{"product_id":"computer-security-isbn-9780470741153","title":"Computer Security","description":"Completely updated and up-to-the-minute textbook for courses on computer science.\u003cbr\u003e \u003cbr\u003e   \u003cp\u003eThe third edition has been completely revised to include new advances in software and technology over the last few years. Provides sections on Windows NT, CORBA and Java which are not examined in comparable titles.\u003c\/p\u003e \u003cp\u003eNo active previous experience of security issues is necessary making this accessible to Software Developers and Managers whose responsibilities span any technical aspects of IT security. Written for self-study and course use, this book will suit a variety of introductory and more advanced security programs for students of computer science, engineering and related disciplines. Technical and project managers will also find that the broad coverage offers a great starting point for discovering underlying issues and provides a means of orientation in a world populated by a bewildering array of competing security systems.\u003c\/p\u003e  \u003cb\u003ePreface xvii\u003c\/b\u003e  \u003cp\u003e\u003cb\u003eCHAPTER 1 – History of Computer Security 1\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e1.1 The Dawn of Computer Security 2\u003c\/p\u003e \u003cp\u003e1.2 1970s – Mainframes 3\u003c\/p\u003e \u003cp\u003e1.3 1980s – Personal Computers 4\u003c\/p\u003e \u003cp\u003e1.4 1990s – Internet 6\u003c\/p\u003e \u003cp\u003e1.5 2000s – The Web 8\u003c\/p\u003e \u003cp\u003e1.6 Conclusions – The Benefits of Hindsight 10\u003c\/p\u003e \u003cp\u003e1.7 Exercises 11\u003c\/p\u003e \u003cp\u003e\u003cb\u003eCHAPTER 2 – Managing Security 13\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e2.1 Attacks and Attackers 14\u003c\/p\u003e \u003cp\u003e2.2 Security Management 15\u003c\/p\u003e \u003cp\u003e2.3 Risk and Threat Analysis 21\u003c\/p\u003e \u003cp\u003e2.4 Further Reading 29\u003c\/p\u003e \u003cp\u003e2.5 Exercises 29\u003c\/p\u003e \u003cp\u003e\u003cb\u003eCHAPTER 3 – Foundations of Computer Security 31\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e3.1 Definitions 32\u003c\/p\u003e \u003cp\u003e3.2 The Fundamental Dilemma of Computer Security 40\u003c\/p\u003e \u003cp\u003e3.3 Data vs Information 40\u003c\/p\u003e \u003cp\u003e3.4 Principles of Computer Security 41\u003c\/p\u003e \u003cp\u003e3.5 The Layer Below 45\u003c\/p\u003e \u003cp\u003e3.6 The Layer Above 47\u003c\/p\u003e \u003cp\u003e3.7 Further Reading 47\u003c\/p\u003e \u003cp\u003e3.8 Exercises 48\u003c\/p\u003e \u003cp\u003e\u003cb\u003eCHAPTER 4 – Identification and Authentication 49\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e4.1 Username and Password 50\u003c\/p\u003e \u003cp\u003e4.2 Bootstrapping Password Protection 51\u003c\/p\u003e \u003cp\u003e4.3 Guessing Passwords 52\u003c\/p\u003e \u003cp\u003e4.4 Phishing, Spoofing, and Social Engineering 54\u003c\/p\u003e \u003cp\u003e4.5 Protecting the Password File 56\u003c\/p\u003e \u003cp\u003e4.6 Single Sign-on 58\u003c\/p\u003e \u003cp\u003e4.7 Alternative Approaches 59\u003c\/p\u003e \u003cp\u003e4.8 Further