Authors: Charles P. Pfleeger, Shari Lawrence Pfleeger, Willis H. Ware
ISBN-13: 9780132390774, ISBN-10: 0132390779
Format: Hardcover
Publisher: Prentice Hall
Date Published: October 2006
Edition: 4th Edition
Charles P. Pfleeger is an independent information security consultant and principal of the Pfleeger Consulting Group. He specializes in threat/vulnerability analysis, system design review, certification preparation, expert witness testimony, and training.
Shari Lawrence Pfleeger, a senior information scientist at the RAND Corporation, has written ten books on software engineering, measurement, and quality, including Software Engineering: Theory and Practice, Third Edition (Prentice Hall, 2006). She was named one of the world's top software engineering researchers by the Journal of Systems and Software.
The New State-of-the-Art in Information Security: Now Covers the Economics of Cyber Security and the Intersection of Privacy and Information Security
For years, IT and security professionals and students have turned to Security in Computing as the definitive guide to information about computer security attacks and countermeasures. In their new fourth edition, Charles P. Pfleeger and Shari Lawrence Pfleeger have thoroughly updated their classic guide to reflect today's newest technologies, standards, and trends.
The authors first introduce the core concepts and vocabulary of computer security, including attacks and controls. Next, the authors systematically identify and assess threats now facing programs, operating systems, database systems, and networks. For each threat, they offer best-practice responses.
Security in Computing, Fourth Edition, goes beyond technology, covering crucial management issues faced in protecting infrastructure and information. This edition contains an all-new chapter on the economics of cybersecurity, explaining ways to make a business case for security investments. Another new chapter addresses privacyfrom data mining and identity theft, to RFID and e-voting.
New coverage also includes
Covers all aspects of security in computing, including viruses, worms, Trojan horses, and other forms of malicious code; firewalls and the protection of networked systems; e-mail privacy, including PEM, PGP, key management, and certificates; key escrow--both as a technology and in the "Clipper" program; evaluation of trusted systems, including the Common Criteria, the ITSEC, and the OrangeBook; standards for program development and quality, including ISO9000; secure installations of PCs, UNIX, and networked environments; and ethical and legal issues in computing. Annotation c. Book News, Inc., Portland, OR (booknews.com)
Foreword | ||
Preface to the Third Edition | ||
Ch. 1 | Is There a Security Problem in Computing? | 1 |
Ch. 2 | Elementary Cryptography | 35 |
Ch. 3 | Program Security | 95 |
Ch. 4 | Protection in General-Purpose Operating Systems | 179 |
Ch. 5 | Designing Trusted Operating Systems | 229 |
Ch. 6 | Database Security | 309 |
Ch. 7 | Security in Networks | 363 |
Ch. 8 | Administering Security | 491 |
Ch. 9 | Legal, Privacy, and Ethical Issues in Computer Security | 553 |
Ch. 10 | Cryptography Explained | 629 |
Bibliography | 691 | |
Index | 727 |