{"product_id":"information-security-isbn-9781119505907","title":"Information Security","description":"\u003cp\u003e\u003cb\u003eProvides systematic guidance on meeting the information security challenges of the 21\u003csup\u003est\u003c\/sup\u003e century, featuring newly revised material throughout \u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e\u003ci\u003eInformation Security: Principles and Practice \u003c\/i\u003eis the must-have book for students, instructors, and early-stage professionals alike. Author Mark Stamp provides clear, accessible, and accurate information on the four critical components of information security: cryptography, access control, security protocols, and software. Readers are provided with a wealth of real-world examples that clarify complex topics, highlight important security issues, and demonstrate effective methods and strategies for protecting the confidentiality and integrity of data.\u003c\/p\u003e \u003cp\u003eFully revised and updated, the third edition of \u003ci\u003eInformation Security\u003c\/i\u003e features a brand-new chapter on network security basics and expanded coverage of cross-site scripting (XSS) attacks, Stuxnet and other malware, the SSH protocol, secure software development, and security protocols. Fresh examples illustrate the Rivest-Shamir-Adleman (RSA) cryptosystem, Elliptic-curve cryptography (ECC), and hash functions based on bitcoin and blockchains. Updated problem sets, figures, tables, and graphs help readers develop a working knowledge of classic cryptosystems, symmetric and public key cryptography, cryptanalysis, simple authentication protocols, intrusion and malware detection systems, and more. Presenting a highly practical approach to information security, this popular textbook:\u003c\/p\u003e \u003cul\u003e \u003cli\u003eProvides up-to-date coverage of the rapidly evolving field of information security\u003c\/li\u003e \u003cli\u003eExplains session keys, perfect forward secrecy, timestamps, SSH, SSL, IPSec, Kerberos, WEP, GSM, and other authentication protocols\u003c\/li\u003e \u003cli\u003eAddresses access control techniques including authentication and authorization, ACLs and capabilities, and multilevel security and compartments\u003c\/li\u003e \u003cli\u003eDiscusses software tools used for malware detection, digital rights management, and operating systems security\u003c\/li\u003e \u003cli\u003eIncludes an instructor’s solution manual, PowerPoint slides, lecture videos, and additional teaching resources\u003c\/li\u003e \u003c\/ul\u003e \u003cp\u003e\u003ci\u003eInformation Security: Principles and Practice, Third Edition \u003c\/i\u003eis the perfect textbook for advanced undergraduate and graduate students in all Computer Science programs, and remains essential reading for professionals working in industrial or government security.