Security in Computing

by ; ;
  • ISBN13:


  • ISBN10:


  • Edition: 5th
  • Format: Hardcover
  • Copyright: 1/26/2015
  • Publisher: Prentice Hall

Note: Supplemental materials are not guaranteed with Rental or Used book purchases.

Purchase Benefits

  • Free Shipping On Orders Over $59!
    Your order must be $59 or more to qualify for free economy shipping. Bulk sales, PO's, Marketplace items, eBooks and apparel do not qualify for this offer.
  • Get Rewarded for Ordering Your Textbooks! Enroll Now
  • We Buy This Book Back!
    In-Store Credit: $47.04
    Check/Direct Deposit: $44.80
List Price: $120.00 Save up to $76.80
  • Rent Book $43.20
    Add to Cart Free Shipping


Supplemental Materials

What is included with this book?

  • The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.
  • The Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.


The New State of the Art in Information Security: Now Covers Cloud Computing, the Internet of Things, and Cyberwarfare


Students and IT and security professionals have long relied on Security in Computing as the definitive guide to computer security attacks and countermeasures. Now, the authors have thoroughly updated this classic to reflect today’s newest technologies, attacks, standards, and trends.


Security in Computing, Fifth Edition, offers complete, timely coverage of all aspects of computer security, including users, software, devices, operating systems, networks, and data. Reflecting rapidly evolving attacks, countermeasures, and computing environments, this new edition introduces best practices for authenticating users, preventing malicious code execution, using encryption, protecting privacy, implementing firewalls, detecting intrusions, and more. More than two hundred end-of-chapter exercises help the student to solidify lessons learned in each chapter.


Combining breadth, depth, and exceptional clarity, this comprehensive guide builds carefully from simple to complex topics, so you always understand all you need to know before you move forward.


You’ll start by mastering the field’s basic terms, principles, and concepts. Next, you’ll apply these basics in diverse situations and environments, learning to ”think like an attacker” and identify exploitable weaknesses. Then you will switch to defense, selecting the best available solutions and countermeasures. Finally, you’ll go beyond technology to understand crucial management issues in protecting infrastructure and data.


New coverage includes

  • A full chapter on securing cloud environments and managing their unique risks
  • Extensive new coverage of security issues associated with user—web interaction
  • New risks and techniques for safeguarding the Internet of Things
  • A new primer on threats to privacy and how to guard it
  • An assessment of computers and cyberwarfare–recent attacks and emerging risks
  • Security flaws and risks associated with electronic voting systems


Author Biography

Charles Pfleeger is an internationally known expert on computer and communications security. He was originally a professor at the University of Tennessee, leaving there to join computer security research and consulting companies Trusted Information Systems and Arca Systems (later Exodus Communications and Cable and Wireless). With Trusted Information Systems he was Director of European Operations and Senior Consultant. With Cable and Wireless he was Director of Research and a member of the staff of the Chief Security Officer.  He was chair of the IEEE Computer Society Technical Committee on Security and Privacy.

Shari Lawrence Pfleeger is widely known as a software engineering and computer security researcher, most recently as a Senior Computer Scientist with the Rand Corporation and as Research Director of the Institute for Information Infrastructure Protection. She is currently Editor in Chief of IEEE Security & Privacy magazine.

Jonathan Margulies is the CTO of Qmulos, a cybersecurity consulting firm. After receiving his Masters Degree in Computer Science from Cornell University, Mr. Margulies spent nine years at Sandia National Labs, researching and developing solutions to protect national security and critical infrastructure systems from advanced persistent threats. He then went on to NIST's National Cybersecurity Center of Excellence, where he worked with a variety of critical infrastructure companies to create industry-standard security architectures. In his free time, Mr. Margulies edits the “Building Security In” section of  IEEE Security & Privacy magazine.


Table of Contents




About the Authors


Chapter: 1 Introduction

1.1  What Is Computer Security?

1.2  Threats

1.3  Harm

1.4  Vulnerabilities

1.5  Controls

1.6  Conclusion

1.7  Exercises


Chapter 2: Toolbox: Authentication, Access Control, and Cryptography

2.1  Authentication

2.2  Access Control

2.3  Cryptography

2.4  Conclusion

2.5  Exercises


Chapter 3: Programs and Programming

3.1  Unintentional (Nonmalicious) Programming Oversights

3.2  Malicious Code—Malware

3.3  Countermeasures

3.4  Conclusion

3.5  Exercises


Chapter 4: The Web—User Side

4.1  Browser Attacks

4.2  Web Attacks Targeting Users

4.3  Obtaining User or Web Site Data

4.4  Email Attacks

4.5  Conclusion

4.6  Exercises


Chapter 5: Operating Systems

5.1  Security in Operating Systems

5.2  Security in the Design of Operating Systems

5.3  Rootkit

5.4  Conclusion

5.5  Exercises


Chapter 6: Networks

6.1    Network Concepts

6.2    Threats to Network Communications

6.3    Wireless Network Security

6.4    Denial of Service

6.5    Distributed Denial-of-Service

6.7    Firewalls

6.8    Intrusion Detection and Prevention Systems

6.9    Network Management

6.10  Conclusion

6.10  Exercises


Chapter 7: Databases

7.1  Introduction to Databases

7.2  Security Requirements of Databases

7.3  Reliability and Integrity

7.4  Database Disclosure

7.5  Data Mining and Big Data

7.6  Conclusion

7.7  Exercises


Chapter 8: Cloud Computing

8.1  Cloud Computing Concepts

8.2  Moving to the Cloud4

8.3  Cloud Security Tools and Techniques

8.4  Cloud Identity Management

8.5  Securing IaaS

8.6  Summary

8.7  Exercises


Chapter 9: Privacy

9.1    Privacy Concepts

9.2    Privacy Principles and Policies

9.3    Authentication and Privacy

9.4    Data Mining

9.5    Privacy on the Web

9.6    Email Security

9.7    Privacy Impacts of Emerging Technologies

9.8    Where the Field Is Headed

9.9    Summary

9.10  Exercises


Chapter 10: Management and Incidents

10.1  Security Planning

10.2  Business Continuity Planning

10.3  Handling Incidents

10.4  Risk Analysis

10.5  Dealing with Disaster

10.6  Conclusion

10.7  Exercises


Chapter 11: Legal Issues and Ethics

11.1  Protecting Programs and Data

11.2  Information and the Law

11.3  Rights of Employees and Employers

11.4  Redress for Software Failures

11.5  Computer Crime

11.6  Ethical Issues in Computer Security

11.7  Analyzing Incidents using Ethics

11.8  Conclusion

11.9  Exercises


Chapter 12: Details of Cryptography

12.1  Cryptology

12.2  Symmetric Encryption Algorithms

12.3  Asymmetric Encryption using RSA

12.4  Message Digests

12.5  Digital Signatures

12.6  Quantum Cryptography

12.6  Conclusion


Chapter 13: Emerging Topics

13.1  The Internet of Things

13.2  Economics

13.3  Electronic Voting

13.4  Cyberwarfare

13.5  Conclusion





Rewards Program

Write a Review