This is the eBook version of the printed book. If the print book includes a CD-ROM, this content is not included within the eBook version.The New State-of-the-Art in Information Security: Now Covers the Economics of Cyber Security and the Intersection of Privacy and Information Security
For years, IT and security professionals and students have turned to Security in Computing as the definitive guide to information about computer security attacks and countermeasures. In their new fourth edition, Charles P. Pfleeger and Shari Lawrence Pfleeger have thoroughly updated their classic guide to reflect today's newest technologies, standards, and trends.
The authors first introduce the core concepts and vocabulary of computer security, including attacks and controls. Next, the authors systematically identify and assess threats now facing programs, operating systems, database systems, and networks. For each threat, they offer best-practice responses.
Security in Computing, Fourth Edition , goes beyond technology, covering crucial management issues faced in protecting infrastructure and information. This edition contains an all-new chapter on the economics of cybersecurity, explaining ways to make a business case for security investments. Another new chapter addresses privacy--from data mining and identity theft, to RFID and e-voting.
New coverage also includes
- Programming mistakes that compromise security: man-in-the-middle, timing, and privilege escalation attacks
- Web application threats and vulnerabilities
- Networks of compromised systems: bots, botnets, and drones
- Rootkits--including the notorious Sony XCP
- Wi-Fi network security challenges, standards, and techniques
- New malicious code attacks, including false interfaces and keystroke loggers
- Improving code quality: software engineering, testing, and liability approaches
- Biometric authentication: capabilities and limitations
- Using the Advanced Encryption System (AES) more effectively
- Balancing dissemination with piracy control in music and other digital content
- Countering new cryptanalytic attacks against RSA, DES, and SHA
- Responding to the emergence of organized attacker groups pursuing profit
From the Back Cover
Every day, more and more critical information is created, transmitted, and archived by computers. This ever-growing reliance on technology has made computer security a higher priority than ever before, yet the pace of computer development has far outstripped the improvements in computer security. Today's computer professionals need a comprehensive understanding of all aspects of security in computing.
Security in Computing is the most complete and up-to-date college textbook now available. Enlivened by actual case studies and supported by more than 175 exercises, the book covers:
- Viruses, worms, Trojan horses, and other forms of malicious code
- Firewalls and the protection of networked systems
- E-mail privacy, including PEM, PGP, key management, and certificates
- Key escrow—both as a technology and in the “Clipper” program
- Evaluation of trusted systems, including the Common Criteria, the ITSEC, and the Orange Book
- Standards for program development and quality, including ISO9000 and SEI CMM
- Administering secure installations of PCs, UNIX¨, and networked environments
- Ethical and legal issues in computing
A modular, layered structure makes Security in Computing ideal for classroom use as well as a reference for professionals. Once the basic tools have been covered, the remaining chapters can be studied in any order, and to any depth desired.
Since the publication of the first edition in 1989, the number of threats to secure computing have increased, but so have the available countermeasures. This second edition has been thoroughly revised to reflect teaching experiences with the first edition and to incorporate all the latest information on computer security.