(0) items

Note: Supplemental materials are not guaranteed with Rental or Used book purchases.
Computer Security, 3rd Edition,9780470741153
This item qualifies for

Your order must be $59 or more, you must select US Postal Service Shipping as your shipping preference, and the "Group my items into as few shipments as possible" option when you place your order.

Bulk sales, PO's, Marketplace Items, eBooks, Apparel, and DVDs not included.

Computer Security, 3rd Edition



Pub. Date:
List Price: $69.60

Rent Textbook


Buy New Textbook

Usually Ships in 3-4 Business Days



Used Textbook

We're Sorry
Sold Out

More New and Used
from Private Sellers
Starting at $23.52

Questions About This Book?

Why should I rent this book?

Renting is easy, fast, and cheap! Renting from can save you hundreds of dollars compared to the cost of new or used books each semester. At the end of the semester, simply ship the book back to us with a free UPS shipping label! No need to worry about selling it back.

How do rental returns work?

Returning books is as easy as possible. As your rental due date approaches, we will email you several courtesy reminders. When you are ready to return, you can print a free UPS shipping label from our website at any time. Then, just return the book to your UPS driver or any staffed UPS location. You can even use the same box we shipped it in!

What version or edition is this?

This is the 3rd edition with a publication date of 3/1/2011.

What is included with this book?

  • The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any CDs, lab manuals, study guides, etc.
  • The Rental copy of this book is not guaranteed to include any supplemental materials. You may receive a brand new copy, but typically, only the book itself.
  • The eBook copy of this book is not guaranteed to include any supplemental materials. Typically only the book itself is included.


Completely updated and up-to-the-minute textbook for courses on computer science. The third edition has been completely revised to include new advances in software and technology over the last few years. Provides sections on Windows NT, CORBA and Java which are not examined in comparable titles. No active previous experience of security issues is necessary making this accessible to Software Developers and Managers whose responsibilities span any technical aspects of IT security. Written for self-study and course use, this book will suit a variety of introductory and more advanced security programmes for students of computer science, engineering and related disciplines. Technical and project managers will also find that the broad coverage offers a great starting point for discovering underlying issues and provides a means of orientation in a world populated by a bewildering array of competing security systems.

