mouth. A small aperture at one side, bearing the same proportion to
the whole that the wicket of a carriage-gate does to the whole gate
itself, served for the emission of his words. Anything else would have
been a mere waste of lip.
On my ordering refreshment, I was informed by the company, that
in consideration of this being the anniversary of a distinguished
historical event, they had agreed to sup together in a rather more
formal way than usual, and that they would be happy if I would join
them. Having assented to the proposal, I began to reflect with some
anxiety upon the probable conduct of the Mouth at table. How so
extraordinary a feature would behave, what it would ask for, after
what manner it would masticate, and, above all, how much it would
devour, were to me subjects of the most interesting speculation. The
wicket won’t do there (thought I to myself), or I’m much mistaken.
Yet again,—so ran my thoughts,—many large men have been known
to eat very little, while your true devourers are found to be lean,
shrivelled creatures, who do not seem to be ever the better of it. “A
large mouth,” says the Scottish proverb, “has always a good luck for
its meat.” That may be, thought I, and yet the large mouth may be
quite indifferent to what it is so sure of getting. All kinds of ideas
connected with this subject ran through my mind; but in the end I
found it all a riddle. The Mouth might prove either gluttonous or
abstemious, without exciting more surprise by the one event than by
the other.
By-and-by some one asked a waiter if supper was nearly ready, and
on an answer in the affirmative being given, I observed the Mouth
suddenly bustle up, and assume an air of eager promptitude that
almost seemed to decide the question. The man rose, and, going to a
corner of the room where his greatcoat was hanging, brought forth a
small package, which he proceeded to untie at a side-table. The only
article it contained was a spoon, which he immediately brought
forward and laid upon the table, accompanying the action with an air
that might have befitted a surgeon in arranging his instruments for
an operation. I had no longer any doubt as to the gastronomical
character of the Mouth, for here was an article that might have
served in the nursery of Glumdalclitch. It was an antique silver
implement, with a short handle, and a rim about four inches in
diameter, like an ordinary saucer. Observing the curiosity of the
company to be strongly excited, the old man showed it round with
good-natured politeness, telling us that he had been so long
accustomed at home to the use of this goodly article, that he could
now hardly discuss either soup or dessert without it, and therefore
made a point of carrying it along with him in his travels.
“But, indeed, gentlemen,” said he, “why should I make this a
matter of delicacy with you? The truth is, the spoon has a history,
and my mouth—none of the least, you see—has also a history. If you
feel any curiosity upon these points, I will give you a biographical
account of the one, and an autobiographical account of the other, to
amuse you till supper is ready.”
To this frank proposal we all cordially agreed, and the old man,
sitting down with the spoon in his hand, commenced a narrative
which I shall here give in the third person.
His mouth was the chieftain and representative of a long ancestral
line of illustrious and most extensive mouths, which had flourished
for centuries at a place called Tullibody. According to tradition, the
mouth came into the family by marriage. An ancestor of the speaker
wooed, and was about to wed, a lady of great personal attractions,
but no fortune, when his father interfered, and induced him, by the
threat of disinheritation on the one hand, and the temptation of great
wealth on the other, to marry another dame, the heiress of a large
fortune and large mouth, both bequeathed to her by her grandfather,
one of the celebrated “kail-suppers of Fife.” When his resolution was
communicated to the tocherless lady, she was naturally very much
enraged, and wished that the mouth of her rival might descend, in all
its latitude, to the latest generation of her faithless swain’s posterity;
after which she took her bed—and married another lover, her
second-best, next week, by way of revenge.
The country people, who pay great attention to the sayings of
ladies condemned to wear the willow, waited anxiously for the
fulfilment of her malediction, and accordingly shook their heads and
had their own thoughts, when the kail-supper’s descendant brought
forth a son whose mouth, even in his swaddling-clothes, reflected
back credit on her own. The triumph of the ill-wisher was considered
complete, when the second, the third, and all the other children,
were found to be distinguished by this feature; and what gave the
triumph still more poignancy was, that the daughters were found to
be no more exempted than the sons from the family doom. In the
second generation, moreover, instead of being softened or diluted
away, the mouth rather increased, and so it had done in every
successive generation since that time. The race having been very
prolific, it was now spread so much that there was scarcely a face in
Tullibody or the neighbourhood altogether free of the contagion; so
that the person addressing us, who had his permanent residence
there, could look round him upon several hundreds of kindred
mouths, with all the patriarchal feelings of the chief of a large
Highland clan.
If there had been any disposition in the family to treat their fate ill-
humouredly, it would have been neutralised by the luck which
evidently accompanied the introduction and transmission of this
singular feature. So far, however, from entertaining any grudge or
regret upon the subject, it had been the habit of the family to treat it
as a capital joke, and to be always the first to laugh at it themselves.
So much was this the case, that a wealthy representative of the
family, about a century ago, founded, not an hospital or a school, but
a spoon, which should be handed down from mouth to mouth as a
practical and traditionary jest upon the family feature, and, though
not entailed, be regarded, he hoped, as a thing never to be parted
with for any consideration, unless fate should capriciously contract
the mouths of his descendants to such a degree as to render its use
inconvenient. This elegant symbol, after passing through the hands
of a long train of persons, who had each been more able than another
to use it effectively, came at length into the possession of the
individual now addressing us—a person evidently qualified to do full
justice to the intentions of his ancestor.
