Lawrie Brown is Senior Lecturer at the School of Information Technology and Electrical Engineering at the University of New South Wales at the Australian Defence Force Academy, Canberra, Australia.
Summary
"Security experts William Stallings and Lawrie Brown provide a comprehensive survey of computer security threats, technical approaches to the detection and prevention of security attacks, software security issues, and management issues." "Throughout, the authors focus on core principles, showing how they unify the field of computer security and demonstrating their application in real-world systems and networks. They examine alternate design approaches to meeting security requirements and illuminate the standards that are central to today's security solutions." "Ideal for both academic and professional audiences, Computer Security offers exceptional clarity, careful organization, and extensive pedagogical support - including hundreds of carefully crafted practice problems."--BOOK JACKET.
Table of Contents
Notation Preface Chapter 0 Reader's and Instructor's Guide 0.1 Outline of the Book 0.2 A Roadmap for Readers and Instructors 0.3 Internet and Web Resources 0.4 Standards Chapter 1 Overview 1.1 Computer Security Concepts 1.2 Threats, Attacks, and Assets 1.3 Security Functional Requirements 1.4 A Security Architecture for Open Systems 1.5 The Scope of Computer Security 1.6 Computer Security Trends 1.7 Computer Security Strategy 1.8 Recommended Reading and Web Sites 1.9 Key Terms, Review Questions, and Problems Appendix 1A Signficant Security Standards and Documents PART ONE COMPUTER SECURITY TECHNOLOGY AND PRINCIPLES Chapter 2 Cryptographic Tools 2.1 Confidentiality with Symmetric Encryption 2.2 Message Authentication and Hash Functions 2.3 Public-Key Encryption 2.4 Digital Signatures and Key Management 2.5 Random and Pseudorandom Numbers 2.6 Practical Application: Encryption of Stored Data 2.7 Recommended Reading and Web Sites 2.8 Key Terms, Review Questions, and Problems Chapter 3 User Authentication 3.1 Means of Authentication 3.2 Password-Based Authentication 3.3 Token-Based Authentication 3.4 Biometric Authentication 3.5 Remote User Authentication 3.6 Security Issues for User Authentication 3.7 Practical Application: An Iris Biometric System 3.8 Case Study: Security Problems for ATM Systems 3.9 Recommended Reading and Web Sites 3.10 Key Terms, Review Questions, and Problems Chapter 4 Access Control 4.1 Access Control Principles 4.2 Subjects, Objects, and Access Rights 4.3 Discretionary Access Control 4.4 Example: UNIX File Access Control 4.5 Role-Based Access Control 4.6 Case Study: RBAC System for a Bank 4.7 Recommended Reading and Web Sites 4.8 Key Terms, Review Questions, and Problems Chapter 5 Database Security 5.1 Relational Databases 5.2 Database Access Control 5.3 Inference 5.4 Statistical Databases 5.5 Database Encryption 5.6 Recommended Reading 5.7 Key Terms, Review Questions, and Problems Chapter 6 Intrusion Detection 6.1 Intruders 6.2 Intrusion Detection 6.3 Host-Based Intrusion Detection 6.4 Distr
