Overview

The New State-of-the-Art in Information Security: Now Covers the Economics of Cyber Security and the Intersection of Privacy and Information Security For years, IT and security professionals and students have turned to Security in Computing as the definitive guide to information about computer security attacks and countermeasures. In their new fourth edition, Charles P. Pfleeger and Shari Lawrence Pfleeger have thoroughly updated their classic guide to reflect today's newest technologies, standards, and trends. The authors first introduce the core concepts and vocabulary of computer security, including attacks and controls. Next, the authors systematically identify and assess threats now facing programs, operating systems, database systems, and networks. For each threat, they offer best-practice responses. Security in Computing, Fourth Edition, goes beyond technology, covering crucial management issues faced in protecting infrastructure and information. This edition contains an all-new chapter on the economics of cybersecurity, explaining ways to make a business case for security investments. Another new chapter addresses privacy--from data mining and identity theft, to RFID and e-voting. New coverage also includes Programming mistakes that compromise security: man-in-the-middle, timing, and privilege escalation attacks Web application threats and vulnerabilities Networks of compromised systems: bots, botnets, and drones Rootkits--including the notorious Sony XCP Wi-Fi network security challenges, standards, and techniques New malicious code attacks, including false interfaces and keystroke loggers Improving code quality: software engineering, testing, and liability approaches Biometric authentication: capabilities and limitations Using the Advanced Encryption System (AES) more effectively Balancing dissemination with piracy control in music and other digital content Countering new cryptanalytic attacks against RSA, DES, and SHA Responding to the emergence of organized attacker groups pursuing profit

Full Product Details

Author:   Charles P. Pfleeger ,  Shari Lawrence Pfleeger
Publisher:   Pearson Education (US)
Imprint:   Prentice Hall
Edition:   4th edition
Dimensions:   Width: 18.40cm , Height: 4.90cm , Length: 23.80cm
Weight:   1.570kg
ISBN:  

9780132390774

ISBN 10:   0132390779
Pages:   880
Publication Date:   02 November 2006
Audience:   College/higher education ,  Tertiary & Higher Education
Replaced By:   9780134085043
Format:   Hardback
Publisher's Status:   Out of Print
Availability:   In Print  
Limited stock is available. It will be ordered for you and shipped pending supplier's limited stock.

