25 Books to Read Before You Die
 
 

Recently Viewed clear list


The Powell's Playlist | August 6, 2014

Graham Joyce: IMG The Powell’s Playlist: Graham Joyce



The Ghost in the Electric Blue Suit is set on the English coast in the hot summer of 1976, so the music in this playlist is pretty much all from the... Continue »
  1. $17.47 Sale Hardcover add to wish list

spacer
Qualifying orders ship free.
$138.00
New Hardcover
Ships in 1 to 3 days
Add to Wishlist
available for shipping or prepaid pickup only
Available for In-store Pickup
in 7 to 12 days
Qty Store Section
18 Remote Warehouse Networking- Computer Security

More copies of this ISBN

Computer Security: Principles and Practice (Stallings)

by

Computer Security: Principles and Practice (Stallings) Cover

 

Synopses & Reviews

Publisher Comments:

Computer Security: Principles and Practice, 2e, is ideal for courses in Computer/Network Security.

 

In recent years, the need for education in computer security and related topics has grown dramatically – and is essential for anyone studying Computer Science or Computer Engineering. This is the only text available to provide integrated, comprehensive, up-to-date coverage of the broad range of topics in this subject.  In addition to an extensive pedagogical program, the book provides unparalleled support for both research and modeling projects, giving students a broader perspective. 

The Text and Academic Authors Association named Computer Security: Principles and Practice, 1e, the winner of the Textbook Excellence Award for the best Computer Science textbook of 2008.

About the Author

William Stallings has made a unique contribution to understanding the broad sweep of technical developments in computer networking and computer architecture. He has authored 18 titles, and counting revised editions, a total of 35 books on various aspects of these subjects. In over 20 years in the field, he has been a technical contributor, technical manager, and an executive with several high-technology firms. Currently he is an independent consultant whose clients have included computer and networking manufacturers and customers, software development firms, and leading-edge government research institutions.

He has received the prize for best Computer Science and Engineering textbook of the year from the Textbook and Academic Authors Association seven times.

Bill has designed and implemented both TCP/IP-based and OSI-based protocol suites on a variety of computers and operating systems, ranging from microcomputers to mainframes. As a consultant, he has advised government agencies, computer and software vendors, and major users on the design, selection, and use of networking software and products.

Dr. Stallings holds a Ph.D. from M.I.T. in Computer Science and a B.S. from Notre Dame in Electrical Engineering.

Dr. Lawrie Brown is Senior Lecturer at the School of Information Technology and Electrical Engineering at the University of New South Wales at the Australian Defence Force Academy, Canberra, Australia.