It was, therefore, with the apprehension of something awful, that
after the conclusion of the story, and the introduction of supper, I
took a place at the well-spread board. In sitting down, I cast a look at
the Mouth. It was hovering, like a prodigious rainbow, over the
horizon of the table, uncertain where to pitch itself. There was an air
of terrible resolution about it, which made me almost tremble for
what was to ensue. It was evident that we were to have “a scene.”
The Mouth—for so it might be termed par excellence—was
preferred by acclamation to the head of the table,—a distinction
awarded, as I afterwards understood, not so much on account of its
superior greatness, as in consideration of its seniority, though I am
sure it deserved the pas on both accounts. The inferior and junior
mouths all sat down at different distances from the great Mouth, like
satellites round a mighty planet. It uttered a short, gentleman-like
grace, and then began to ask its neighbours what they would have.
Some asked for one thing, some for another, and in a short time all
were served except itself. For its own part it complained of weak
appetite, and expressed a fear that it should not be able to take
anything at all. I could scarcely credit the declaration. It added, in a
singularly prim tone of voice, that, for its part, it admired the taste of
Beau Tibbs in Goldsmith—“Something nice, and a little will do. I hate
your immense loads of meat; that’s country all over.” Hereupon, I
plucked up courage, and ventured to look at it again. It was still
terrible, though placid. Its expression was that of a fresh and strong
warrior, who hesitates a moment to consider into what part of a thick
battle he shall plunge himself, or what foes he shall select as worthy
of particular attack. Its look belied its word; but again I was thrown
back by its words belying its look. It said to a neighbour of mine, that
it thought it might perhaps manage the half of the tail of one of the
herrings at his elbow, if he would be so kind as carve. Was there ever
such a puzzling mouth! I was obliged again to give credit to words;
yet again was I disappointed. My neighbour thinking it absurd to
mince such a matter as a “Glasgow magistrate,” handed up a whole
one to the chairman. The Mouth received it with a torrent of refusals
and remonstrances, in the midst of which it began to eat, and I heard
it continue to mumble forth expostulations, in a fainter and fainter
tone, at the intervals of bites, for a few seconds; till, behold, the
whole corporate substance of the burghal dignitary had melted away
to a long meagre skeleton! When done, its remonstrances changed
into a wonder how it should have got through so plump a fish; it was
perfectly astonishing; it had never eaten a whole herring in its life
before; it was an unaccountable miracle.
I did not hear the latter sentences of its wonderments; but,
towards the conclusion, heard the word “fowl” distinctly
pronounced. The fowls lying to my hand, I found myself under the
necessity of entering into conference with it, though I felt a mortal
disinclination to look it in the mouth, lest I should betray some
symptom of emotion inconsistent with good manners. Drawing down
my features into a resolute pucker, and mentally vowing I would
speak to it though it should blast me, I cast my eyes slowly and
cautiously towards it, and made inquiry as to its choice of bits. In
return for my interrogation, I received a polite convulsion, intended
for a smile, and a request, out of which I only caught the important
words, “breast” and “wing.” I made haste to execute the order; and,
on handing away the desired viands, received from the mouth
another grateful convulsion, and then, to my great relief, all was
over!
Well, thought I, at this juncture, a herring and a fragment of fowl
are no such great matters; perhaps the Mouth will prove quite a
natural mouth after all. In brief space, however, the chairman’s plate
was announced as again empty; and I heard it receive, discuss, and
answer various proposals of replenishment made to it by its more
immediate neighbours. I thought I should escape; but no—the fowl
was really so good that it thought it would trouble me for another
breast, if I would be so kind, &c. I was of course obliged to look at it
again, in order to receive its request in proper form; when neglecting
this time my former preparations of face, I had nearly committed
myself by looking it full in the mouth with my eyes wide open, and
without having screwed my facial muscles into their former resolute
astringency. However, instantly apprehending the amount of its
demands, my glance at the Mouth fortunately required to be only
momentary, and I found immediate relief from all danger in the
ensuing business of carving. Yet even that glance was in itself a
dreadful trial—it sufficed to inform me that the Mouth was now more
terrible than before—that there was a fearful vivacity about it, a
promptitude, an alacrity, and energy, which it did not formerly
exhibit. Should this increase, thought I, it will soon be truly dreadful.
I handed up a whole fowl to it, in a sort of desperation. It made no
remonstrances, as in the case of the herring, at the abundance of my
offering. So far from that, it seemed to forgive my disobedience with
the utmost goodwill; received the fowl, dispatched it with silence and
celerity, and then began to look abroad for further prey. Indeed, it
now began to crack jokes upon itself—a sportive species of suicide. It
spoke of the spoon; lamented that, after all, there should be no soups
at table whereon it might have exhibited itself; and finally vowed that
it would visit the deficiencies of the supper upon the dessert, even
unto the third and fourth dish of blancmange.
The proprietor of the mouth then laid down the spoon upon the
table, there to lie in readiness till such time as he should find knives
and forks of no farther service—as the Scottish soldiery in former
times used to lay their shields upon the ground while making use of
their spears. I now gave up all hopes of the Mouth observing any
propriety in its future transactions. Having finished my own supper,
I resolved to set myself down to observe all its sayings and doings. Its
placidity was now gone—its air of self-possession lost. New powers
seemed to be every moment developing themselves throughout its
vast form—new and more terrible powers. It was beginning to have a
wild look! It was evident that it was now fleshed—that its naturally
savage disposition, formerly dormant for want of excitement, was
now rising tumultuously within it—that it would soon perform such
deeds as would scare us all!

