Introduction to Computer Security

Cover
Addison-Wesley, 2005 - 747 Seiten

In this authoritative book, widely respected practitioner and teacher Matt Bishop presents a clear and useful introduction to the art and science of information security. Bishop's insights and realistic examples will help any practitioner or student understand the crucial links between security theory and the day-to-day security challenges of IT environments.

Bishop explains the fundamentals of security: the different types of widely used policies, the mechanisms that implement these policies, the principles underlying both policies and mechanisms, and how attackers can subvert these tools--as well as how to defend against attackers. A practicum demonstrates how to apply these ideas and mechanisms to a realistic company.

Coverage includes

  • Confidentiality, integrity, and availability
  • Operational issues, cost-benefit and risk analyses, legal and human factors
  • Planning and implementing effective access control
  • Defining security, confidentiality, and integrity policies
  • Using cryptography and public-key systems, and recognizing their limits
  • Understanding and using authentication: from passwords to biometrics
  • Security design principles: least-privilege, fail-safe defaults, open design, economy of mechanism, and more
  • Controlling information flow through systems and networks
  • Assuring security throughout the system lifecycle
  • Malicious logic: Trojan horses, viruses, boot sector and executable infectors, rabbits, bacteria, logic bombs--and defenses against them
  • Vulnerability analysis, penetration studies, auditing, and intrusion detection and prevention
  • Applying security principles to networks, systems, users, and programs

Introduction to Computer Security is adapted from Bishop's comprehensive and widely praised book, Computer Security: Art and Science. This shorter version of the original work omits much mathematical formalism, making it more accessible for professionals and students who have a less formal mathematical background, or for readers with a more practical than theoretical interest.

Im Buch

 

Inhalt

An Overview of Computer Security
1
Access Control Matrix
27
Foundational Results
37
Urheberrecht

27 weitere Abschnitte werden nicht angezeigt.

Andere Ausgaben - Alle anzeigen

Introduction to Computer Security
Bishop
Keine Leseprobe verfügbar - 2006
Introduction to Computer Security
Bishop
Keine Leseprobe verfügbar - 2005

Häufige Begriffe und Wortgruppen

access control actions administrators Alice allow alter analysis application approach associated assume assurance attack audit authentication authorized bits block called certificate Chapter ciphertext command communicate connections Consider contains create cryptographic defined Definition delete describe detection determine discuss effective enciphered entry environment error evaluation example execute Figure firewall flaw flow function goal host identify identity implementation integrity internal Internet intrusion issue machine means mechanisms monitor object obtain operating system packet password perform prevent principle privileges problem procedure Proceedings protection protocol record requirements result role rules security policy sequence server specific techniques tion trusted UNIX valid write

Verweise auf dieses Buch

Autoren-Profil (2005)

Matt Bishop is a professor in the Department of Computer Science at the University of California at Davis. A recognized expert in vulnerability analysis, secure systems/software design, network security, access control, authentication, and UNIX security, Bishop also works to improve computer security instruction.

Bibliografische Informationen

TitelIntroduction to Computer Security
Autor/inMatthew A. Bishop
Ausgabegekürzt, illustriert, Neuauflage
VerlagAddison-Wesley, 2005
Original vonUniversity of Michigan
Digitalisiert20. Nov. 2007
ISBN0321247442, 9780321247445
Länge747 Seiten
  
Zitat exportierenBiBTeX EndNote RefMan