Table of Contents

Online Resources xiii

Notation xiv

About the Authors xv

Preface xvii

Chapter 0 Reader’s and Instructor’s Guide 1

0.1 Outline of This Book 2

0.2 A Roadmap for Readers and Instructors 2

0.3 Support for CISSP Certification 3

0.4 Internet and Web Resources 5

0.5 Standards 7

Chapter 1 Overview 9

1.1 Computer Security Concepts 10

1.2 Threats, Attacks, and Assets 18

1.3 Security Functional Requirements 23

1.4 A Security Architecture for Open Systems 26

1.5 Computer Security Trends 31

1.6 Computer Security Strategy 33

1.7 Recommended Reading and Web Sites 35

1.8 Key Terms, Review Questions, and Problems 36

PART ONE: COMPUTER SECURITY TECHNOLOGY AND PRINCIPLES 38

Chapter 2 Cryptographic Tools 38

2.1 Confidentiality with Symmetric Encryption 39

2.2 Message Authentication and Hash Functions 46

2.3 Public-Key Encryption 54

2.4 Digital Signatures and Key Management 59

2.5 Random and Pseudorandom Numbers 62

2.6 Practical Application: Encryption of Stored Data 64

2.7 Recommended Reading and Web Sites 66

2.8 Key Terms, Review Questions, and Problems 67

Chapter 3 User Authentication 71

3.1 Means of Authentication 73

3.2 Password-Based Authentication 73

3.3 Token-Based Authentication 84

3.4 Biometric Authentication 88

3.5 Remote User Authentication 93

3.6 Security Issues for User Authentication 95

3.7 Practical Application: An Iris Biometric System 97

3.8 Case Study: Security Problems for ATM Systems 99

3.9 Recommended Reading and Web Sites 101

3.10 Key Terms, Review Questions, and Problems 103

Chapter 4 Access Control 105

4.1 Access Control Principles 106

4.2 Subjects, Objects, and Access Rights 110

4.3 Discretionary Access Control 111

4.4 Example: UNIX File Access Control 118

4.5 Role-Based Access Control 121

4.6 Case Study: RBAC System for a Bank 129

4.7 Recommended Reading and Web Site 132

4.8 Key Terms, Review Questions, and Problems 133

Chapter 5 Database Security 137

5.1 The Need for Database Security 138

5.2 Database Management Systems 139

5.3 Relational Databases 141

5.4 Database Access Control 144

5.5 Inference 149

5.6 Statistical Databases 152

5.7 Database Encryption 162

5.8 Cloud Security 166

5.9 Recommended Reading and Web Site 172

5.10 Key Terms, Review Questions, and Problems 173

Chapter 6 Malicious Software 178

6.1 Types of Malicious Software (Malware) 179

6.2 Propagation–Infected Content–Viruses 182

6.3 Propagation–Vulnerability Exploit–Worms 188

6.4 Propagation–Social Engineering–SPAM E-mail, Trojans 195

6.5 Payload–System Corruption 197

6.6 Payload–Attack Agent–Zombie, Bots 199

6.7 Payload–Information Theft–Keyloggers, Phishing, Spyware 201

6.8 Payload–Stealthing–Backdoors, Rootkits 202

6.9 Countermeasures 206

6.10 Recommended Reading and Web Sites 215

6.11 Key Terms, Review Questions, and Problems 216

Chapter 7 Denial-of-Service Attacks 220

7.1 Denial-of-Service Attacks 221

7.2 Flooding Attacks 228

7.3 Distributed Denial-of-Service Attacks 230

7.4 Application-Based Bandwidth Attacks 232

7.5 Reflector and Amplifier Attacks 234

7.6 Defenses Against Denial-of-Service Attacks 239

7.7 Responding to a Denial-of-Service Attack 243

7.8 Recommended Reading and Web Sites 244

7.9 Key Terms, Review Questions, and Problems 245

Chapter 8 Intrusion Detection 248

8.1 Intruders 249

8.2 Intrusion Detection 253

8.3 Host-Based Intrusion Detection 256

8.4 Distributed Host-Based Intrusion Detection 263

8.5 Network-Based Intrusion Detection 265

8.6 Distributed Adaptive Intrusion Detection 270

8.7 Intrusion Detection Exchange Format 273

8.8 Honeypots 275

8.9 Example System: Snort 277

8.10 Recommended Reading and Web Sites 281

8.11 Key Terms, Review Questions, and Problems 282

Chapter 9 Firewalls and Intrusion Prevention Systems 285

9.1 The Need for Firewalls 286

9.2 Firewall Characteristics 287

9.3 Types of Firewalls 288

9.4 Firewall Basing 296

9.5 Firewall Location and Configurations 298

9.6 Intrusion Prevention Systems 303

9.7 Example: Unified Threat Management Products 306

9.8 Recommended Reading and Web Site 310

9.9 Key Terms, Review Questions, and Problems 311

PART TWO: SOFTWARE SECURITY AND TRUSTED SYSTEMS 316

Chapter 10 Buffer Overflow 316

10.1 Stack Overflows 318

10.2 Defending Against Buffer Overflows 339

10.3 Other Forms of Overflow Attacks 345

10.4 Recommended Reading and Web Sites 352

10.5 Key Terms, Review Questions, and Problems 353

Chapter 11 Software Security 355

11.1 Software Security Issues 356

11.2 Handling Program Input 360

11.3 Writing Safe Program Code 371

11.4 Interacting with the Operating System and Other Programs 376

11.5 Handling Program Output 389

11.6 Recommended Reading and Web Sites 391

11.7 Key Terms, Review Questions, and Problems 392

Chapter 12 Operating System Security 396