Network Security Essentials Applications and Standards William Stallings Download PDF Chapter

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Network Security Essentials Applications and Standards William Stallings Download PDF Chapter

Uploaded by

Copyright:

Available Formats

Network security essentials:

applications and standards William

For these Global Editions, the editorial team at Pearson has

Network Security Essentials

Applications and Standards

or Canada, you should be aware that it has

Pearson Global Edition

Stallings_06_1292154853_Final.indd 1 07/09/16 7:47 PM

A01_STAL4855_06_GE_FM.indd 1 9/8/16 9:01 PM

Pearson Education Limited

and Associated Companies throughout the world

Visit us on the World Wide Web at:

© Pearson Education Limited 2017

British Library Cataloguing-in-Publication Data

ISBN 10: 1-292-15485-3

Typeset by SPi Global

A01_STAL4855_06_GE_FM.indd 2 9/8/16 9:01 PM

A01_STAL4855_06_GE_FM.indd 3 9/8/16 9:01 PM

A01_STAL4855_06_GE_FM.indd 4 12/19/16 8:49 PM

Part One: Cryptography 45

Part Two: Network Security Applications 119

A01_STAL4855_06_GE_FM.indd 5 9/8/16 9:01 PM

A01_STAL4855_06_GE_FM.indd 6 9/8/16 9:01 PM

A01_STAL4855_06_GE_FM.indd 7 9/8/16 9:01 PM

Chapter 13 Network Management Security

Part FIVE: Legal And Ethical Issues

Appendix C Standards and Standards-Setting Organizations

A01_STAL4855_06_GE_FM.indd 8 9/8/16 9:01 PM

Appendix F Kerberos Encryption Techniques

Appendix G Data Compression Using ZIP

Appendix J The Base-Rate Fallacy

A01_STAL4855_06_GE_FM.indd 9 9/8/16 9:01 PM

What’s New In The SIXTH Edition

A01_STAL4855_06_GE_FM.indd 10 9/8/16 9:01 PM

Support Of ACM/IEEE Computer Science Curricula 2013

A01_STAL4855_06_GE_FM.indd 11 9/8/16 9:01 PM

Plan Of The Text

The book is organized in three parts:

Instructor Support Materials

A01_STAL4855_06_GE_FM.indd 12 9/8/16 9:01 PM

Projects And Other Student Exercises

For many instructors, an important component of a network security course is a project or

Online CONTENT For Students

A01_STAL4855_06_GE_FM.indd 13 9/8/16 9:01 PM

Relationship To Cryptography And Network Security

A01_STAL4855_06_GE_FM.indd 14 9/8/16 9:01 PM

ACKNOWLEDGEMENTS FOR THE GLOBAL EDITION

A01_STAL4855_06_GE_FM.indd 15 9/8/16 9:01 PM

A01_STAL4855_06_GE_FM.indd 16 9/8/16 9:01 PM

M01_STAL4855_06_GE_C01.indd 17 8/11/16 8:31 AM

The requirements of information security within an organization have undergone two

M01_STAL4855_06_GE_C01.indd 18 8/11/16 8:31 AM

M01_STAL4855_06_GE_C01.indd 19 8/11/16 8:31 AM

1.1 Computer Security Concepts

A Definition of Computer Security

Computer Security: The protection afforded to an automated information sys-

M01_STAL4855_06_GE_C01.indd 20 8/11/16 8:31 AM

Figure 1.1 Essential Network and Computer

M01_STAL4855_06_GE_C01.indd 21 8/11/16 8:32 AM

Confidentiality Student grade information is an asset whose confidentiality is

Integrity Several aspects of integrity are illustrated by the example of a hospital

M01_STAL4855_06_GE_C01.indd 22 8/11/16 8:32 AM

The Challenges of Computer Security

Figure 1.1 Essential Network and Computer