An excellent, beautifully written introduction to the subject of computer security--by a master teacher and practitioner.
° An introduction to the science and challenges of computer security, useful as either a self-teaching tool or a classroom text.
° Trimmed down and less expensive version of Bishop's definitive work on computer security, with more mathematical and advanced sections removed.
° A well-known security expert and educator, Bishop's command over the subject is tremendous.
- Copyright 2005
- Dimensions: 7-3/8" x 9-1/4"
- Pages: 792
- Edition: 1st
- ISBN-10: 0-321-24744-2
- ISBN-13: 978-0-321-24744-5
In this authoritative book, widely respected practitioner and teacher Matt Bishop presents a clear and useful introduction to the art and science of information security. Bishop's insights and realistic examples will help any practitioner or student understand the crucial links between security theory and the day-to-day security challenges of IT environments.
Bishop explains the fundamentals of security: the different types of widely used policies, the mechanisms that implement these policies, the principles underlying both policies and mechanisms, and how attackers can subvert these tools--as well as how to defend against attackers. A practicum demonstrates how to apply these ideas and mechanisms to a realistic company.
- Confidentiality, integrity, and availability
- Operational issues, cost-benefit and risk analyses, legal and human factors
- Planning and implementing effective access control
- Defining security, confidentiality, and integrity policies
- Using cryptography and public-key systems, and recognizing their limits
- Understanding and using authentication: from passwords to biometrics
- Security design principles: least-privilege, fail-safe defaults, open design, economy of mechanism, and more
- Controlling information flow through systems and networks
- Assuring security throughout the system lifecycle
- Malicious logic: Trojan horses, viruses, boot sector and executable infectors, rabbits, bacteria, logic bombs--and defenses against them
- Vulnerability analysis, penetration studies, auditing, and intrusion detection and prevention
- Applying security principles to networks, systems, users, and programs
Introduction to Computer Security is adapted from Bishop's comprehensive and widely praised book, Computer Security: Art and Science. This shorter version of the original work omits much mathematical formalism, making it more accessible for professionals and students who have a less formal mathematical background, or for readers with a more practical than theoretical interest.
Online Sample Chapters
An Overview of Computer Security
Downloadable Sample Chapter
Download the Sample
Chapter related to this title.
Table of Contents
- 1. An Overview of Computer Security.
- 2. Access Control Matrix.
- 3. Foundational Results.
- 4. Security Policies.
- 5. Confidentiality Policies.
- 6. Integrity Policies.
- 7. Hybrid Policies.
- 8. Basic Cryptography.
- 9. Key Management.
- 10. Cipher Techniques.
- 11. Authentication.
- 12. Design Principles.
- 13. Representing Identity.
- 14. Access Control Mechanisms.
- 15. Information Flow.
- 16. Confinement Problem.
- 17. Introduction to Assurance.
- 18. Evaluating Systems.
- 19. Malicious Logic.
- 20. Vulnerability Analysis.
- 21. Auditing.
- 22. Intrusion Detection.
- 23. Network Security.
- 24. System Security.
- 25. User Security.
- 26. Program Security.
- 27. Lattices.
- 28. The Extended Euclidean Algorithm.
- 29. Virtual Machines.
Download the Index
file related to this title.