Security in Computing
3rd Edition
Published on 10. December 2002
Book
Hardback
746 pages
978-0-13-035548-5 (ISBN)
Description
Appropriate for beginning to intermediate courses in computer security.
This sweeping revision of the classic computer security book provides an authoritative overview of computer security for every type of system, from traditional centralized systems to distributed networks and the Internet. The Third Edition has been updated to reflect the state-of-the-art in networking; cryptography; program and operating system security; administration; legal, privacy, and ethical issues, and much more. It combines core computer science concepts related to operating systems, networks, data bases, and programming, with accessible discussions of the use of cryptography and protocols. The book describes each important area from a developer's or user's point of view, lays out the security vulnerabilities and threats, and follows countermeasures to address them. Their book's layered approach is ideal for instructors who wish to customize courses based on their unique requirements. They also provide extensive pedagogical resources-including overviews, end-of-chapter reviews, lists of key terms, and updated exercises and references.
The authors are recognized experts in their fields. Lead author Dr. Charles P. Pfleeger, CISSP, is currently Master Security Architect for Cable & Wireless, one of the world's leading providers of Internet and secure infrastructure services. Co-author Dr. Shari Lawrence Pfleeger is a Senior Researcher at RAND Corporation, a not-for-profit company providing strategy and decision-making support in the public interest. They are the authors of more than a dozen previous books on computer security, software engineering, software measurement, software quality, and programming.
Supplements including a solutions manual, PowerPoints and a companion website are available. In the "Resources" box above, please click on "Instructor."
This sweeping revision of the classic computer security book provides an authoritative overview of computer security for every type of system, from traditional centralized systems to distributed networks and the Internet. The Third Edition has been updated to reflect the state-of-the-art in networking; cryptography; program and operating system security; administration; legal, privacy, and ethical issues, and much more. It combines core computer science concepts related to operating systems, networks, data bases, and programming, with accessible discussions of the use of cryptography and protocols. The book describes each important area from a developer's or user's point of view, lays out the security vulnerabilities and threats, and follows countermeasures to address them. Their book's layered approach is ideal for instructors who wish to customize courses based on their unique requirements. They also provide extensive pedagogical resources-including overviews, end-of-chapter reviews, lists of key terms, and updated exercises and references.
The authors are recognized experts in their fields. Lead author Dr. Charles P. Pfleeger, CISSP, is currently Master Security Architect for Cable & Wireless, one of the world's leading providers of Internet and secure infrastructure services. Co-author Dr. Shari Lawrence Pfleeger is a Senior Researcher at RAND Corporation, a not-for-profit company providing strategy and decision-making support in the public interest. They are the authors of more than a dozen previous books on computer security, software engineering, software measurement, software quality, and programming.
Supplements including a solutions manual, PowerPoints and a companion website are available. In the "Resources" box above, please click on "Instructor."
More details
Edition
3rd edition
Language
English
Place of publication
Upper Saddle River
United States
Publishing group
Pearson Education (US)
Target group
College/higher education
Dimensions
Height: 242 mm
Width: 187 mm
Thickness: 33 mm
Weight
1279 gr
ISBN-13
978-0-13-035548-5 (9780130355485)
Copyright in bibliographic data and cover images is held by Nielsen Book Services Limited or by the publishers or by their respective licensors: all rights reserved.
Schweitzer Classification
Other editions
New editions
Charles Pfleeger | Shari Lawrence Pfleeger | Lizzie Coles-Kemp
Security in Computing
Book
07/2023
6th Edition
Addison Wesley
€116.49
Shipment within 15-20 days
Charles P. Pfleeger | Shari Lawrence Pfleeger
Security in Computing
Book
11/2006
4th Edition
Prentice Hall
€105.22
Article exhausted; check for reprint
Previous edition
Book
11/1996
2nd Edition
Pearson
€49.51
Article exhausted; check for reprint
Persons
CHARLES P. PFLEEGER is a Master Security Architect for Cable & Wireless, the world's premier web hosting and Internet solutions provider. He regularly advises clients on secure design and implementation of network applications and architectures.
SHARI LAWRENCE PFLEEGER, senior researcher for RAND, is author of eight books on software engineering, measurement, and quality, including Software Engineering: Theory and Practice, Second Edition (Prentice Hall). She was named by The Journal of Systems and Software as one of the world's top software engineering researchers.
Foreword by Willis H. Ware.
SHARI LAWRENCE PFLEEGER, senior researcher for RAND, is author of eight books on software engineering, measurement, and quality, including Software Engineering: Theory and Practice, Second Edition (Prentice Hall). She was named by The Journal of Systems and Software as one of the world's top software engineering researchers.
Foreword by Willis H. Ware.
Content
Foreword.
Preface to the Third Edition.
1. Is There a Security Problem in Computing?
What Does "Secure" Mean? Attacks. The Meaning of Computer Security. Computer Criminals. Methods of Defense. What's Next. Summary. Terms and Concepts. Where the Field Is Headed. To Learn More. Exercises.
2. Elementary Cryptography.
Terminology and Background. Substitution Ciphers. Transposition (Permutations). Making "Good" Encryption Algorithms. The Data Encryption Standard (DES). The AES Encryption Algorithm. Public Key Encryption. The Uses of Encryption. Summary of Encryption. Terms and Concepts. Where the Field Is Headed. To Learn More. Exercises.