Reading 63\u003c\/p\u003e \u003cp\u003e4.9 Exercises 63\u003c\/p\u003e \u003cp\u003e\u003cb\u003eCHAPTER 5 – Access Control 65\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e5.1 Background 66\u003c\/p\u003e \u003cp\u003e5.2 Authentication and Authorization 66\u003c\/p\u003e \u003cp\u003e5.3 Access Operations 68\u003c\/p\u003e \u003cp\u003e5.4 Access Control Structures 71\u003c\/p\u003e \u003cp\u003e5.5 Ownership 73\u003c\/p\u003e \u003cp\u003e5.6 Intermediate Controls 74\u003c\/p\u003e \u003cp\u003e5.7 Policy Instantiation 79\u003c\/p\u003e \u003cp\u003e5.8 Comparing Security Attributes 79\u003c\/p\u003e \u003cp\u003e5.9 Further Reading 84\u003c\/p\u003e \u003cp\u003e5.10 Exercises 84\u003c\/p\u003e \u003cp\u003e\u003cb\u003eCHAPTER 6 – Reference Monitors 87\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e6.1 Introduction 88\u003c\/p\u003e \u003cp\u003e6.2 Operating System Integrity 90\u003c\/p\u003e \u003cp\u003e6.3 Hardware Security Features 91\u003c\/p\u003e \u003cp\u003e6.4 Protecting Memory 99\u003c\/p\u003e \u003cp\u003e6.5 Further Reading 103\u003c\/p\u003e \u003cp\u003e6.6 Exercises 104\u003c\/p\u003e \u003cp\u003e\u003cb\u003eCHAPTER 7 – Unix Security 107\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e7.1 Introduction 108\u003c\/p\u003e \u003cp\u003e7.2 Principals 109\u003c\/p\u003e \u003cp\u003e7.3 Subjects 111\u003c\/p\u003e \u003cp\u003e7.4 Objects 113\u003c\/p\u003e \u003cp\u003e7.5 Access Control 116\u003c\/p\u003e \u003cp\u003e7.6 Instances of General Security Principles 119\u003c\/p\u003e \u003cp\u003e7.7 Management Issues 125\u003c\/p\u003e \u003cp\u003e7.8 Further Reading 128\u003c\/p\u003e \u003cp\u003e7.9 Exercises 128\u003c\/p\u003e \u003cp\u003e\u003cb\u003eCHAPTER 8 – Windows Security 131\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e8.1 Introduction 132\u003c\/p\u003e \u003cp\u003e8.2 Components of Access Control 135\u003c\/p\u003e \u003cp\u003e8.3 Access Decisions 142\u003c\/p\u003e \u003cp\u003e8.4 Managing Policies 145\u003c\/p\u003e \u003cp\u003e8.5 Task-Dependent Access Rights 147\u003c\/p\u003e \u003cp\u003e8.6 Administration 150\u003c\/p\u003e \u003cp\u003e8.7 Further Reading 153\u003c\/p\u003e \u003cp\u003e8.8 Exercises 153\u003c\/p\u003e \u003cp\u003e\u003cb\u003eCHAPTER 9 – Database Security 155\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e9.1 Introduction 156\u003c\/p\u003e \u003cp\u003e9.2 Relational Databases 158\u003c\/p\u003e \u003cp\u003e9.3 Access Control 162\u003c\/p\u003e \u003cp\u003e9.4 Statistical Database Security 167\u003c\/p\u003e \u003cp\u003e9.5 Integration with the Operating System 172\u003c\/p\u003e \u003cp\u003e9.6 Privacy 173\u003c\/p\u003e \u003cp\u003e9.7 Further Reading 175\u003c\/p\u003e \u003cp\u003e9.8 Exercises 175\u003c\/p\u003e \u003cp\u003e\u003cb\u003eCHAPTER 10 – Software Security 177\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e10.1 Introduction 178\u003c\/p\u003e \u003cp\u003e10.2 Characters and Numbers 179\u003c\/p\u003e \u003cp\u003e10.3 Canonical Representations 183\u003c\/p\u003e \u003cp\u003e10.4 Memory Management 184\u003c\/p\u003e \u003cp\u003e10.5 Data and Code 191\u003c\/p\u003e \u003cp\u003e10.6 Race Conditions 193\u003c\/p\u003e \u003cp\u003e10.7 Defences 194\u003c\/p\u003e \u003cp\u003e10.8 Further Reading 201\u003c\/p\u003e \u003cp\u003e10.9 Exercises 202\u003c\/p\u003e \u003cp\u003e\u003cb\u003eCHAPTER 11 – Bell–LaPadula Model 205\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e11.1 State Machine Models 206\u003c\/p\u003e \u003cp\u003e11.2 The Bell–LaPadula Model 206\u003c\/p\u003e \u003cp\u003e11.3 The Multics Interpretation of BLP 212\u003c\/p\u003e \u003cp\u003e11.4 Further Reading 216\u003c\/p\u003e \u003cp\u003e11.5 Exercises 216\u003c\/p\u003e \u003cp\u003e\u003cb\u003eCHAPTER 12 – Security Models 219\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e12.1 The Biba Model 220\u003c\/p\u003e \u003cp\u003e12.2 Chinese Wall Model 221\u003c\/p\u003e \u003cp\u003e12.3 The Clark–Wilson Model 223\u003c\/p\u003e \u003cp\u003e12.4 The Harrison–Ruzzo–Ullman Model 225\u003c\/p\u003e \u003cp\u003e12.5 Information-Flow Models 228\u003c\/p\u003e \u003cp\u003e12.6 Execution Monitors 230\u003c\/p\u003e \u003cp\u003e12.7 Further Reading 232\u003c\/p\u003e \u003cp\u003e12.8 Exercises 233\u003c\/p\u003e \u003cp\u003e\u003cb\u003eCHAPTER 13 – Security Evaluation 235\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e13.1 Introduction 236\u003c\/p\u003e \u003cp\u003e13.2 The Orange Book 239\u003c\/p\u003e \u003cp\u003e13.3 The Rainbow Series 241\u003c\/p\u003e \u003cp\u003e13.4 Information Technology Security Evaluation Criteria 242\u003c\/p\u003e \u003cp\u003e13.5 The Federal Criteria 243\u003c\/p\u003e \u003cp\u003e13.6 The Common Criteria 243\u003c\/p\u003e \u003cp\u003e13.7 Quality Standards 246\u003c\/p\u003e \u003cp\u003e13.8 An Effort Well Spent? 247\u003c\/p\u003e \u003cp\u003e13.9 Summary 248\u003c\/p\u003e \u003cp\u003e13.10 Further Reading 248\u003c\/p\u003e \u003cp\u003e13.11 Exercises 249\u003c\/p\u003e \u003cp\u003e\u003cb\u003eCHAPTER 14 – Cryptography 251\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e14.1 Introduction 252\u003c\/p\u003e \u003cp\u003e14.2 Modular Arithmetic 256\u003c\/p\u003e \u003cp\u003e14.3 Integrity Check Functions 257\u003c\/p\u003e \u003cp\u003e14.4 Digital Signatures 260\u003c\/p\u003e \u003cp\u003e14.5 Encryption 264\u003c\/p\u003e \u003cp\u003e14.6 Strength of Mechanisms 270\u003c\/p\u003e \u003cp\u003e14.7 Performance 271\u003c\/p\u003e \u003cp\u003e14.8 Further Reading 272\u003c\/p\u003e \u003cp\u003e14.9 Exercises 273\u003c\/p\u003e \u003cp\u003e\u003cb\u003eCHAPTER 15 – Key Establishment 275\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e15.1 Introduction 276\u003c\/p\u003e \u003cp\u003e15.2 Key Establishment and Authentication 276\u003c\/p\u003e \u003cp\u003e15.3 Key Establishment Protocols 279\u003c\/p\u003e \u003cp\u003e15.4 Kerberos 283\u003c\/p\u003e \u003cp\u003e15.5 Public-Key Infrastructures 288\u003c\/p\u003e \u003cp\u003e15.6 Trusted Computing – Attestation 293\u003c\/p\u003e \u003cp\u003e15.7 Further Reading 295\u003c\/p\u003e \u003cp\u003e15.8 Exercises 295\u003c\/p\u003e \u003cp\u003e\u003cb\u003eCHAPTER 16 – Communications Security 297\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e16.1 