Preface to the Third Edition.
1. Is There a Security Problem in Computing?
What Does "Secure" Mean? Attacks. The Meaning of Computer Security. Computer Criminals. Methods of Defense. What's Next. Summary. Terms and Concepts. Where the Field Is Headed. To Learn More. Exercises.
2. Elementary Cryptography.
Terminology and Background. Substitution Ciphers. Transposition (Permutations). Making "Good" Encryption Algorithms. The Data Encryption Standard (DES). The AES Encryption Algorithm. Public Key Encryption. The Uses of Encryption. Summary of Encryption. Terms and Concepts. Where the Field Is Headed. To Learn More. Exercises.
3. Program Security.
Secure Programs. Nonmalicious Program Errors. Viruses and Other Malicious Code. Targeted Malicious Code. Controls Against Program Threats. Summary of Program Threats and Controls. Terms and Concepts. Where the Field Is Headed. To Learn More. Exercises.
4. Protection in General-Purpose Operating Systems.
Protected Objects and Methods of Protection. Memory and Address Protection. Control of Access to General Objects. File Protection Mechanisms. User Authentication. Summary of Security for Users. Terms and Concepts. Where the Field Is Headed. To Learn More. Exercises.
5.Designing Trusted Operating Systems.
What Is a Trusted System? Security Policies. Models of Security. Trusted Operating System Design. Assurance in Trusted Operating Systems. Implementation Examples. Summary of Security in Operating Systems. Terms and Concepts. Where the Field Is Headed. To Learn More. Exercises.
6. Database Security.
Introduction to Databases. Security Requirements. Reliability and Integrity. Sensitive Data. Inference. Multilevel Databases. Proposals for Multilevel Security. Summary of Database Security. Terms and Concepts. Where the Field Is Headed. To Learn More. Exercises.
7. Security in Networks.
Network Concepts. Threats in Networks. Network Security Controls. Firewalls. Intrusion Detection Systems. Secure E-Mail. Summary of Network Security. Terms and Concepts. Where the Field Is Headed. To Learn More. Exercises.
8. Administering Security.
Security Planning. Risk Analysis. Organizational Security Policies. Physical Security. Summary. Terms and Concepts. To Learn More. Exercises.
9. Legal, Privacy, and Ethical Issues in Computer Security.
Protecting Programs and Data. Information and the Law. Rights of Employees and Employers. Software Failures. Computer Crime. Privacy. Ethical Issues in Computer Security. Case Studies of Ethics. Case I: Use of Computer Services. Case II: Privacy Rights. Case III: Denial of Service. Case IV: Ownership of Programs. Case V: Proprietary Resources. Case VI: Fraud. Case VII: Accuracy of Information. Case VIII: Ethics of Hacking or Cracking. Codes of Ethics. Conclusion of Computer Ethics. Terms and Concepts. To Learn More. Exercises.
10. Cryptography Explained.
Mathematics for Cryptography. Symmetric Encryption. Public Key Encryption Systems. Quantum Cryptography. Summary of Encryption. Terms and Concepts. Where the Field Is Headed. To Learn More. Exercises.
Security in Computing, Third Edition is a sweeping revision of the field's classic guide to computer security. Thoroughly updated to reflect the latest Internet-based threats, it shows how to control failures of confidentiality, integrity, and availability in applications, databases, operating systems, and networks alike. It offers exceptionally clear and accessible coverage of cryptography and other technical issues; security administration; law, privacy, and ethics. New coverage includes wireless security, intrusion detection, quantum cryptography, biometrics, DRM, AES, honeypots, online privacy, and much more.
CHARLES P. PFLEEGER is a Master Security Architect for Cable & Wireless, the world's premier web hosting and Internet solutions provider. He regularly advises clients on secure design and implementation of network applications and architectures. SHARI LAWRENCE PFLEEGER, senior researcher for RAND, is author of eight books on software engineering, measurement, and quality, including Software Engineering: Theory and Practice, Second Edition (Prentice Hall). She was named by The Journal of Systems and Software as one of the world's top software engineering researchers.Foreword by Willis H. Ware.