12.1 Introduction to Operating System Security 398

12.2 System Security Planning 399

12.3 Operating Systems Hardening 399

12.4 Application Security 404

12.5 Security Maintenance 405

12.6 Linux/Unix Security 406

12.7 Windows Security 410

12.8 Virtualization Security 412

12.9 Recommended Reading and Web Sites 416

12.10 Key Terms, Review Questions, and Problems 417

Chapter 13 Trusted Computing and Multilevel Security 420

13.1 The Bell-LaPadula Model for Computer Security 421

13.2 Other Formal Models for Computer Security 431

13.3 The Concept of Trusted Systems 437

13.4 Application of Multilevel Security 440

13.5 Trusted Computing and the Trusted Platform Module 447

13.6 Common Criteria for Information Technology Security Evaluation 451

13.7 Assurance and Evaluation 457

13.8 Recommended Reading and Web Sites 462

13.9 Key Terms, Review Questions, and Problems 463

PART THREE: MANAGEMENT ISSUES 466

Chapter 14 IT Security Management and Risk Assessment 466

14.1 IT Security Management 467

14.2 Organizational Context and Security Policy 470

14.3 Security Risk Assessment 473

14.4 Detailed Security Risk Analysis 476

14.5 Case Study: Silver Star Mines 488

14.6 Recommended Reading and Web Sites 493

14.7 Key Terms, Review Questions, and Problems 494

Chapter 15 IT Security Controls, Plans, and Procedures 497

15.1 IT Security Management Implementation 498

15.2 Security Controls or Safeguards 498

15.3 IT Security Plan 506

15.4 Implementation of Controls 507

15.5 Implementation Follow-up 508

15.6 Case Study: Silver Star Mines 511

15.7 Recommended Reading 514

15.8 Key Terms, Review Questions, and Problems 514

Chapter 16 Physical and Infrastructure Security 516

16.1 Overview 517

16.2 Physical Security Threats 518

16.3 Physical Security Prevention and Mitigation Measures 525

16.4 Recovery from Physical Security Breaches 528

16.5 Example: A Corporate Physical Security Policy 529

16.6 Integration of Physical and Logical Security 529

16.7 Recommended Reading and Web Sites 536

16.8 Key Terms, Review Questions, and Problems 537

Chapter 17 Human Resources Security 539

17.1 Security Awareness, Training, and Education 540

17.2 Employment Practices and Policies 546

17.3 E-Mail and Internet Use Policies 549

17.4 Computer Security Incident Response Teams 550

17.5 Recommended Reading and Web Sites 557

17.6 Key Terms, Review Questions, and Problems 558

Chapter 18 Security Auditing 560

18.1 Security Auditing Architecture 562

18.2 The Security Audit Trail 567

18.3 Implementing the Logging Function 571

18.4 Audit Trail Analysis 583

18.5 Example: An Integrated Approach 587

18.6 Recommended Reading and Web Site 590

18.7 Key Terms, Review Questions, and Problems 591

Chapter 19 Legal and Ethical Aspects 593

19.1 Cybercrime and Computer Crime 594

19.2 Intellectual Property 598

19.3 Privacy 605

19.4 Ethical Issues 611

19.5 Recommended Reading and Web Sites 618

19.6 Key Terms, Review Questions, and Problems 620

PART FOUR CRYPTOGRAPHIC ALGORITHMS 623

Chapter 20 Symmetric Encryption and Message Confidentiality 623

20.1 Symmetric Encryption Principles 624

20.2 Data Encryption Standard 629

20.3 Advanced Encryption Standard 631

20.4 Stream Ciphers and RC4 637

20.5 Cipher Block Modes of Operation 640

20.6 Location of Symmetric Encryption Devices 646

20.7 Key Distribution 648

20.8 Recommended Reading and Web Sites 650

20.9 Key Terms, Review Questions, and Problems 650

Chapter 21 Public-Key Cryptography and Message Authentication 655

21.1 Secure Hash Functions 656

21.2 HMAC 662

21.3 The RSA Public-Key Encryption Algorithm 665

21.4 Diffie-Hellman and Other Asymmetric Algorithms 671

21.5 Recommended Reading and Web Sites 676

21.6 Key Terms, Review Questions, and Problems 676

PART FIVE NETWORK SECURITY 680

Chapter 22 Internet Security Protocols and Standards 680

22.1 Secure E-mail and S/MIME 681

22.2 DomainKeys Identified Mail 684

22.3 Secure Sockets Layer (SSL) and Transport Layer Security (TLS) 688

22.4 HTTPS 692

22.5 IPv4 and IPv6 Security 699

22.6 Recommended Reading and Web Sites 699

22.7 Key Terms, Review Questions, and Problems 700

Chapter 23 Internet Authentication Applications 703

23.1 Kerberos 704

23.2 X.509 710

23.3 Public-Key Infrastructure 713

23.4 Federated Identity Management 715

23.5 Recommended Reading and Web Sites 719

23.6 Key Terms, Review Questions, and Problems 720

Chapter 24 Wireless Network Security 722

24.1 Wireless Security Overview 723

24.2 IEEE 802.11 Wireless LAN Overview 726

24.3 IEEE 802.11i Wireless LAN Security 732

24.4 Recommended Reading and Web Sites 746

24.5 Key Terms, Review Questions, and Problems 747

APPENDICES

Appendix A Projects and Other Student Exercises for Teaching Computer Security 750