3. Program Security.
Secure Programs. Nonmalicious Program Errors. Viruses and Other Malicious Code. Targeted Malicious Code. Controls Against Program Threats. Summary of Program Threats and Controls. Terms and Concepts. Where the Field Is Headed. To Learn More. Exercises.
4. Protection in General-Purpose Operating Systems.
Protected Objects and Methods of Protection. Memory and Address Protection. Control of Access to General Objects. File Protection Mechanisms. User Authentication. Summary of Security for Users. Terms and Concepts. Where the Field Is Headed. To Learn More. Exercises.
5.Designing Trusted Operating Systems.
What Is a Trusted System? Security Policies. Models of Security. Trusted Operating System Design. Assurance in Trusted Operating Systems. Implementation Examples. Summary of Security in Operating Systems. Terms and Concepts. Where the Field Is Headed. To Learn More. Exercises.
6. Database Security.
Introduction to Databases. Security Requirements. Reliability and Integrity. Sensitive Data. Inference. Multilevel Databases. Proposals for Multilevel Security. Summary of Database Security. Terms and Concepts. Where the Field Is Headed. To Learn More. Exercises.
7. Security in Networks.
Network Concepts. Threats in Networks. Network Security Controls. Firewalls. Intrusion Detection Systems. Secure E-Mail. Summary of Network Security. Terms and Concepts. Where the Field Is Headed. To Learn More. Exercises.
8. Administering Security.
Security Planning. Risk Analysis. Organizational Security Policies. Physical Security. Summary. Terms and Concepts. To Learn More. Exercises.
9. Legal, Privacy, and Ethical Issues in Computer Security.
Protecting Programs and Data. Information and the Law. Rights of Employees and Employers. Software Failures. Computer Crime. Privacy. Ethical Issues in Computer Security. Case Studies of Ethics. Case I: Use of Computer Services. Case II: Privacy Rights. Case III: Denial of Service. Case IV: Ownership of Programs. Case V: Proprietary Resources. Case VI: Fraud. Case VII: Accuracy of Information. Case VIII: Ethics of Hacking or Cracking. Codes of Ethics. Conclusion of Computer Ethics. Terms and Concepts. To Learn More. Exercises.
10. Cryptography Explained.
Mathematics for Cryptography. Symmetric Encryption. Public Key Encryption Systems. Quantum Cryptography. Summary of Encryption. Terms and Concepts. Where the Field Is Headed. To Learn More. Exercises.
Bibliography.
Index.
Preface to the Third Edition.
1. Is There a Security Problem in Computing?
What Does "Secure" Mean? Attacks. The Meaning of Computer Security. Computer Criminals. Methods of Defense. What's Next. Summary. Terms and Concepts. Where the Field Is Headed. To Learn More. Exercises.
2. Elementary Cryptography.
Terminology and Background. Substitution Ciphers. Transposition (Permutations). Making "Good" Encryption Algorithms. The Data Encryption Standard (DES). The AES Encryption Algorithm. Public Key Encryption. The Uses of Encryption. Summary of Encryption. Terms and Concepts. Where the Field Is Headed. To Learn More. Exercises.
3. Program Security.
Secure Programs. Nonmalicious Program Errors. Viruses and Other Malicious Code. Targeted Malicious Code. Controls Against Program Threats. Summary of Program Threats and Controls. Terms and Concepts. Where the Field Is Headed. To Learn More. Exercises.
4. Protection in General-Purpose Operating Systems.
Protected Objects and Methods of Protection. Memory and Address Protection. Control of Access to General Objects. File Protection Mechanisms. User Authentication. Summary of Security for Users. Terms and Concepts. Where the Field Is Headed. To Learn More. Exercises.
5.Designing Trusted Operating Systems.
What Is a Trusted System? Security Policies. Models of Security. Trusted Operating System Design. Assurance in Trusted Operating Systems. Implementation Examples. Summary of Security in Operating Systems. Terms and Concepts. Where the Field Is Headed. To Learn More. Exercises.
6. Database Security.
Introduction to Databases. Security Requirements. Reliability and Integrity. Sensitive Data. Inference. Multilevel Databases. Proposals for Multilevel Security. Summary of Database Security. Terms and Concepts. Where the Field Is Headed. To Learn More. Exercises.
7. Security in Networks.
Network Concepts. Threats in Networks. Network Security Controls. Firewalls. Intrusion Detection Systems. Secure E-Mail. Summary of Network Security. Terms and Concepts. Where the Field Is Headed. To Learn More. Exercises.
8. Administering Security.
Security Planning. Risk Analysis. Organizational Security Policies. Physical Security. Summary. Terms and Concepts. To Learn More. Exercises.
9. Legal, Privacy, and Ethical Issues in Computer Security.
Protecting Programs and Data. Information and the Law. Rights of Employees and Employers. Software Failures. Computer Crime. Privacy. Ethical Issues in Computer Security. Case Studies of Ethics. Case I: Use of Computer Services. Case II: Privacy Rights. Case III: Denial of Service. Case IV: Ownership of Programs. Case V: Proprietary Resources. Case VI: Fraud. Case VII: Accuracy of Information. Case VIII: Ethics of Hacking or Cracking. Codes of Ethics. Conclusion of Computer Ethics. Terms and Concepts. To Learn More. Exercises.
10. Cryptography Explained.
Mathematics for Cryptography. Symmetric Encryption. Public Key Encryption Systems. Quantum Cryptography. Summary of Encryption. Terms and Concepts. Where the Field Is Headed. To Learn More. Exercises.
Bibliography.
Index.