(0) items

Note: Supplemental materials are not guaranteed with Rental or Used book purchases.
Security in Computing,9780132390774
This item qualifies for

Your order must be $59 or more, you must select US Postal Service Shipping as your shipping preference, and the "Group my items into as few shipments as possible" option when you place your order.

Bulk sales, PO's, Marketplace Items, eBooks, Apparel, and DVDs not included.

Security in Computing



by ;
Pub. Date:
Prentice Hall
List Price: $115.00

Rent Book


Buy Used Book

Usually Ships in 2-3 Business Days

Buy New Book

In Stock Usually Ships in 24 Hours.


Downloadable Offline Access
  • Apple Devices
  • Android Devices
  • Windows Devices
  • Mac Devices
Lifetime Access
More New and Used
from Private Sellers
Starting at $3.38

Questions About This Book?

Why should I rent this book?

Renting is easy, fast, and cheap! Renting from can save you hundreds of dollars compared to the cost of new or used books each semester. At the end of the semester, simply ship the book back to us with a free UPS shipping label! No need to worry about selling it back.

How do rental returns work?

Returning books is as easy as possible. As your rental due date approaches, we will email you several courtesy reminders. When you are ready to return, you can print a free UPS shipping label from our website at any time. Then, just return the book to your UPS driver or any staffed UPS location. You can even use the same box we shipped it in!

What version or edition is this?

This is the 4th edition with a publication date of 10/13/2006.

What is included with this book?

  • The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any CDs, lab manuals, study guides, etc.
  • The Used copy of this book is not guaranteed to include any supplemental materials. Typically, only the book itself is included.
  • The Rental copy of this book is not guaranteed to include any supplemental materials. You may receive a brand new copy, but typically, only the book itself.
  • The eBook copy of this book is not guaranteed to include any supplemental materials. Typically only the book itself is included.

  • Security in Computing
    Security in Computing
  • Security in Computing
    Security in Computing
  • Security in Computing
    Security in Computing


The New State-of-the-Art in Information Security: Now Covers the Economics of Cyber Security and the Intersection of Privacy and Information Security For years, IT and security professionals and students have turned toSecurity in Computingas the definitive guide to information about computer security attacks and countermeasures. In their new fourth edition, Charles P. Pfleeger and Shari Lawrence Pfleeger have thoroughly updated their classic guide to reflect today's newest technologies, standards, and trends. The authors first introduce the core concepts and vocabulary of computer security, including attacks and controls. Next, the authors systematically identify and assess threats now facing programs, operating systems, database systems, and networks. For each threat, they offer best-practice responses. Security in Computing, Fourth Edition, goes beyond technology, covering crucial management issues faced in protecting infrastructure and information. This edition contains an all-new chapter on the economics of cybersecurity, explaining ways to make a business case for security investments. Another new chapter addresses privacy--from data mining and identity theft, to RFID and e-voting. New coverage also includes Programming mistakes that compromise security: man-in-the-middle, timing, and privilege escalation attacks Web application threats and vulnerabilities Networks of compromised systems: bots, botnets, and drones Rootkits--including the notorious Sony XCP Wi-Fi network security challenges, standards, and techniques New malicious code attacks, including false interfaces and keystroke loggers Improving code quality: software engineering, testing, and liability approaches Biometric authentication: capabilities and limitations Using the Advanced Encryption System (AES) more effectively Balancing dissemination with piracy control in music and other digital content Countering new cryptanalytic attacks against RSA, DES, and SHA Responding to the emergence of organized attacker groups pursuing profit

Author Biography

Charles P. Pfleeger is an independent information security consultant and principal of the Pfleeger Consulting Group. He specializes in threat/vulnerability analysis, system design review, certification preparation, expert witness testimony, and training.

Shari Lawrence Pfleeger, a senior information scientist at the RAND Corporation, has written ten books on software engineering, measurement, and quality, including Software Engineering: Theory and Practice, Third Edition (Prentice Hall, 2006). She was named one of the world's top software engineering researchers by the Journal of Systems and Software.