\u003cbr\u003e\u003cbr\u003eTo request supplementary materials, please contact \u003ca href=\"mailto:mark.stamp@sjsu.edu\"\u003emark.stamp@sjsu.edu\u003c\/a\u003e and visit the author-maintained website for more: \u003ca href=\"https:\/\/urldefense.com\/v3\/__https:\/www.cs.sjsu.edu\/*stamp\/infosec\/__;fg!!N11eV2iwtfs!vQiT_RPMbK65YTVJVaaG1i4R6paBRZB91H3juc9ejhGB1vRRIH-7YPUI7_GjtuXF_7mJyM39sfFjrtfZOkSIbw$\"\u003ehttps:\/\/www.cs.sjsu.edu\/~stamp\/infosec\/\u003c\/a\u003e.\u003c\/p\u003e \u003cp\u003ePreface xv\u003c\/p\u003e \u003cp\u003eAbout The Author xix\u003c\/p\u003e \u003cp\u003eAcknowledgments xxi\u003c\/p\u003e \u003cp\u003e1 Introductions 1\u003c\/p\u003e \u003cp\u003e1.1 The Cast of Characters 1\u003c\/p\u003e \u003cp\u003e1.2 Alice's Online Bank 2\u003c\/p\u003e \u003cp\u003e1.2.1 Confidentiality, Integrity, and Availability 2\u003c\/p\u003e \u003cp\u003e1.2.2 Beyond CIA 2\u003c\/p\u003e \u003cp\u003e1.3 About This Book 4\u003c\/p\u003e \u003cp\u003e1.3.1 Cryptography 4\u003c\/p\u003e \u003cp\u003e1.3.2 Access Control 5\u003c\/p\u003e \u003cp\u003e1.3.3 Network Security 6\u003c\/p\u003e \u003cp\u003e1.3.4 Software 6\u003c\/p\u003e \u003cp\u003e1.4 The People Problem 7\u003c\/p\u003e \u003cp\u003e1.5 Principles and Practice 7\u003c\/p\u003e \u003cp\u003e1.6 Problems 8\u003c\/p\u003e \u003cp\u003eI Crypto 13\u003c\/p\u003e \u003cp\u003e2 Classic Cryptography 15\u003c\/p\u003e \u003cp\u003e2.1 Introduction 15\u003c\/p\u003e \u003cp\u003e2.2 How to Speak Crypto 15\u003c\/p\u003e \u003cp\u003e2.3 Classic Crypto 17\u003c\/p\u003e \u003cp\u003e2.3.1 Simple Substitution Cipher 18\u003c\/p\u003e \u003cp\u003e2.3.2 Cryptanalysis of a Simple Substitution 20\u003c\/p\u003e \u003cp\u003e2.3.3 Definition of Secure 21\u003c\/p\u003e \u003cp\u003e2.3.4 Double Transposition Cipher 22\u003c\/p\u003e \u003cp\u003e2.3.5 One-Time Pad 23\u003c\/p\u003e \u003cp\u003e2.3.6 Codebook Cipher 27\u003c\/p\u003e \u003cp\u003eviii CONTENTS\u003c\/p\u003e \u003cp\u003e2.4 Classic Crypto in History 28\u003c\/p\u003e \u003cp\u003e2.4.1 Ciphers of the Election of 1876 28\u003c\/p\u003e \u003cp\u003e2.4.2 Zimmermann Telegram 30\u003c\/p\u003e \u003cp\u003e2.4.3 Project VENONA 32\u003c\/p\u003e \u003cp\u003e2.5 Modern Crypto History 33\u003c\/p\u003e \u003cp\u003e2.6 A Taxonomy of Cryptography 36\u003c\/p\u003e \u003cp\u003e2.7 A Taxonomy of Cryptanalysis 37\u003c\/p\u003e \u003cp\u003e2.8 Summary 39\u003c\/p\u003e \u003cp\u003e2.9 Problems 39\u003c\/p\u003e \u003cp\u003e3 Symmetric Ciphers 45\u003c\/p\u003e \u003cp\u003e3.1 Introduction 45\u003c\/p\u003e \u003cp\u003e3.2 Stream Ciphers 46\u003c\/p\u003e \u003cp\u003e3.2.1 A5\/1 47\u003c\/p\u003e \u003cp\u003e3.2.2 RC4 49\u003c\/p\u003e \u003cp\u003e3.3 Block Ciphers 51\u003c\/p\u003e \u003cp\u003e3.3.1 Feistel Cipher 51\u003c\/p\u003e \u003cp\u003e3.3.2 DES 52\u003c\/p\u003e \u003cp\u003e3.3.3 Triple DES 57\u003c\/p\u003e \u003cp\u003e3.3.4 AES 59\u003c\/p\u003e \u003cp\u003e3.3.5 TEA 62\u003c\/p\u003e \u003cp\u003e3.3.6 Block Cipher Modes 64\u003c\/p\u003e \u003cp\u003e3.4 Integrity 68\u003c\/p\u003e \u003cp\u003e3.5 Quantum Computers and Symmetric Crypto 70\u003c\/p\u003e \u003cp\u003e3.6 Summary 72\u003c\/p\u003e \u003cp\u003e3.7 Problems 72\u003c\/p\u003e \u003cp\u003e4 Public Key Crypto 79\u003c\/p\u003e \u003cp\u003e4.1 Introduction 79\u003c\/p\u003e \u003cp\u003e4.2 Knapsack 82\u003c\/p\u003e \u003cp\u003e4.3 RSA 85\u003c\/p\u003e \u003cp\u003e4.3.1 Textbook RSA Example 87\u003c\/p\u003e \u003cp\u003e4.3.2 Repeated Squaring 88\u003c\/p\u003e \u003cp\u003e4.3.3 Speeding Up RSA 90\u003c\/p\u003e \u003cp\u003e4.4 Diffie-Hellman 91\u003c\/p\u003e \u003cp\u003e4.5 Elliptic Curve Cryptography 93\u003c\/p\u003e \u003cp\u003e4.5.1 Elliptic Curve Math 93\u003c\/p\u003e \u003cp\u003e4.5.2 ECC Diffie-Hellman 95\u003c\/p\u003e \u003cp\u003e4.5.3 Realistic Elliptic Curve Example 96\u003c\/p\u003e \u003cp\u003e4.6 Public Key Notation 97\u003c\/p\u003e \u003cp\u003e4.7 Uses for Public Key Crypto 98\u003c\/p\u003e \u003cp\u003e4.7.1 Confidentiality in the Real World 98\u003c\/p\u003e \u003cp\u003e4.7.2 Signatures and Non-repudiation 99\u003c\/p\u003e \u003cp\u003eCONTENTS ix\u003c\/p\u003e \u003cp\u003e4.7.3 Confidentiality and Non-repudiation 99\u003c\/p\u003e \u003cp\u003e4.8 Certificates and PKI 102\u003c\/p\u003e \u003cp\u003e4.9 Quantum Computers and Public Key 104\u003c\/p\u003e \u003cp\u003e4.10 Summary 106\u003c\/p\u003e \u003cp\u003e4.11 Problems 106\u003c\/p\u003e \u003cp\u003e5 Crypto Hash Functions++ 115\u003c\/p\u003e \u003cp\u003e5.1 Introduction 115\u003c\/p\u003e \u003cp\u003e5.2 What is a Cryptographic Hash Function? 116\u003c\/p\u003e \u003cp\u003e5.3 The Birthday Problem 117\u003c\/p\u003e \u003cp\u003e5.4 A Birthday Attack 119\u003c\/p\u003e \u003cp\u003e5.5 Non-Cryptographic Hashes 120\u003c\/p\u003e \u003cp\u003e5.6 SHA-3 121\u003c\/p\u003e \u003cp\u003e5.7 HMAC 124\u003c\/p\u003e \u003cp\u003e5.8 Cryptographic Hash Applications 126\u003c\/p\u003e \u003cp\u003e5.8.1 Online Bids 126\u003c\/p\u003e \u003cp\u003e5.8.2 Blockchain 127\u003c\/p\u003e \u003cp\u003e5.9 Miscellaneous Crypto-Related Topics 136\u003c\/p\u003e \u003cp\u003e5.9.1 Secret Sharing 136\u003c\/p\u003e \u003cp\u003e5.9.2 Random Numbers 140\u003c\/p\u003e \u003cp\u003e5.9.3 Information Hiding 143\u003c\/p\u003e \u003cp\u003e5.10 Summary 147\u003c\/p\u003e \u003cp\u003e5.11 Problems 147\u003c\/p\u003e \u003cp\u003eII Access Control 159\u003c\/p\u003e \u003cp\u003e6 Authentication 161\u003c\/p\u003e \u003cp\u003e6.1 Introduction 161\u003c\/p\u003e \u003cp\u003e6.2 Authentication Methods 162\u003c\/p\u003e \u003cp\u003e6.3 Passwords 163\u003c\/p\u003e \u003cp\u003e6.3.1 Keys Versus Passwords 164\u003c\/p\u003e \u003cp\u003e6.3.2 Choosing Passwords 164\u003c\/p\u003e \u003cp\u003e6.3.3 Attacking Systems via Passwords 166\u003c\/p\u003e \u003cp\u003e6.3.4 Password Verification 167\u003c\/p\u003e \u003cp\u003e6.3.5 Math of Password Cracking 168\u003c\/p\u003e \u003cp\u003e6.3.6 Other Password Issues 173\u003c\/p\u003e \u003cp\u003e6.4 Biometrics 174\u003c\/p\u003e \u003cp\u003e6.4.1 Types of Errors 176\u003c\/p\u003e \u003cp\u003e6.4.2 Biometric Examples 176\u003c\/p\u003e \u003cp\u003e6.4.3 Biometric Error Rates 181\u003c\/p\u003e \u003cp\u003e6.4.4 Biometric Conclusions 182\u003c\/p\u003e \u003cp\u003e6.5 Something You Have 182\u003c\/p\u003e \u003cp\u003ex CONTENTS\u003c\/p\u003e \u003cp\u003e6.6 Two-Factor Authentication 183\u003c\/p\u003e \u003cp\u003e6.7 Single Sign-On and Web Cookies 183\u003c\/p\u003e \u003cp\u003e6.8 Summary 184\u003c\/p\u003e \u003cp\u003e6.9 Problems 185\u003c\/p\u003e \u003cp\u003e7 Authorization 195\u003c\/p\u003e \u003cp\u003e7.1 Introduction 195\u003c\/p\u003e \u003cp\u003e7.2 A Brief History of Authorization 196\u003c\/p\u003e \u003cp\u003e7.2.1 The Orange Book 196\u003c\/p\u003e \u003cp\u003e7.2.2 The Common Criteria 199\u003c\/p\u003e \u003cp\u003e7.3 Access Control Matrix 200\u003c\/p\u003e \u003cp\u003e7.3.1 ACLs and Capabilities 201\u003c\/p\u003e \u003cp\u003e7.3.2 Confused Deputy 202\u003c\/p\u003e \u003cp\u003e7.4 Multilevel Security Models 204\u003c\/p\u003e \u003cp\u003e7.4.1 Bell-LaPadula 206\u003c\/p\u003e \u003cp\u003e7.4.2 Biba's Model 207\u003c\/p\u003e \u003cp\u003e7.4.3 Compartments 208\u003c\/p\u003e \u003cp\u003e7.5 Covert Channels 210\u003c\/p\u003e \u003cp\u003e7.6 Inference Control 212\u003c\/p\u003e \u003cp\u003e7.7 CAPTCHA 214\u003c\/p\u003e \u003cp\u003e7.8 Summary 216\u003c\/p\u003e \u003cp\u003e7.9 Problems 216\u003c\/p\u003e \u003cp\u003eIII Topics in Network Security 221\u003c\/p\u003e \u003cp\u003e8 Network Security Basics 223\u003c\/p\u003e \u003cp\u003e8.1 Introduction 223\u003c\/p\u003e \u003cp\u003e8.2 Networking Basics 223\u003c\/p\u003e \u003cp\u003e8.2.1 The Protocol Stack 225\u003c\/p\u003e \u003cp\u003e8.2.2 Application Layer 226\u003c\/p\u003e \u003cp\u003e8.2.3 Transport Layer 228\u003c\/p\u003e \u003cp\u003e8.2.4 Network Layer 231\u003c\/p\u003e \u003cp\u003e8.2.5 Link Layer 233\u003c\/p\u003e \u003cp\u003e8.3 Cross-Site Scripting Attacks 235\u003c\/p\u003e \u003cp\u003e8.4 Firewalls 236\u003c\/p\u003e \u003cp\u003e8.4.1 Packet Filter 238\u003c\/p\u003e \u003cp\u003e8.4.2 Stateful Packet Filter 240\u003c\/p\u003e \u003cp\u003e8.4.3 Application Proxy 240\u003c\/p\u003e \u003cp\u003e8.4.4 Defense in Depth 242\u003c\/p\u003e \u003cp\u003e8.5 Intrusion Detection Systems 243\u003c\/p\u003e \u003cp\u003e8.5.1 Signature-Based IDS 245\u003c\/p\u003e \u003cp\u003e8.5.2 Anomaly-Based IDS 246\u003c\/p\u003e \u003cp\u003eCONTENTS xi\u003c\/p\u003e \u003cp\u003e8.6 Summary 250\u003c\/p\u003e \u003cp\u003e8.7 Problems 250\u003c\/p\u003e \u003cp\u003e9 Simple Authentication Protocols 257\u003c\/p\u003e \u003cp\u003e9.1 Introduction 257\u003c\/p\u003e \u003cp\u003e9.2 Simple Security Protocols 259\u003c\/p\u003e \u003cp\u003e9.3 Authentication Protocols 261\u003c\/p\u003e \u003cp\u003e9.3.1 Authentication Using Symmetric Keys 264\u003c\/p\u003e \u003cp\u003e9.3.2 Authentication Using Public Keys 267\u003c\/p\u003e \u003cp\u003e9.3.3 Session Keys 268\u003c\/p\u003e \u003cp\u003e9.3.4 Perfect Forward Secrecy 270\u003c\/p\u003e \u003cp\u003e9.3.5 Mutual Authentication, Session Key, and PFS 273\u003c\/p\u003e \u003cp\u003e9.3.6 Timestamps 273\u003c\/p\u003e \u003cp\u003e9.4 ``Authentication\"\" and TCP 275\u003c\/p\u003e \u003cp\u003e9.5 Zero Knowledge Proofs 278\u003c\/p\u003e \u003cp\u003e9.6 Tips for Analyzing Protocols 282\u003c\/p\u003e \u003cp\u003e9.7 Summary 284\u003c\/p\u003e \u003cp\u003e9.8 Problems 284\u003c\/p\u003e \u003cp\u003e10 Real-World Security Protocols 293\u003c\/p\u003e \u003cp\u003e10.1 Introduction 293\u003c\/p\u003e \u003cp\u003e10.2 SSH 294\u003c\/p\u003e \u003cp\u003e10.2.1 SSH and the Man-in-the-Middle 295\u003c\/p\u003e \u003cp\u003e10.3 SSL 296\u003c\/p\u003e \u003cp\u003e10.3.1 SSL and the Man-in-the-Middle 299\u003c\/p\u003e \u003cp\u003e10.3.2 SSL Connections 300\u003c\/p\u003e \u003cp\u003e10.3.3 SSL Versus IPsec 300\u003c\/p\u003e \u003cp\u003e10.4 IPsec 301\u003c\/p\u003e \u003cp\u003e10.4.1 IKE Phase 1 302\u003c\/p\u003e \u003cp\u003e10.4.2 IKE Phase 2 309\u003c\/p\u003e \u003cp\u003e10.4.3 IPsec and IP Datagrams 310\u003c\/p\u003e \u003cp\u003e10.4.4 Transport and Tunnel Modes 311\u003c\/p\u003e \u003cp\u003e10.4.5 ESP and AH 313\u003c\/p\u003e \u003cp\u003e10.5 Kerberos 314\u003c\/p\u003e \u003cp\u003e10.5.1 Kerberized Login 316\u003c\/p\u003e \u003cp\u003e10.5.2 Kerberos Ticket 316\u003c\/p\u003e \u003cp\u003e10.5.3 Security of Kerberos 318\u003c\/p\u003e \u003cp\u003e10.6 WEP 319\u003c\/p\u003e \u003cp\u003e10.6.1 WEP Authentication 319\u003c\/p\u003e \u003cp\u003e10.6.2 WEP Encryption 320\u003c\/p\u003e \u003cp\u003e10.6.3 WEP Non-Integrity 320\u003c\/p\u003e \u003cp\u003e10.6.4 Other WEP Issues 321\u003c\/p\u003e \u003cp\u003e10.6.5 WEP: The Bottom Line 322\u003c\/p\u003e \u003cp\u003exii CONTENTS\u003c\/p\u003e \u003cp\u003e10.7 GSM 322\u003c\/p\u003e \u003cp\u003e10.7.1 GSM Architecture 323\u003c\/p\u003e \u003cp\u003e10.7.2 GSM Security Architecture 324\u003c\/p\u003e \u003cp\u003e10.7.3 GSM Authentication Protocol 326\u003c\/p\u003e \u003cp\u003e10.7.4 GSM Security Flaws 327\u003c\/p\u003e \u003cp\u003e10.7.5 GSM Conclusions 329\u003c\/p\u003e \u003cp\u003e10.7.6 3GPP 330\u003c\/p\u003e \u003cp\u003e10.8 Summary 330\u003c\/p\u003e \u003cp\u003e10.9 Problems 331\u003c\/p\u003e \u003cp\u003eIV Software 339\u003c\/p\u003e \u003cp\u003e11 Software Flaws and Malware 341\u003c\/p\u003e \u003cp\u003e11.1 Introduction 341\u003c\/p\u003e \u003cp\u003e11.2 Software Flaws 341\u003c\/p\u003e \u003cp\u003e11.2.1 Buffer Overflow 345\u003c\/p\u003e \u003cp\u003e11.2.2 Incomplete Mediation 356\u003c\/p\u003e \u003cp\u003e11.2.3 Race Conditions 