did-you-know? rent-now

Amazon no longer offers textbook rentals. We do!

did-you-know? rent-now

Amazon no longer offers textbook rentals. We do!

We're the #1 textbook rental company. Let us show you why.

9780596527488

Beautiful Security

by ;
  • ISBN13:

    9780596527488

  • ISBN10:

    0596527489

  • Format: Paperback
  • Copyright: 2009-05-06
  • Publisher: Oreilly & Associates Inc

Note: Supplemental materials are not guaranteed with Rental or Used book purchases.

Purchase Benefits

  • Free Shipping Icon Free Shipping On Orders Over $35!
    Your order must be $35 or more to qualify for free economy shipping. Bulk sales, PO's, Marketplace items, eBooks and apparel do not qualify for this offer.
  • eCampus.com Logo Get Rewarded for Ordering Your Textbooks! Enroll Now
  • Write a Review Icon Write a Review
List Price: $39.99 Save up to $17.20
  • Rent Book $22.79
    Add to Cart Free Shipping Icon Free Shipping

    TERM
    PRICE
    DUE
    USUALLY SHIPS IN 24-48 HOURS
    *This item is part of an exclusive publisher rental program and requires an additional convenience fee. This fee will be reflected in the shopping cart.

Supplemental Materials

What is included with this book?

Summary

With the ever-increasing risks and rewards in today's networked world, new and more aggressive forms of defending networks have evolved. No longer content to take and assess damage after an attack, companies are looking at measured responses to protect their networks while under attack. Regardless of what you call it, whether it's aggressive self-defense or vigilantism, these techniques and technology are at the center of the biggest revolution in the history of network security. This book shows you why they are not only feasible but inevitable.InSelf-Defending Networks, the luminaries and pioneers of network security take you beyond the headlines, hype, and hearsay to provide insight into why new measures are being undertaken and how they work. Some of them discuss how these new techniques have evolved and where they will lead us; others explore how the techniques bring into question the very beliefs, ethics, laws, and morals that have guided information security so far. This topic is generating intense interest in the security community, and the contributors to "Self-Defending Networks" offer a balanced assessment that covers both sides of the issue. It's a far-reaching discussion you can't afford to miss.

Author Biography

Andy Oram is an editor at O'Reilly Media, a highly respected book publisher and technology information provider. An employee of the company since 1992, Andy currently specializes in free software and open source technologies. His work for O'Reilly includes the first books ever published commercially in the United States on Linux, and the 2001 title Peer-to-Peer. His modest programming and system administration skills are mostly self-taught.

John is CTO of the SaaS Business Unit at McAfee, his second stint at McAfee. Previously, he was their Chief Security Architect, after which he founded and served as CEO of Stonewall Software, which focused on making anti-virus technology faster, better and cheaper. John was also the founder of Secure Software (now part of Fortify).

John is author of many security books, including Building Secure Software (Addison-Wesley), Network Security with OpenSSL (O'Reilly), and the forthcoming Myths of Security (O'Reilly). He is responsible for numerous software security tools and is the original author of Mailman, the GNU mailing list manager. He has done extensive standards work in the IEEE and IETF and co-invented GCM, a cryptographic algorithm that NIST has standardized. John is also an active advisor to several security companies, including Fortify and Bit9. He holds a MS and BA from the University of Virginia.

Table of Contents

Prefacep. xi
Psychological Security Trapsp. 1
Learned Helplessness and Naïvetép. 2
Confirmation Trapsp. 10
Functional Fixationp. 14
Summaryp. 20
Wireless Networking: Fertile Ground for Social Engineeringp. 21
Easy Moneyp. 22
Wireless Gone Wildp. 28
Still, Wireless is the Futurep. 31
Beautiful Security Metricsp. 33
Security Metrics by Analogy: Healthp. 34
Security Metrics by Examplep. 38
Summaryp. 60
The Underground Economy of Security Breachesp. 63
The Makeup and Infrastructure of the Cyber Undergroundp. 64
The Payoffp. 66
How Can We Combat This Growing Underground Economy?p. 71
Summaryp. 72
Beautiful Trade: Rethinking E-Commerce Securityp. 73
Deconstructing Commercep. 74
Weak Amelioration Attemptsp. 76
E-Commerce Redone: A New Security Modelp. 83
The New Modelp. 86
Securing Online Advertising: Rustlers and sheriffs in The New Wild Westp. 89
Attacks on Usersp. 89
Advertisers As Victimsp. 98
Creating Accountability in Online Advertisingp. 105
The Evolution of PGP's Web of Trustp. 107
PGP and OpenPGPp. 108
Trust, Validity, and Authorityp. 108
PGP and Crypto Historyp. 116
Enhancements to the Original Web of Trust Modelp. 120
Interesting Areas for Further Researchp. 128
Referencesp. 129
Open Source Honeyclient: Proactive Detection of Client-Side Exploitsp. 131
Enter Honeyclientsp. 133
Introducing the World's First Open Source Honeyclientp. 133
Second-Generation Honeyclientsp. 135
Honeyclient Operational Resultsp. 139
Analysis of Exploitsp. 141
Limitations of the Current Honeyclient Implementationp. 143
Related Workp. 144
The Future of Honeyclientsp. 146
Tomorrow's Security Cogs and Leversp. 147
Cloud Computing and Web Services: The Single Machine Is Herep. 150
Connecting People, Process, and Technology: The Potential for Business Process Managementp. 154
Social Networking: When People Start Communicating, Big Things Changep. 158
Information Security Economics: Supercrunching and the New Rules of the Gridp. 162
Platforms of the Long-Tail Variety: Why the Future Will Be Different for Us Allp. 165
Conclusionp. 168
Acknowledgmentsp. 169
Security By Designp. 171
Metrics with No Meaningp. 172
Time to Market or Time to Quality?p. 174
How a Disciplined System Development Lifecycle Can Helpp. 178
Conclusion: Beautiful Security Is an Attribute of Beautiful Systemsp. 181
Forcing Firms to Focus: Is Secure Software in Your Future?p. 183
Implicit Requirements Can Still Be Powerfulp. 184
How One Firm Came to Demand Secure Softwarep. 185
Enforcing Security in Off-the-Shelf Softwarep. 190
Analysis: How to Make the World's Software More Securep. 193
Oh No, Here Come The Infosecurity Lawyers!p. 199
Culturep. 200
Balancep. 202
Communicationp. 207
Doing the Right Thingp. 211
Beautiful Log Handlingp. 213
Logs in Security Laws and Standardsp. 213
Focus on Logsp. 214
When Logs Are Invaluablep. 215
Challenges with Logsp. 216
Case Study: Behind a Trashed Serverp. 218
Future Loggingp. 221
Conclusionsp. 223
Incident Detection: Finding The Other 68%p. 225
A Common Starting Pointp. 226
Improving Detection with Contextp. 228
Improving Perspective with Host Loggingp. 232
Summaryp. 237
Doing Real Work Without Real Datap. 239
How Data Translucency Worksp. 240
A Real-Life Examplep. 243
Personal Data Stored As a Conveniencep. 244
Trade-offsp. 244
Going Deeperp. 245
Referencesp. 246
Casting Spells: PC Security Theaterp. 247
Growing Attacks, Defenses in Retreatp. 248
The Illusion Revealedp. 252
Better Practices for Desktop Securityp. 257
Conclusionp. 258
Contributorsp. 259
Indexp. 269
Table of Contents provided by Ingram. All Rights Reserved.

Supplemental Materials

What is included with this book?

The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.

The Used, Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.

Rewards Program