Security in computing / Charles P. Pfleeger.
By: Pfleeger, Charles P.
Material type: BookPublisher: Upper Saddle River, N.J. : Prentice Hall PTR, c1997Edition: 2nd ed.Description: xviii, 574 p. : ill. ; 24 cm. + pbk.ISBN: 0131857940.Subject(s): Computer security | Data protection | Privacy, Right ofDDC classification: 005.8Item type | Current library | Call number | Copy number | Status | Date due | Barcode | Item holds |
---|---|---|---|---|---|---|---|
General Lending | MTU Bishopstown Library Store Item | 005.8 (Browse shelf(Opens below)) | 1 | Available | 00069129 |
Enhanced descriptions from Syndetics:
When the first edition of this book was published in 1989, viruses were uncommon, the Internet was only used by serious professionals, and computer crime was a rarity. This revision has updated coverage of viruses, worms, Trojan horses, firewalls, private e-mail, and new encryption technologies. The chapters of the book progress in an orderly manner. After an introduction, the topic of encryption is presented as the first tool in computing security. The book continues through the different kinds of computing applications, their weaknesses, and their controls. The applications area include: general programs, operation systems, database management systems, remote access computing, and multi-computer networks. These sections begin with a definition of the topic, continue with a description of the relationship of security to the topic, and conclude with a statement of the current state-of-the-art of computer security research related to the topic. The book concludes with an examination of risk analysis and planning for computer security, and a study of the relationship of law and ethics to computer security.
Bibliography: p. 537-559. - Includes index.
Table of contents provided by Syndetics
- Preface
- 1 Is There a Security Problem in Computing?
- Characteristics of Computer Intrusion
- Kinds of Security Breaches
- Security Goals and Vulnerabilities
- The People Involved
- Methods of Defense
- Plan of Attack
- Bibliographic Notes
- Terms and Concepts
- Exercises
- 2 Basic Encryption and Decryption
- Terminology and Background
- Monoalphabetic Ciphers (Substitutions)
- Polyalphabetic Substitution Ciphers
- Transpositions (Permutations)
- Fractionated Morse
- Stream and Block Ciphers
- Characteristics of Good Ciphers
- What the Cryptanalyst Has to Work With
- Summary of Basic Encryption
- Bibliographic Notes
- Terms and Concepts
- Exercises
- 3 Secure Encryption Systems
- Hard Problems: Complexity
- Properties of Arithmetic
- Public Key Encryption Systems
- Merkle Hellman Knapsacks
- Rivest Shamir Adelman (RSA) Encryption
- El Gamal and Digital Signature Algorithms
- Hash Algorithms
- Secure Secret Key (Symmetric) Systems
- The Data Encryption Standard (DES)
- Key Escrow and Clipper
- The Clipper Program
- Conclusions
- Summary of Secure Encryption
- Bibliographic Notes
- Terms and Concepts
- Exercises
- 4 Using Encryption: Protocols and Practices
- Protocols: Orderly Behavior
- How to Use Encryption
- Enhancing Cryptographic Security
- Modes of Encryption
- Summary of Protocols and Practices
- Bibliographic Notes
- Terms and Concepts
- Exercises
- 5 Program Security
- Viruses and Other Malicious Code
- Targeted Malicious Code
- Controls Against Program Threats
- Summary of Program Threats and Controls
- Bibliographic Notes
- Terms and Concepts
- Exercises
- 6 Protection in General-Purpose Operating Systems
- Protected Objects and Methods of Protection
- Protecting Memory and Addressing
- Protecting Access to General Objects
- File Protection Mechanisms
- User Authentication
- Summary of Security for Users
- Bibliographic Notes
- Terms and Concepts
- Exercises
- 7 Designing Trusted Operating Systems
- What Is a Trusted System? Security Policies
- Models of Security
- Design of Trusted Operating Systems
- Assurance in Trusted Operating Systems
- Implementation Examples
- Summary of Security in Operating Systems
- Bibliographic Notes
- Terms and Concepts
- Exercises
- 8 Data Base Security
- Introduction to Data Bases
- Security Requirements
- Reliability and Integrity
- Sensitive Data
- Inference Problem
- Multilevel Data Bases
- Proposals for Multilevel Security
- Summary of Data Base Security
- Bibliographic Notes
- Terms and Concepts
- Exercises
- 9 Security in Networks and Distributed Systems
- Network Concepts
- Threats in Networks
- Network Security Controls
- Privacy Enhanced Electronic Mail
- Firewalls
- Encrypting Gateway
- Multilevel Security on Networks
- Summary of Network Security
- Bibliographic Notes
- Terms and Concepts
- Exercises
- 10 Administering Security
- Personal Computer Security Management
- UNIX Security Management
- Network Security Management
- Risk Analysis
- Security Planning
- Organizational Security Policies
- Summary of Administering Security
- Bibliographic Notes
- Terms and Concepts
- Exercises
- 11 Legal and Ethical Issues in Computer Security
- Protecting Programs and Data
- Information and the Law
- Rights of Employees and Employers
- Computer Crime
- Ethical Issues in Computer Security
- Ethical Reasoning
- Electronic Privacy
- Privacy of Electronic Data
- Use of Encryption
- Cryptographic Key Escrow
- Case Studies of Ethics
- Case Studies of Ethics
- Codes of Ethics
- Conclusion
- Bibliographic Notes
- Terms and Concepts
- Bibliography
- Index