356\u003c\/p\u003e \u003cp\u003e11.3 Malware 358\u003c\/p\u003e \u003cp\u003e11.3.1 Malware Examples 359\u003c\/p\u003e \u003cp\u003e11.3.2 Malware Detection 365\u003c\/p\u003e \u003cp\u003e11.3.3 The Future of Malware 367\u003c\/p\u003e \u003cp\u003e11.3.4 The Future of Malware Detection 369\u003c\/p\u003e \u003cp\u003e11.4 Miscellaneous Software-Based Attacks 369\u003c\/p\u003e \u003cp\u003e11.4.1 Salami Attacks 369\u003c\/p\u003e \u003cp\u003e11.4.2 Linearization Attacks 370\u003c\/p\u003e \u003cp\u003e11.4.3 Time Bombs 371\u003c\/p\u003e \u003cp\u003e11.4.4 Trusting Software 372\u003c\/p\u003e \u003cp\u003e11.5 Summary 373\u003c\/p\u003e \u003cp\u003e11.6 Problems 373\u003c\/p\u003e \u003cp\u003e12 Insecurity in Software 381\u003c\/p\u003e \u003cp\u003e12.1 Introduction 381\u003c\/p\u003e \u003cp\u003e12.2 Software Reverse Engineering 382\u003c\/p\u003e \u003cp\u003e12.2.1 Reversing Java Bytecode 384\u003c\/p\u003e \u003cp\u003e12.2.2 SRE Example 385\u003c\/p\u003e \u003cp\u003e12.2.3 Anti-Disassembly Techniques 390\u003c\/p\u003e \u003cp\u003e12.2.4 Anti-Debugging Techniques 391\u003c\/p\u003e \u003cp\u003e12.2.5 Software Tamper Resistance 392\u003c\/p\u003e \u003cp\u003e12.3 Software Development 393\u003c\/p\u003e \u003cp\u003e12.3.1 Flaws and Testing 395\u003c\/p\u003e \u003cp\u003e12.3.2 Secure Software Development? 396\u003c\/p\u003e \u003cp\u003eCONTENTS xiii\u003c\/p\u003e \u003cp\u003e12.4 Summary 396\u003c\/p\u003e \u003cp\u003e12.5 Problems 397\u003c\/p\u003e \u003cp\u003eAppendix 403\u003c\/p\u003e \u003cp\u003eA-1 Modular Arithmetic 403\u003c\/p\u003e \u003cp\u003eA-2 Permutations 405\u003c\/p\u003e \u003cp\u003eA-3 Probability 406\u003c\/p\u003e \u003cp\u003eA-4 DES Permutations 406\u003c\/p\u003e \u003cp\u003eIndex 418\u003c\/p\u003e  \u003cp\u003e\u003cb\u003eMark Stamp, PhD, \u003c\/b\u003ehas more than 25 years of experience in the field of information security. He has worked in industry, in academia as Professor of Computer Science, and in government as a cryptologic scientist for the National Security Agency. He has written dozens of academic papers, numerous journal articles, and two books on the topic of information security.  \u003c\/p\u003e\u003cp\u003e\u003cb\u003eProvides systematic guidance on meeting the information security challenges of the 21st century, featuring newly revised material throughout\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e\u003ci\u003eInformation Security: Principles and Practice\u003c\/i\u003e is the must-have book for students, instructors, and early-stage professionals alike. Author Mark Stamp provides clear, accessible, and accurate information on the four critical components of information security: cryptography, access control, network security, and software. Readers are provided with a wealth of real-world examples that clarify complex topics, highlight important security issues, and demonstrate effective methods and strategies for protecting the confidentiality and integrity of data.