Computer security / Dieter Gollmann.
By: Gollmann, Dieter
.
Material type: 
BookSeries: Worldwide series in computer science.Publisher: Chichester, England : John Wiley & Sons, c1999Description: xv, 320 p. : ill. ; 24 cm. + pbk.ISBN: 0471978442 .Subject(s): Computer securityDDC classification: 005.8 | Item type | Current library | Call number | Copy number | Status | Date due | Barcode | Item holds |
|---|---|---|---|---|---|---|---|
| General Lending | MTU Bishopstown Library Lending | 005.8 (Browse shelf(Opens below)) | 1 | Available | 00160424 | ||
| General Lending | MTU Bishopstown Library Store Item | 005.8 (Browse shelf(Opens below)) | 1 | Available | 00155192 |
Enhanced descriptions from Syndetics:
A comprehensive and practical text and the perfect starting point for this subject ... 'Is this system secure?' seems, on the face of it, a straightforward question. Yet how one arrives at an answer is a process which poses a wide range of more complex questions which require a basic understanding of security mechanisms. Questions, such as: * Should protection focus on data, operations or users? * Whilst taking cast iron measures to build in security at one level, what does one do to prevent attackers gaining entry from a lower level?
Starting with basic definitions and concepts, the first section of the book goes on to outline the mechanisms located at the heart of the computer system, mechanisms which provide the basis for techniques used in all other branches of the system. The second section examines the security features found in operating systems such as UNIX and Windows NT, catalogues security breaches, and introduces the topic of security evaluation. A third section is devoted to issues associated with distributed systems, such as network - and Web - security and considers cryptography as an essential technique for such environments. The final section of the book is constructed around database security, discussing problems in multi-level security, and examining security problems in specific settings.
Written for self-study and course use, this book will suit a variety of introductory and more advanced security programmes for students of computer science, engineering and related disciplines. It meets a real need for a comprehensive textbook on the subject. Technical and project managers will also find that the broad coverage offers a great starting point for discovering underlying issues and provides a means of orientation in a world populated by a bewildering array of competing security systems.
Bibliography: (pages 307-313) and index.
Part One: Fundamentals -- Setting the scene -- Identification and authentication -- Access control -- Security models -- The security kernel -- Part Two: Practice -- Unix security -- Windows NT security -- How things go wrong -- Security evaluation -- Part Three: Distributed systems security -- World Wide Web security -- Cryptography -- Network security -- Part Four: Theory -- Database security -- Multi-level secure databases -- Concurrency control and multi-level security -- Object-oriented security.
Table of contents provided by Syndetics
- Preface
- Chapter 1 Introduction
- 1.1 Attacks and Attackers
- 1.2 Security
- 1.3 Security Management
- 1.4 Risk and Threat Analysis
- 1.5 Further Reading
- 1.6 Exercises
- Chapter 2 Foundations of Computer Security
- 2.1 Definitions
- 2.2 The Fundamental Dilemma of Computer Security
- 2.3 Data vs Information
- 2.4 Principles of Computer Security
- 2.5 The Layer Below
- 2.6 Further Reading
- 2.7 Exercises
- Chapter 3 Identification & Authentication
- 3.1 Username and Password
- 3.2 Managing Passwords
- 3.3 Choosing Passwords
- 3.4 Spoofing Attacks
- 3.5 Protecting the Password File
- 3.6 Single Sign-on
- 3.7 Alternative Approaches
- 3.8 Further Reading
- 3.9 Exercises
- Chapter 4 Access Control
- 4.1 Background
- 4.2 Authentication and Authorization
- 4.3 Access Operations
- 4.4 Ownership
- 4.5 Access Control Structures
- 4.6 Intermediate Controls
- 4.7 Partial Orderings
- 4.8 Further Reading
- 4.9 Exercises
- Chapter 5 Reference Monitors
- 5.1 Introduction
- 5.2 Operating System Integrity
- 5.3 Hardware Security Features
- 5.4 Protecting Memory
- 5.5 Further Reading
- 5.6 Exercises
- Chapter 6 Unix Security
- 6.1 Introduction
- 6.2 Principals
- 6.3 Subjects
- 6.4 Objects
- 6.5 Access Control
- 6.6 Instances of General Security Principles
- 6.7 Management Issues
- 6.8 Further Reading
- 6.9 Exercises
- Chapter 7 Windows 2000 Security
- 7.1 Introduction
- 7.2 Access Control - Components
- 7.3 Access Decisions
- 7.4 Restricted Context
- 7.5 Administration
- 7.6 Further Reading
- 7.7 Exercises
- Chapter 8 Bell-LaPadula Model
- 8.1 State Machine Models
- 8.2 The Bell-LaPadula Model
- 8.3 The Multics Interpretation of BLP
- 8.4 Further Reading
- 8.5 Exercises
- Chapter 9 Security Models
- 9.1 The Biba Model
- 9.2 The Chinese Wall Model
- 9.3 The Clark-Wilson Model
- 9.4 The Harrison-Ruzzo-Ullman Model
- 9.5 Information-Flow Models
- 9.6 Execution Monitors
- 9.7 Further Reading
- 9.8 Exercises
- Chapter 10 Security Evaluation
- 10.1 Introduction
- 10.2 The Orange Book
- 10.3 The Rainbow Series
- 10.4 Information Technology Security Evaluation Criteria
- 10.5 The Federal Criteria
- 10.6 The Common Criteria
- 10.7 Quality Standards
- 10.8 An E_ort Well Spent?
- 10.9 Further Reading
- 10.10 Exercises
- Chapter 11 Cryptography
- 11.1 Introduction
- 11.2 Modular Arithmetic
- 11.3 Integrity Check Functions
- 11.4 Digital Signatures
- 11.5 Encryption
- 11.6 Strength of Mechanisms
- 11.7 Performance
- 11.8 Further Reading
- 11.9 Exercises
- Chapter 12 Authentication in Distributed Systems
- 12.1 Introduction
- 12.2 Key Establishment and Authentication
- 12.3 Key Establishment Protocols
- 12.4 Kerberos
- 12.5 Public Key Infrastructures
- 12.6 Trusted Computing - Attestation
- 12.7 Further Reading
- 12.8 Exercises
- Chapter 13 Network Security
- 13.1 Introduction
- 13.2 Protocol Design Principles
- 13.3 IP Security
- 13.4 SSL/TLS
- 13.5 DNS
- 13.6 Firewalls
- 13.7 Intrusion Detection
- 13.8 Further Reading
- 13.9 Exercises
- Chapetr 14 Software Security
- 14.1 Introduction
- 14.2 Characters and Numbers