Table of Contents

Preface xvii
- History of Computer Securityp. 1
The Dawn of Computer Securityp. 2
1970s - Mainframesp. 3
1980s - Personal Computersp. 4
1990s - Internetp. 6
2000s - The Webp. 8
Conclusions - The Benefits of Hindsightp. 10
Exercisesp. 11
- Managing Securityp. 13
Attacks and Attackersp. 14
Security Managementp. 15
Risk and Threat Analysisp. 21
Further Readingp. 29
Exercisesp. 29
- Foundations of Computer Securityp. 31
Definitionsp. 32
The Fundamental Dilemma of Computer Securityp. 40
Data vs Informationp. 40
Principles of Computer Securityp. 41
The Layer Belowp. 45
The Layer Abovep. 47
Further Readingp. 47
Exercisesp. 48
- Identification and Authenticationp. 49
Username and Passwordp. 50
Bootstrapping Password Protectionp. 51
Guessing Passwordsp. 52
Phishing, Spoofing, and Social Engineeringp. 54
Protecting the Password Filep. 56
Single Sign-onp. 58
Alternative Approachesp. 59
Further Readingp. 63
Exercisesp. 63
- Access Controlp. 65
Backgroundp. 66
Authentication and Authorizationp. 66
Access Operationsp. 68
Access Control Structuresp. 71
Ownershipp. 73
Intermediate Controlsp. 74
Policy Instantiationp. 79
Comparing Security Attributesp. 79
Further Readingp. 84
Exercisesp. 84
- Reference Monitorsp. 87
Introductionp. 88
Operating System Integrityp. 90
Hardware Security Featuresp. 91
Protecting Memoryp. 99
Further Readingp. 103
Exercisesp. 104
- Unix Securityp. 107
Introductionp. 108
Principalsp. 109
Subjectsp. 111
Objectsp. 113
Access Controlp. 116
Instances of General Security Principlesp. 119
Management Issuesp. 125
Further Readingp. 128
Exercisesp. 128
- Windows Securityp. 131
Introductionp. 132
Components of Access Controlp. 135
Access Decisionsp. 142
Managing Policiesp. 145
Task-Dependent Access Rightsp. 147
Administrationp. 150
Further Readingp. 153
Exercisesp. 153
- Database Securityp. 155
Introductionp. 156
Relational Databasesp. 158
Access Controlp. 162
Statistical Database Securityp. 167
Integration with the Operating Systemp. 172
Privacyp. 173
Further Readingp. 175
Exercisesp. 175
- Software Securityp. 177
Introductionp. 178
Characters and Numbersp. 179
Canonical Representationsp. 183
Memory Managementp. 184
Data and Codep. 191
Race Conditionsp. 193
Defencesp. 194
Further Readingp. 201
Exercisesp. 202
- Bell-LaPadula Modelp. 205
State Machine Modelsp. 206
The Bell-LaPadula Modelp. 206
The Multics Interpretation of BLPp. 212
Further Readingp. 216
Exercisesp. 216
- Security Modelsp. 219
The Biba Modelp. 220
Chinese Wall Modelp. 221
The Clark-Wilson Modelp. 223
The Harrison-Ruzzo-Ullman Modelp. 225
Information-Flow Modelsp. 228
Execution Monitorsp. 230
Further Readingp. 232
Exercisesp. 233
- Security Evaluationp. 235
Introductionp. 236
The Orange Bookp. 239
The Rainbow Seriesp. 241
Information Technology Security Evaluation Criteriap. 242
The Federal Criteriap. 243
The Common Criteriap. 243
Quality Standardsp. 246
An Effort Well Spent?p. 247
Summaryp. 248
Further Readingp. 248
Exercisesp. 249
- Cryptographyp. 251
Introductionp. 252
Modular Arithmeticp. 256
Integrity Check Functionsp. 257
Digital Signaturesp. 260
Encryptionp. 264
Strength of Mechanismsp. 270
Performancep. 271
Further Readingp. 272
Exercisesp. 273
- Key Establishmentp. 275
Introductionp. 276
Key Establishment and Authenticationp. 276
Key Establishment Protocolsp. 279
Kerberosp. 283
Public-Key Infrastructuresp. 288
Trusted Computing - Attestationp. 293
Further Readingp. 295
Exercisesp. 295
- Communications Securityp. 297
Introductionp. 298
Protocol Design Principlesp. 299
IP Securityp. 301
IPsec and Network Address Translationp. 308
SSL/TLSp. 310
Extensible Authentication Protocolp. 314
Further Readingp. 316
Exercisesp. 316
- Network Securityp. 319
Introductionp. 320
Domain Name Systemp. 322
Firewallsp. 328
Intrusion Detectionp. 332
Further Readingp. 335
Exercisesp. 336
- Web Securityp. 339
Introductionp. 340
Authenticated Sessionsp. 342
Code Origin Policiesp. 346
Cross-Site Scriptingp. 347
Cross-Site Request Forgeryp. 350
JavaScript Hijackingp. 352
Web Services Securityp. 354
Further Readingp. 360
Exercisesp. 361
- Mobilityp. 363
Introductionp. 364
GSMp. 364
UMTSp. 369
Mobile IPv6 Securityp. 372
WLANp. 377
Bluetoothp. 381
Further Readingp. 383
Exercisesp. 383
- New Access Control Paradigmsp. 385
Introductionp. 386
SPKIp. 388
Trust Managementp. 390
Code-Based Access Controlp. 391
Java Securityp. 395
.NET Security Frameworkp. 400
Digital Rights Managementp. 405
Further Readingp. 406
Exercisesp. 406
Bibliographyp. 409
Indexp. 423
Table of Contents provided by Publisher. All Rights Reserved.

Please wait while the item is added to your cart...