Table of Contents

Is There a Security Problem in Computing?
Characteristics of Computer Intrusion
Kinds of Security Breaches
Security Goals and Vulnerabilities
The People Involved
Methods of Defense
Plan of Attack
Bibliographic Notes
Terms and Concepts
Basic Encryption and Decryption
Terminology and Background
Monoalphabetic Ciphers (Substitutions)
Polyalphabetic Substitution Ciphers
Transpositions (Permutations)
Fractionated Morse
Stream and Block Ciphers
Characteristics of Good Ciphers
What the Cryptanalyst Has to Work With
Summary of Basic Encryption
Bibliographic Notes
Terms and Concepts
Secure Encryption Systems
Hard Problems: Complexity
Properties of Arithmetic
Public Key Encryption Systems
Merkle Hellman Knapsacks
Rivest Shamir Adelman (RSA) Encryption
El Gamal and Digital Signature Algorithms
Hash Algorithms
Secure Secret Key (Symmetric) Systems
The Data Encryption Standard (DES)
Key Escrow and Clipper
The Clipper Program
Summary of Secure Encryption
Bibliographic Notes
Terms and Concepts
Using Encryption: Protocols and Practices
Protocols: Orderly Behavior
How to Use Encryption
Enhancing Cryptographic Security
Modes of Encryption
Summary of Protocols and Practices
Bibliographic Notes
Terms and Concepts
Program Security
Viruses and Other Malicious Code
Targeted Malicious Code
Controls Against Program Threats
Summary of Program Threats and Controls
Bibliographic Notes
Terms and Concepts
Protection in General-Purpose Operating Systems
Protected Objects and Methods of Protection
Protecting Memory and Addressing
Protecting Access to General Objects
File Protection Mechanisms
User Authentication
Summary of Security for Users
Bibliographic Notes
Terms and Concepts
Designing Trusted Operating Systems
What Is a Trusted System? Security Policies
Models of Security
Design of Trusted Operating Systems
Assurance in Trusted Operating Systems
Implementation Examples
Summary of Security in Operating Systems
Bibliographic Notes
Terms and Concepts
Data Base Security
Introduction to Data Bases
Security Requirements
Reliability and Integrity
Sensitive Data
Inference Problem
Multilevel Data Bases
Proposals for Multilevel Security
Summary of Data Base Security
Bibliographic Notes
Terms and Concepts
Security in Networks and Distributed Systems
Network Concepts
Threats in Networks
Network Security Controls
Privacy Enhanced Electronic Mail
Encrypting Gateway
Multilevel Security on Networks
Summary of Network Security
Bibliographic Notes
Terms and Concepts
Administering Security
Personal Computer Security Management
UNIX Security Management
Network Security Management
Risk Analysis
Security Planning
Organizational Security Policies
Summary of Administering Security
Bibliographic Notes
Terms and Concepts
Legal and Ethical Issues in Computer Security
Protecting Programs and Data
Information and the Law
Rights of Employees and Employers
Computer Crime
Ethical Issues in Computer Security
Ethical Reasoning
Electronic Privacy
Privacy of Electronic Data
Use of Encryption
Cryptographic Key Escrow
Case Studies of Ethics
Case Studies of Ethics
Codes of Ethics
Bibliographic Notes
Terms and Concepts
Table of Contents provided by Publisher. All Rights Reserved.


Every day, the news media give more and more visibility to the effects of computer security on our daily lives. For example, on a single day in June 2006, theWashington Postincluded three important articles about security. On the front page, one article discussed the loss of a laptop computer containing personal data on 26.5 million veterans. A second article, on the front page of the business section, described Microsoft's new product suite to combat malicious code, spying, and unsecured vulnerabilities in its operating system. Further back, a third article reported on a major consumer electronics retailer that inadvertently installed software on its customers' computers making them part of a web of compromised slave computers. The sad fact is that news like this appears almost daily, and has done so for a number of years. There is no end in site. Even though the language of computer securityterms such as virus, Trojan horse, phishing, spywareis common, the problems of computer security continue to grow. New attacks are clever applications of old problems. The pressure to get a new product or new release on the market still in many cases overtakes security requirements for careful study of potential vulnerabilities and countermeasures. Finally, many people are in denial, blissfully ignoring the serious harm that insecure computing can cause. Why Read This Book? Admit it. You know computing entails serious risks to the privacy of your personal data, the integrity of your data, or the operation of your computer. Risk is a fact of life: crossing the street is risky, perhaps more so in some places than others, but you still cross the street. As a child you learned to stop and look both ways before crossing. As you became older you learned to gauge the speed of oncoming traffic and determine whether you had the time to cross. At some point you developed a sense of whether an oncoming car would slow down or yield. We hope you never had to practice this, but sometimes you have to decide whether darting into the street without looking is the best means of escaping danger. The point is all these matters depend on knowledge and experience. We want to help you develop the same knowledge and experience with respect to the risks of secure computing. How do you control the risk of computer security? Learn about the threats to computer security. Understand what causes these threats by studying how vulnerabilities arise in the development and use of computer systems. Survey the controls that can reduce or block these threats. Develop a computing styleas a user, developer, manager, consumer, and voterthat balances security and risk. The field of computer security changes rapidly, but the underlying problems remain largely unchanged. In this book you will find a progression that shows you how current complex attacks are often instances of more fundamental concepts. Users and Uses of This Book This book is intended for the study of computer security. Many of you want to study this topic: college and university students, computing professionals, managers, and users of all kinds of computer-based systems. All want to know the same thing: how to control the risk of computer security. But you may differ in how much information you need about particular topics: Some want a broad survey, while others want to focus on particular topics, such as networks or program development. This book should provide the breadth and depth that most readers want. The book is organized by general area of computing, so that readers with particular interests can find information easily. The chapters of this book progress in an orderly manner, from general security concerns to the particular needs of specialized applications, and finally to overarching management and legal issues. Thus, the book covers five

Please wait while the item is added to your cart...