William Stallings, Lawrie Brown

Computer Security: Principles and Practice, Global Edition (eBook, ePUB)

• Format: ePub

Produktbeschreibung

For courses in computer/network security.

Balance principles and standards with current practice

Computer Security incorporates broad and comprehensive coverage of computer and network security with current developments and topics in the field. Principles, design approaches, standards, and real-world examples give students an understanding of the unifying theory and application of important concepts. Hands-on hacking, programming, firewall and lab exercises, real-world case studies and security assessments reinforce understanding of the material.

The 5th Edition is an updated survey of the fast-moving world of computer and network security, with new coverage of important topics.

---

Dieser Download kann aus rechtlichen Gründen nur mit Rechnungsadresse in A, B, BG, CY, CZ, D, DK, EW, E, FIN, F, GR, HR, H, IRL, I, LT, L, LR, M, NL, PL, P, R, S, SLO, SK ausgeliefert werden.

Produktdetails

• Verlag: Pearson HigherEducation
• Altersempfehlung: ab 18 Jahre
• Erscheinungstermin: 15. Oktober 2024
• Englisch
• ISBN-13: 9781292460796
• Artikelnr.: 72335167

Autorenporträt

Dr. William Stallings has authored 19 titles and, counting revised editions, more than 40 books on computer security, computer networking and computer architecture. His writings have appeared in numerous publications, including the Proceedings of the IEEE, ACM Computing Reviews and Cryptologia. He has 13 times received the award for the best Computer Science textbook of the year from the Text and Academic Authors Association.

In over 30 years in the field, he has been a technical contributor, technical manager and an executive with several high-technology firms. He has designed and implemented both TCP/IP-based and OSI-based protocol suites on a variety of computers and operating systems, ranging from microcomputers to mainframes. As a consultant, he has advised government agencies, computer and software vendors, and major users on the design, selection and use of networking software and products.

He created and maintains the Computer Science Student Resource Site. This site provides documents and links on a variety of subjects of general interest to computer science students (and professionals). He is a member of the editorial board of Cryptologia, a scholarly journal devoted to all aspects of cryptology.

Dr. Stallings holds a PhD from MIT in computer science and a BS from Notre Dame in electrical engineering.

Inhaltsangabe

Online Resources
Preface
Notation
About the Authors
Chapter 1 Overview
  1.1   Computer Security Concepts
  1.2   Threats, Attacks, and Assets
  1.3   Security Functional Requirements
  1.4   Fundamental Security Design Principles
  1.5   Attack Surfaces and Attack Trees
  1.6   Computer Security Strategy
  1.7   Standards
  1.8   Key Terms, Review Questions, and Problems
PART ONE  COMPUTER SECURITY TECHNOLOGY AND PRINCIPLES
Chapter 2 Cryptographic Tools
  2.1   Confidentiality with Symmetric Encryption
  2.2   Message Authentication and Hash Functions
  2.3   Public-Key Encryption
  2.4   Digital Signatures and Key Management
  2.5   Random and Pseudorandom Numbers
  2.6   Practical Application: Encryption of Stored Data
  2.7   Key Terms, Review Questions, and Problems
Chapter 3 User Authentication
  3.1   Digital User Authentication Principles
  3.2   Password-Based Authentication
  3.3   Token-Based Authentication
  3.4   Biometric Authentication
  3.5   Remote User Authentication
  3.6   Security Issues for User Authentication
  3.7   Practical Application: An Iris Biometric System
  3.8   Case Study: Security Problems for ATM Systems
  3.9   Key Terms, Review Questions, and Problems
Chapter 4 Access Control
  4.1   Access Control Principles
  4.2   Subjects, Objects, and Access Rights
  4.3   Discretionary Access Control
  4.4   Example: UNIX File Access Control
  4.5   Role-Based Access Control
  4.6   Attribute-Based Access Control
  4.7   Identity, Credential, and Access Management
  4.8   Trust Frameworks
  4.9   Case Study: RBAC System for a Bank
  4.10   Key Terms, Review Questions, and Problems
Chapter 5 Database and Data Center Security
  5.1   The Need for Database Security
  5.2   Database Management Systems
  5.3   Relational Databases
  5.4   SQL Injection Attacks
  5.5   Database Access Control
  5.6   Inference
  5.7   Database Encryption
  5.8   Data Center Security
  5.9   Key Terms, Review Questions, and Problems
Chapter 6 Malicious Software
  6.1   Types of Malicious Software
  6.2   Advanced Persistent Threat
  6.2   Propagation — Infected Content - Viruses
  6.3   Propagation — Vulnerability Exploit - Worms
  6.4   Propagation — Social Engineering — SPAM E-Mail, Trojans
  6.5   Payload — System Corruption
  6.6   Payload — Attack Agent — Zombie, Bots
  6.7   Payload — Information Theft — Keyloggers, Phishing, Spyware
  6.8   Payload — Stealthing — Backdoors, Rootkits
  6.9   Countermeasures
  6.10   Key Terms, Review Questions, and Problems
Chapter 7 Denial-of-Service Attacks
  7.1   Denial-of-Service Attacks
  7.2   Flooding Attacks
  7.3   Distributed Denial-of-Service Attacks
  7.4   Application-Based Bandwidth Attacks
  7.5   Reflector and Am