\u003c\/p\u003e \u003cp\u003eFully revised and updated, the third edition of \u003ci\u003eInformation Security\u003c\/i\u003e features a brand-new chapter on network security basics and expanded coverage of cross-site scripting (XSS) attacks, Stuxnet and other malware, the SSH protocol, secure software development, and security protocols. Fresh examples illustrate the Rivest-Shamir-Adleman (RSA) cryptosystem, elliptic-curve cryptography (ECC), SHA-3, and hash function applications including bitcoin and blockchains. Updated problem sets, figures, tables, and graphs help readers develop a working knowledge of classic cryptosystems, modern symmetric and public key cryptography, cryptanalysis, simple authentication protocols, intrusion and malware detection systems, quantum computing, and more. Presenting a highly practical approach to information security, this popular textbook:\u003c\/p\u003e \u003cul\u003e \u003cli\u003eProvides up-to-date coverage of the rapidly evolving field of information security\u003c\/li\u003e \u003cli\u003eExplains session keys, perfect forward secrecy, timestamps, SSH, SSL, IPSec, Kerberos, WEP, GSM, and other authentication protocols\u003c\/li\u003e \u003cli\u003eAddresses access control techniques including authentication and authorization, ACLs and capabilities, and multilevel security and compartments\u003c\/li\u003e \u003cli\u003eDiscusses software security issues, ranging from malware detection to secure software development\u003c\/li\u003e \u003cli\u003eIncludes an instructor’s solution manual, PowerPoint slides, lecture videos, and additional teaching resources\u003c\/li\u003e \u003c\/ul\u003e \u003cp\u003e\u003ci\u003eInformation Security: Principles and Practice, Third Edition\u003c\/i\u003e is the perfect textbook for advanced undergraduate and graduate students in all Computer Science programs, and remains essential reading for professionals working in industrial or government security.\u003cbr\u003e\u003cbr\u003eTo request supplementary materials, please contact \u003ca href=\"mailto:mark.stamp@sjsu.edu\"\u003emark.stamp@sjsu.edu\u003c\/a\u003e and visit the author-maintained website for more: \u003ca href=\"https:\/\/urldefense.com\/v3\/__https:\/www.cs.sjsu.edu\/*stamp\/infosec\/__;fg!!N11eV2iwtfs!vQiT_RPMbK65YTVJVaaG1i4R6paBRZB91H3juc9ejhGB1vRRIH-7YPUI7_GjtuXF_7mJyM39sfFjrtfZOkSIbw$\"\u003ehttps:\/\/www.cs.sjsu.edu\/~stamp\/infosec\/\u003c\/a\u003e.\u003c\/p\u003e","brand":"Wiley","offers":[{"title":"Default Title","offer_id":47989422293221,"sku":"NP9781119505907","price":118.0,"currency_code":"USD","in_stock":false}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/1842\/7735\/files\/9781119505907.jpg?v=1761784042","url":"https:\/\/k12savings.com\/products\/information-security-isbn-9781119505907","provider":"K12savings","version":"1.0","type":"link"}