Note: Supplemental materials are not guaranteed with Rental or Used book purchases.
Purchase Benefits
What is included with this book?
Charles P. Pfleeger is an independent information security consultant and principal of the Pfleeger Consulting Group. He specializes in threat/vulnerability analysis, system design review, certification preparation, expert witness testimony, and training.
Shari Lawrence Pfleeger, a senior information scientist at the RAND Corporation, has written ten books on software engineering, measurement, and quality, including Software Engineering: Theory and Practice, Third Edition (Prentice Hall, 2006). She was named one of the world's top software engineering researchers by the Journal of Systems and Software.
Preface | |
Is There a Security Problem in Computing? | |
Characteristics of Computer Intrusion | |
Kinds of Security Breaches | |
Security Goals and Vulnerabilities | |
The People Involved | |
Methods of Defense | |
Plan of Attack | |
Bibliographic Notes | |
Terms and Concepts | |
Exercises | |
Basic Encryption and Decryption | |
Terminology and Background | |
Monoalphabetic Ciphers (Substitutions) | |
Polyalphabetic Substitution Ciphers | |
Transpositions (Permutations) | |
Fractionated Morse | |
Stream and Block Ciphers | |
Characteristics of Good Ciphers | |
What the Cryptanalyst Has to Work With | |
Summary of Basic Encryption | |
Bibliographic Notes | |
Terms and Concepts | |
Exercises | |
Secure Encryption Systems | |
Hard Problems: Complexity | |
Properties of Arithmetic | |
Public Key Encryption Systems | |
Merkle Hellman Knapsacks | |
Rivest Shamir Adelman (RSA) Encryption | |
El Gamal and Digital Signature Algorithms | |
Hash Algorithms | |
Secure Secret Key (Symmetric) Systems | |
The Data Encryption Standard (DES) | |
Key Escrow and Clipper | |
The Clipper Program | |
Conclusions | |
Summary of Secure Encryption | |
Bibliographic Notes | |
Terms and Concepts | |
Exercises | |
Using Encryption: Protocols and Practices | |
Protocols: Orderly Behavior | |
How to Use Encryption | |
Enhancing Cryptographic Security | |
Modes of Encryption | |
Summary of Protocols and Practices | |
Bibliographic Notes | |
Terms and Concepts | |
Exercises | |
Program Security | |
Viruses and Other Malicious Code | |
Targeted Malicious Code | |
Controls Against Program Threats | |
Summary of Program Threats and Controls | |
Bibliographic Notes | |
Terms and Concepts | |
Exercises | |
Protection in General-Purpose Operating Systems | |
Protected Objects and Methods of Protection | |
Protecting Memory and Addressing | |
Protecting Access to General Objects | |
File Protection Mechanisms | |
User Authentication | |
Summary of Security for Users | |
Bibliographic Notes | |
Terms and Concepts | |
Exercises | |
Designing Trusted Operating Systems | |
What Is a Trusted System? Security Policies | |
Models of Security | |
Design of Trusted Operating Systems | |
Assurance in Trusted Operating Systems | |
Implementation Examples | |
Summary of Security in Operating Systems | |
Bibliographic Notes | |
Terms and Concepts | |
Exercises | |
Data Base Security | |
Introduction to Data Bases | |
Security Requirements | |
Reliability and Integrity | |
Sensitive Data | |
Inference Problem | |
Multilevel Data Bases | |
Proposals for Multilevel Security | |
Summary of Data Base Security | |
Bibliographic Notes | |
Terms and Concepts | |
Exercises | |
Security in Networks and Distributed Systems | |
Network Concepts | |
Threats in Networks | |
Network Security Controls | |
Privacy Enhanced Electronic Mail | |
Firewalls | |
Encrypting Gateway | |
Multilevel Security on Networks | |
Summary of Network Security | |
Bibliographic Notes | |
Terms and Concepts | |
Exercises | |
Administering Security | |
Personal Computer Security Management | |
UNIX Security Management | |
Network Security Management | |
Risk Analysis | |
Security Planning | |
Organizational Security Policies | |
Summary of Administering Security | |
Bibliographic Notes | |
Terms and Concepts | |
Exercises | |
Legal and Ethical Issues in Computer Security | |
Protecting Programs and Data | |
Information and the Law | |
Rights of Employees and Employers | |
Computer Crime | |
Ethical Issues in Computer Security | |
Ethical Reasoning | |
Electronic Privacy | |
Privacy of Electronic Data | |
Use of Encryption | |
Cryptographic Key Escrow | |
Case Studies of Ethics | |
Case Studies of Ethics | |
Codes of Ethics | |
Conclusion | |
Bibliographic Notes | |
Terms and Concepts | |
Bibliography | |
Index | |
Table of Contents provided by Publisher. All Rights Reserved. |
The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.
The Used, Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.