Security in Computing / Edition 3

Security in Computing / Edition 3

by Charles P. Pfleeger
     
 

ISBN-10: 0130355488

ISBN-13: 9780130355485

Pub. Date: 11/30/2002

Publisher: Prentice Hall Professional Technical Reference

The New State-of-the-Art in Information Security: Now Covers the Economics of Cyber Security and the Intersection of Privacy and Information Security

For years, IT and security professionals and students have turned to Security in Computing as the definitive guide to information about computer security attacks and countermeasures. In their new fourth

Overview

The New State-of-the-Art in Information Security: Now Covers the Economics of Cyber Security and the Intersection of Privacy and Information Security

For years, IT and security professionals and students have turned to Security in Computing as the definitive guide to information about computer security attacks and countermeasures. In their new fourth edition, Charles P. Pfleeger and Shari Lawrence Pfleeger have thoroughly updated their classic guide to reflect today's newest technologies, standards, and trends.

The authors first introduce the core concepts and vocabulary of computer security, including attacks and controls. Next, the authors systematically identify and assess threats now facing programs, operating systems, database systems, and networks. For each threat, they offer best-practice responses.

Security in Computing, Fourth Edition, goes beyond technology, covering crucial management issues faced in protecting infrastructure and information. This edition contains an all-new chapter on the economics of cybersecurity, explaining ways to make a business case for security investments. Another new chapter addresses privacy--from data mining and identity theft, to RFID and e-voting.

New coverage also includes

  • Programming mistakes that compromise security: man-in-the-middle, timing, and privilege escalation attacks
  • Web application threats and vulnerabilities
  • Networks of compromised systems: bots, botnets, and drones
  • Rootkits--including the notorious Sony XCP
  • Wi-Fi network security challenges, standards, and techniques
  • New malicious code attacks, including false interfaces and keystroke loggers
  • Improving code quality: software engineering, testing, and liability approaches
  • Biometric authentication: capabilities and limitations
  • Using the Advanced Encryption System (AES) more effectively
  • Balancing dissemination with piracy control in music and other digital content
  • Countering new cryptanalytic attacks against RSA, DES, and SHA
  • Responding to the emergence of organized attacker groups pursuing profit

Product Details

ISBN-13:
9780130355485
Publisher:
Prentice Hall Professional Technical Reference
Publication date:
11/30/2002
Edition description:
Older Edition
Pages:
746
Product dimensions:
7.10(w) x 9.40(h) x 1.30(d)

Table of Contents

Forewordxix
Preface to the Third Editionxxv
Chapter 1Is There a Security Problem in Computing?1
1.1What Does "Secure" Mean?1
1.2Attacks5
1.3The Meaning of Computer Security9
1.4Computer Criminals19
1.5Methods of Defense22
1.6What's Next27
1.7Summary29
1.8Terms and Concepts30
1.9Where the Field Is Headed31
1.10To Learn More31
1.11Exercises32
Chapter 2Elementary Cryptography35
2.1Terminology and Background36
2.2Substitution Ciphers41
2.3Transpositions (Permutations)52
2.4Making "Good" Encryption Algorithms55
2.5The Data Encryption Standard (DES)65
2.6The AES Encryption Algorithm69
2.7Public Key Encryption73
2.8The Uses of Encryption76
2.9Summary of Encryption88
2.10Terms and Concepts89
2.11Where the Field Is Headed90
2.12To Learn More90
2.13Exercises91
Chapter 3Program Security95
3.1Secure Programs96
3.2Nonmalicious Program Errors100
3.3Viruses and Other Malicious Code108
3.4Targeted Malicious Code137
3.5Controls Against Program Threats150
3.6Summary of Program Threats and Controls172
3.7Terms and Concepts173
3.8Where the Field Is Headed174
3.9To Learn More175
3.10Exercises176
Chapter 4Protection in General-Purpose Operating Systems179
4.1Protected Objects and Methods of Protection180
4.2Memory and Address Protection183
4.3Control of Access to General Objects194
4.4File Protection Mechanisms204
4.5User Authentication209
4.6Summary of Security for Users223
4.7Terms and Concepts224
4.8Where the Field Is Headed225
4.9To Learn More226
4.10Exercises226
Chapter 5Designing Trusted Operating Systems229
5.1What Is a Trusted System?230
5.2Security Policies232
5.3Models of Security238
5.4Trusted Operating System Design250
5.5Assurance in Trusted Operating Systems273
5.6Implementation Examples297
5.7Summary of Security in Operating Systems302
5.8Terms and Concepts303
5.9Where the Field Is Headed305
5.10To Learn More305
5.11Exercises305
Chapter 6Database Security309
6.1Introduction to Databases310
6.2Security Requirements314
6.3Reliability and Integrity320
6.4Sensitive Data326
6.5Inference331
6.6Multilevel Databases343
6.7Proposals for Multilevel Security346
6.8Summary of Database Security357
6.9Terms and Concepts358
6.10Where the Field Is Headed358
6.11To Learn More359
6.12Exercises359
Chapter 7Security in Networks363
7.1Network Concepts364
7.2Threats in Networks387
7.3Network Security Controls425
7.4Firewalls457
7.5Intrusion Detection Systems468
7.6Secure E-Mail473
7.7Summary of Network Security479
7.8Terms and Concepts481
7.9Where the Field Is Headed483
7.10To Learn More484
7.11Exercises485
Chapter 8Administering Security491
8.1Security Planning492
8.2Risk Analysis506
8.3Organizational Security Policies529
8.4Physical Security538
8.5Summary548
8.6Terms and Concepts549
8.7To Learn More550
8.8Exercises551
Chapter 9Legal, Privacy, and Ethical Issues in Computer Security553
9.1Protecting Programs and Data555
9.2Information and the Law568
9.3Rights of Employees and Employers575
9.4Software Failures578
9.5Computer Crime583
9.6Privacy595
9.7Ethical Issues in Computer Security605
9.8Case Studies of Ethics610
9.9Terms and Concepts626
9.10To Learn More626
9.11Exercises627
Chapter 10Cryptography Explained629
10.1Mathematics for Cryptography630
10.2Symmetric Encryption642
10.3Public Key Encryption Systems666
10.4Quantum Cryptography683
10.5Summary of Encryption686
10.6Terms and Concepts687
10.7Where the Field Is Headed688
10.8To Learn More688
10.9Exercises688
Bibliography691
Index727

Customer Reviews

Average Review:

Write a Review

and post it to your social network

     

Most Helpful Customer Reviews

See all customer reviews >