The classic guide to information security—fully updated for the latest attacks and countermeasures

Security in Computing, Third Edition systematically demonstrates how to control failures of confidentiality, integrity, and availability in applications, databases, operating systems, and networks alike.

This sweeping revision of the field's classic guide to computer security reflects today's entirely new generation of network- and Internet-based threats and vulnerabilities, and offers practical guidance for responding to them.

• Updated to cover wireless security, intrusion detection, AES, DRM, biometrics, honeypots, online privacy, and more
• Security in Internet-based, distributed, desktop and traditional centralized applications
• New attacks, including scripted vulnerability probing, denial of service, and buffer overflows—with symptoms and cures
• Clear, accessible introduction to cryptography—without sophisticated math
• Up-to-the-minute explanations of digital signatures, certificates, and leading-edge quantum cryptography
• Thoroughly revamped coverage of software engineering practices designed to enhance program security
• Expanded coverage of risk management, contingency planning, and security policies
• Detailed presentation of protection in general-purpose and trusted operating systems
• Extensive pedagogical resources: end-of-chapter reviews and exercises, lists of key terms, and authoritative references

Exceptionally clear and easy to understand, the book covers not only technical issues, but also law, privacy, ethics, and the physical and administrative aspects of security.

The companion website (http://www.phptr.com/pfleeger/) contains additional information, book updates, and instructor's resources.

Covers all aspects of security in computing, including viruses, worms, Trojan horses, and other forms of malicious code; firewalls and the protection of networked systems; e-mail privacy, including PEM, PGP, key management, and certificates; key escrow--both as a technology and in the "Clipper" program; evaluation of trusted systems, including the Common Criteria, the ITSEC, and the OrangeBook; standards for program development and quality, including ISO9000; secure installations of PCs, UNIX, and networked environments; and ethical and legal issues in computing.
Annotation c. Book News, Inc., Portland, OR (booknews.com)

Includes bibliographical references (p. 537-559) and index.

CHARLES P. PFLEEGER is a Master Security Architect for Cable and Wireless, the world's premier web hosting and Internet solutions provider. He regularly advises clients on secure design and implementation of network applications and architectures.

SHARI LAWRENCE PFLEEGER, senior researcher for RAND, is author of eight books on software engineering, measurement, and quality, including Software Engineering: Theory and Practice, Second Edition (Prentice Hall). She was named by The Journal of Systems and Software as one of the world's top software engineering researchers.

Foreword by Willis H. Ware.

Foreword.

Preface to the Third Edition.

1. Is There a Security Problem in Computing?

2. Elementary Cryptography.

3. Program Security.

4. Protection in General-Purpose Operating Systems.

5.Designing Trusted Operating Systems.

6. Database Security.

7. Security in Networks.

8. Administering Security.

9. Legal, Privacy, and Ethical Issues in Computer Security.

10. Cryptography Explained.

Bibliography.

Index.