Synopses & Reviews
This book is geared at postgraduate courses on managing and designing information systems. It concentrates primarily on security in military systems and looks at the different goals organisations might have in employing security techniques and which techniques are best suited to acheiving certain goals. The book provides answers to questions such as What is security? and What are the security problems particular to an IT system? It is essential reading for students on final year undergraduate courses and MSc courses on Infomations Systems, Management of Information Systems, and Design of Information Systems. The text is up-to-date and includes implications which arose from the Y2K date change.
Synopsis
Aimed primarily at final year undergraduate courses and MSc courses on Information Systems, Management of Information Systems and Design of Information Systems, this textbook aims to provide answers to five questions;
What is security? What are the security problems particular to an IT system? What can be done to reduce the security risks associated with such a system? In a given situation, what are the appropriate security countermeasures? How should one set about procuring an information system with security implications?
It looks at the different goals organisations might have in employing security techniques (availability, integrity, confidentiality, exclusivity) and which technique is best suited to achieving each goal. With guidelines appropriate for the protection of both conventional commercial and military systems, An Information Security Handbook will be of interest to computer system managers and administrators in any commercial or government organisation.
Table of Contents
1. Introduction 2. Technology and Security 3. Physical Security 4. Personnel Security 5. Communications Security 6. Unix Security 7. Internet Security 8. Radiation Security 9. Procedural Security 10. Software Security 11. Some Notes on Static Analysis 12. Computer Viruses 13. The Data Protection Act 14. System Administration and Security 15. The Management of Security 16. Conclusions A. Unix Security Resources B. DoD Computer System Evaluation Criteria C. IT Security Evaluation Criteria (ITSEC) D. An Example System Security Policy E. System Threats and Countermeasures F. Example List of Security Countermeasures Glossary of Information Security Terms References and Bilbliography Index.