Introduction 298\u003c\/p\u003e \u003cp\u003e16.2 Protocol Design Principles 299\u003c\/p\u003e \u003cp\u003e16.3 IP Security 301\u003c\/p\u003e \u003cp\u003e16.4 IPsec and Network Address Translation 308\u003c\/p\u003e \u003cp\u003e16.5 SSL\/TLS 310\u003c\/p\u003e \u003cp\u003e16.6 Extensible Authentication Protocol 314\u003c\/p\u003e \u003cp\u003e16.7 Further Reading 316\u003c\/p\u003e \u003cp\u003e16.8 Exercises 316\u003c\/p\u003e \u003cp\u003e\u003cb\u003eCHAPTER 17 – Network Security 319\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e17.1 Introduction 320\u003c\/p\u003e \u003cp\u003e17.2 Domain Name System 322\u003c\/p\u003e \u003cp\u003e17.3 Firewalls 328\u003c\/p\u003e \u003cp\u003e17.4 Intrusion Detection 332\u003c\/p\u003e \u003cp\u003e17.5 Further Reading 335\u003c\/p\u003e \u003cp\u003e17.6 Exercises 336\u003c\/p\u003e \u003cp\u003e\u003cb\u003eCHAPTER 18 – Web Security 339\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e18.1 Introduction 340\u003c\/p\u003e \u003cp\u003e18.2 Authenticated Sessions 342\u003c\/p\u003e \u003cp\u003e18.3 Code Origin Policies 346\u003c\/p\u003e \u003cp\u003e18.4 Cross-Site Scripting 347\u003c\/p\u003e \u003cp\u003e18.5 Cross-Site Request Forgery 350\u003c\/p\u003e \u003cp\u003e18.6 JavaScript Hijacking 352\u003c\/p\u003e \u003cp\u003e18.7 Web Services Security 354\u003c\/p\u003e \u003cp\u003e18.8 Further Reading 360\u003c\/p\u003e \u003cp\u003e18.9 Exercises 361\u003c\/p\u003e \u003cp\u003e\u003cb\u003eCHAPTER 19 – Mobility 363\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e19.1 Introduction 364\u003c\/p\u003e \u003cp\u003e19.2 GSM 364\u003c\/p\u003e \u003cp\u003e19.3 UMTS 369\u003c\/p\u003e \u003cp\u003e19.4 Mobile IPv6 Security 372\u003c\/p\u003e \u003cp\u003e19.5 WLAN 377\u003c\/p\u003e \u003cp\u003e19.6 Bluetooth 381\u003c\/p\u003e \u003cp\u003e19.7 Further Reading 383\u003c\/p\u003e \u003cp\u003e19.8 Exercises 383\u003c\/p\u003e \u003cp\u003e\u003cb\u003eCHAPTER 20 – New Access Control Paradigms 385\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e20.1 Introduction 386\u003c\/p\u003e \u003cp\u003e20.2 SPKI 388\u003c\/p\u003e \u003cp\u003e20.3 Trust Management 390\u003c\/p\u003e \u003cp\u003e20.4 Code-Based Access Control 391\u003c\/p\u003e \u003cp\u003e20.5 Java Security 395\u003c\/p\u003e \u003cp\u003e20.6 .NET Security Framework 400\u003c\/p\u003e \u003cp\u003e20.7 Digital Rights Management 405\u003c\/p\u003e \u003cp\u003e20.8 Further Reading 406\u003c\/p\u003e \u003cp\u003e20.9 Exercises 406\u003c\/p\u003e \u003cp\u003e\u003cb\u003eBibliography 409\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e\u003cb\u003eIndex 423\u003c\/b\u003e\u003c\/p\u003e \u003cb\u003eDieter Gollmann\u003c\/b\u003e, Technical University of Hamburg-Harburg.","brand":"Wiley","offers":[{"title":"Default Title","offer_id":47988969570533,"sku":"NP9780470741153","price":54.0,"currency_code":"USD","in_stock":false}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/1842\/7735\/files\/9780470741153.jpg?v=1761782255","url":"https:\/\/k12savings.com\/products\/computer-security-isbn-9780470741153","provider":"K12savings","version":"1.0","type":"link"}