Table of Contents

"Foreword     xix Preface     xxv Chapter 1: Is There a Security Problem in Computing?     1   1.1    What Does ""Secure"" Mean?     1   1.2    Attacks     5   1.3    The Meaning of Computer Security     9   1.4    Computer Criminals     21   1.5    Methods of Defense     23   1.6    What's Next     30   1.7    Summary     32   1.8    Terms and Concepts     32   1.9    Where the Field Is Headed     33 1.10    To Learn More     34 1.11     Exercises     34 Chapter 2: Elementary Cryptography     37   2.1    Terminology and Background     38   2.2    Substitution Ciphers     44   2.3    Transpositions (Permutations)     55   2.4    Making ""Good"" Encryption Algorithms     59   2.5    The Data Encryption Standard     68   2.6    The AES Encryption Algorithm     72   2.7    Public Key Encryption     75   2.8    The Uses of Encryption     79   2.9    Summary of Encryption     91 2.10    Terms and Concepts     92 2.11    Where the Field Is Headed     93 2.12    To Learn More     94 2.13    Exercises     94 Chapter 3     Program Security     98   3.1    Secure Programs     99   3.2    Nonmalicious Program Errors     103   3.3    Viruses and Other Malicious Code     111   3.4    Targeted Malicious Code     141   3.5    Controls Against Program Threats     160   3.6    Summary of Program Threats and Controls     181   3.7    Terms and Concepts     182   3.8    Where the Field Is Headed     183   3.9    To Learn More     185 3.10    Exercises     185 Chapter 4     Protection in General-Purpose Operating Systems     188   4.1    Protected Objects and Methods of Protection     189   4.2    Memory and Address Protection     193   4.3    Control of Access to General Objects     204   4.4    File Protection Mechanisms     215   4.5    User Authentication     219   4.6    Summary of Security for Users     236   4.7    Terms and Concepts     237   4.8    Where the Field Is Headed     238   4.9    To Learn More     239 4.10    Exercises     239 Chapter 5     Designing Trusted Operating Systems     242   5.1    What Is a Trusted System?     243   5.2    Security Policies     245   5.3    Models of Security     252   5.4    Trusted Operating System Design     264   5.5    Assurance in Trusted Operating Systems     287   5.6    Summary of Security in Operating Systems     312   5.7    Terms and Concepts     313   5.8    Where the Field Is Headed     315   5.9    To Learn More     315 5.10    Exercises     316 Chapter 6     Database and Data Mining Security     318   6.1    Introduction to Databases     319   6.2    Security Requirements     324   6.3    Reliability and Integrity     329   6.4    Sensitive Data     335   6.5    Inference     341   6.6    Multilevel Databases     351   6.7    Proposals for Multilevel Security     356   6.8    Data Mining     367   6.9    Summary of Database Security     371 6.10    Terms and Concepts     371 6.11    Where the Field Is Headed     372 6.12    To Learn More     373 6.13    Exercises     373 Chapter 7     Security in Networks     376   7.1    Network Concepts     377   7.2    Threats in Networks     396   7.3    Network Security Controls     440   7.4    Firewalls     474   7.5    Intrusion Detection Systems     484   7.6    Secure E-mail     490   7.7    Summary of Network Security     496   7.8    Terms and Concepts     498   7.9    Where the Field Is Headed     500 7.10    To Learn More     502 7.11    Exercises     502 Chapter 8     Administering Security     508   8.1    Security Planning     509   8.2    Risk Analysis     524   8.3    Organizational Security Policies     547   8.4    Physical Security     556   8.5    Summary     566   8.6    Terms and Concepts     567   8.7    To Learn More     568   8.8    Exercises     569 Chapter 9     The Economics of Cybersecurity     571   9.1    Making a Business Case     572   9.2    Quantifying Security     578   9.3    Modeling Cybersecurity     589   9.5    Summary     599   9.6    Terms and Concepts     600   9.7    To Learn More     601   9.8    Exercises     601 Chapter 10     Privacy in Computing     603 10.1      Privacy Concepts     604 10.2      Privacy Principles and Policies     608 10.3      Authentication and Privacy     619 10.4      Data Mining     623 10.5      Privacy on the Web     626 10.6      E-mail Security     635 10.7      Impacts on Emerging Technologies     638 10.8      Summary     643 10.9      Terms and Concepts     643 10.10    Where the Field Is Headed     645 10.11    To Learn More     645 10.12    Exercises     646 Chapter 11     Legal and Ethical Issues in Computer Security     647 11.1     Protecting Programs and Data     649 11.2     Information and the Law     663 11.3     Rights of Employees and Employers     670 11.4     Redress for Software Failures     673 11.5     Computer Crime     679 11.6     Ethical Issues in Computer Security     692 11.7     Case Studies of Ethics     698 11.8     Terms and Concepts     714 11.9     To Learn More     714 11.10   Exercises     715 Chapter 12     Cryptography Explained     717 12.1    Mathematics for Cryptography  718 12.2    Symmetric Encryption     730 12.3    Public Key Encryption Systems     757 12.4     Quantum Cryptography     774 12.5    Summary of Encryption     778 12.6    Terms and Concepts     778 12.7    Where the Field Is Headed     779 12.8    To Learn More     779 12.9    Exercises     779 Bibliography     782 Index     815"

Reviews

Author Information

Charles P. Pfleeger is an independent information security consultant and principal of the Pfleeger Consulting Group. He specializes in threat/vulnerability analysis, system design review, certification preparation, expert witness testimony, and training. Shari Lawrence Pfleeger, a senior information scientist at the RAND Corporation, has written ten books on software engineering, measurement, and quality, including Software Engineering: Theory and Practice, Third Edition (Prentice Hall, 2006). She was named one of the world's top software engineering researchers by the Journal of Systems and Software.

Tab Content 6

Author Website:  

Customer Reviews

Recent Reviews

No review item found!

Add your own review!

Countries Available

All regions