A.1 Hacking Project 751

A.2 Laboratory Exercises 752

A.3 Research Projects 752

A.4 Programming Projects 753

A.5 Practical Security Assessments 753

A.6 Firewall Projects 754

A.7 Case Studies 754

A.8 Writing Assignments 754

A.9 Reading/Report Assignments 755

References 756

Index 774

Credits 787

ONLINE CHAPTERS AND APPENDICES  (Online chapters, appendices, and other documents are Premium Content, available via the access card at the front of the book.)

Chapter 25 Linux Security

25.1 Introduction

25.2 Linux’s Security Model

25.3 The Linux DAC in Depth: Filesystem Security

25.4 Linux Vulnerabilities

25.5 Linux System Hardening

25.6 Application Security

25.7 Mandatory Access Controls

25.8 Recommended Reading and Web Sites

25.9 Key Terms, Review Questions, and Problems

Chapter 26 Windows and Windows Vista Security

26.1 Windows Security Architecture

26.2 Windows Vulnerabilities

26.3 Windows Security Defenses

26.4 Browser Defenses

26.5 Cryptographic Services

26.6 Common Criteria

26.7 Recommended Reading and Web Sites

26.8 Key Terms, Review Questions, Problems, and Projects

Appendix B Some Aspects of Number Theory

B.1 Prime and Relatively Prime Numbers

B.2 Modular Arithmetic

B.3 Fermat’s and Euler’s Theorems

Appendix C Standards and Standard-Setting Organizations

C.1 The Importance of Standards

C.2 Internet Standards and the Internet Society

C.3 National Institute of Standards and Technology

C.4 The International Telecommunication Union

C.5 The International Organization for Standardization

C.6 Significant Security Standards and Documents

Appendix D Random and Pseudorandom Number Generation

D.1 The Use of Random Numbers

D.2 Pseudorandom Number Generators (PRNGs)

D.3 True Random Number Generators

D.4 References

Appendix E Message Authentication Codes Based on Block Ciphers

E.1 Cipher-Based Message Authentication Code (CMAC)

E.2 Counter with Cipher Block Chaining-Message Authentication Code

Appendix F TCP/IP Protocol Architecture

F.1 TCP/IP Layers

F.2 TCP and UDP

F.3 Operation of TCP/IP

F.4 TCP/IP Applications

Appendix G Radix-64 Conversion

Appendix H Security Policy-Related Documents

H.1 A Company’s Physical and Environmental Security Policy

H.2 Security Policy Standard of Good Practice

H.3 Security Awareness Standard of Good Practice

H.4 Information Privacy Standard of Good Practice

H.5 Incident Handling Standard of Good Practice Appendix

I The Domain Name System

I.1 Domain Names

I.2 The DNS Database

I.3 DNS Operation Appendix J The Base-Rate Fallacy

J.1 Conditional Probability and Independence

J.2 Bayes’ Theorem

J.3 The Base-Rate Fallacy Demonstrated

Appendix K Glossary

Product Details

ISBN:
9780132775069
Author:
Stallings, William
Publisher:
Prentice Hall
Author:
Brown, Lawrie
Author:
Brown, Lawrence
Subject:
Security
Subject:
Networking-Computer Security
Copyright:
Series:
Stallings
Publication Date:
20111028
Binding:
HARDCOVER
Language:
English
Pages:
816
Dimensions:
9.2 x 7.1 x 1.3 in 1166 gr

Related Subjects

Computers and Internet » Computers Reference » General
Computers and Internet » Internet » General
Computers and Internet » Networking » Computer Security
Textbooks » General

Computer Security: Principles and Practice (Stallings) New Hardcover
0 stars - 0 reviews
$138.00 In Stock
Product details 816 pages Prentice Hall - English 9780132775069 Reviews:
spacer
spacer
  • back to top
Follow us on...




Powell's City of Books is an independent bookstore in Portland, Oregon, that fills a whole city block with more than a million new, used, and out of print books. Shop those shelves — plus literally millions more books, DVDs, and gifts — here at Powells.com.