x

Our Privacy Policy has changed. By using this site, you agree to the Privacy Policy.

Computer Security Art and Science

ISBN-10: 0201440997
ISBN-13: 9780201440997
Edition: 2003
List price: $99.99
30 day, 100% satisfaction guarantee

If an item you ordered from TextbookRush does not meet your expectations due to an error on our part, simply fill out a return request and then return it by mail within 30 days of ordering it for a full refund of item cost.

Learn more about our returns policy

Description: The importance of computer security has increased dramatically during the past few years. Bishop provides a monumental reference for the theory and practice of computer security. This is a textbook intended for use at the advanced undergraduate and  More...

what's this?
Rush Rewards U
Members Receive:
coins
coins
You have reached 400 XP and carrot coins. That is the daily max!
You could win $10,000

Get an entry for every item you buy, rent, or sell.

Study Briefs

Limited time offer: Get the first one free! (?)

All the information you need in one place! Each Study Brief is a summary of one specific subject; facts, figures, and explanations to help you learn faster.

Add to cart
Study Briefs
SQL Online content $4.95 $1.99
Add to cart
Study Briefs
MS Excel® 2010 Online content $4.95 $1.99
Add to cart
Study Briefs
MS Word® 2010 Online content $4.95 $1.99
Add to cart
Study Briefs
MS PowerPoint® 2010 Online content $4.95 $1.99

Customers also bought

Loading
Loading
Loading
Loading
Loading
Loading
Loading
Loading
Loading
Loading

Book details

List price: $99.99
Copyright year: 2003
Publisher: Addison Wesley Professional
Publication date: 12/2/2002
Binding: Hardcover
Pages: 1136
Size: 7.50" wide x 9.50" long x 1.75" tall
Weight: 4.136

The importance of computer security has increased dramatically during the past few years. Bishop provides a monumental reference for the theory and practice of computer security. This is a textbook intended for use at the advanced undergraduate and introductory graduate levels, non-University training courses, as well as reference and self-study for security professionals. Comprehensive in scope, this covers applied and practical elements, theory, and the reasons for the design of applications and security techniques. Bishop treats the management and engineering issues of computer. Excellent examples of ideas and mechanisms show how disparate techniques and principles are combined (or not) in widely-used systems. Features a distillation of a vast number of conference papers, dissertations and books that have appeared over the years, providing a valuable synthesis. This book is acclaimed for its scope, clear and lucid writing, and its combination of formal and theoretical aspects with real systems, technologies, techniques, and policies.

Preface
Goals
Philosophy
Organization
Roadmap
Dependencies
Background
Undergraduate Level
Graduate Level
Practitioners
Special Acknowledgment
Acknowledgments
Introduction
An Overview of Computer Security
The Basic Components
Threats
Policy and Mechanism
Assumptions and Trust
Assurance
Operational Issues
Human Issues
Tying It All Together
Summary
Research Issues
Further Reading
Exercises
Foundations
Access Control Matrix
Protection State
Access Control Matrix Model
Protection State Transitions
Copying, Owning, and the Attenuation of Privilege
Summary
Research Issues
Further Reading
Exercises
Foundational Results
The General Question
Basic Results
The Take-Grant Protection Model
Closing the Gap
Expressive Power and the Models
Summary
Research Issues
Further Reading
Exercises
Policy
Security Policies
Security Policies
Types of Security Policies
The Role of Trust
Types of Access Control
Policy Languages
Example: Academic Computer Security Policy
Security and Precision
Summary
Research Issues
Further Reading
Exercises
Confidentiality Policies
Goals of Confidentiality Policies
The Bell-LaPadula Model
Tranquility
The Controversy over the Bell-LaPadula Model
Summary
Research Issues
Further Reading
Exercises
Integrity Policies
Goals
Biba Integrity Model
Lipner's Integrity Matrix Model
Clark-Wilson Integrity Model
Summary
Research Issues
Further Reading
Exercises
Hybrid Policies
Chinese Wall Model
Clinical Information Systems Security Policy
Originator Controlled Access Control
Role-Based Access Control
Summary
Research Issues
Further Reading
Exercises
Noninterference and Policy Composition
The Problem
Deterministic Noninterference
Nondeducibility
Generalized Noninterference
Restrictiveness
Summary
Research Issues
Further Reading
Exercises
Implementation I: Cryptography
Basic Cryptography
What Is Cryptography?
Classical Cryptosystems
Public Key Cryptography
Cryptographic Checksums
Summary
Research Issues
Further Reading
Exercises
Key Management
Session and Interchange Keys
Key Exchange
Key Generation
Cryptographic Key Infrastructures
Storing and Revoking Keys
Digital Signatures
Summary
Research Issues
Further Reading
Exercises
Cipher Techniques
Problems
Stream and Block Ciphers
Networks and Cryptography
Example Protocols
Summary
Research Issues
Further Reading
Exercises
Authentication
Authentication Basics
Passwords
Challenge-Response
Biometrics
Location
Multiple Methods
Summary
Research Issues
Further Reading
Exercises
Implementation II: Systems
Design Principles
Overview
Design Principles
Summary
Research Issues
Further Reading
Exercises
Representing Identity
What Is Identity?
Files and Objects
Users
Groups and Roles
Naming and Certificates
Identity on the Web
Summary
Research Issues
Further Reading
Exercises
Access Control Mechanisms
Access Control Lists
Capabilities
Locks and Keys
Ring-Based Access Control
Propagated Access Control Lists
Summary
Research Issues
Further Reading
Exercises
Information Flow
Basics and Background
Nonlattice Information Flow Policies
Compiler-Based Mechanisms
Execution-Based Mechanisms
Example Information Flow Controls
Summary
Research Issues
Further Reading
Exercises
Confinement Problem
The Confinement Problem
Isolation
Covert Channels
Summary
Research Issues
Further Reading
Exercises
Assurance
Introduction to Assurance
Assurance and Trust
Building Secure and Trusted Systems
Summary
Research Issues
Further Reading
Exercises
Building Systems with Assurance
Assurance in Requirements Definition and Analysis
Assurance During System and Software Design
Assurance in Implementation and Integration
Assurance During Operation and Maintenance
Summary
Research Issues
Further Reading
Exercises
Formal Methods
Formal Verification Techniques
Formal Specification
Early Formal Verification Techniques
Current Verification Systems
Summary
Research Issues
Further Reading
Exercises
Evaluating Systems
Goals of Formal Evaluation
TCSEC: 1983-1999
International Efforts and the ITSEC: 1991-2001
Commercial International Security Requirements: 1991
Other Commercial Efforts: Early 1990s
The Federal Criteria: 1992
FIPS 140: 1994-Present
The Common Criteria: 1998-Present
SSE-CMM: 1997-Present
Summary
Research Issues
Further Reading
Exercises
Special Topics
Malicious Logic
Introduction
Trojan Horses
Computer Viruses
Computer Worms
Other Forms of Malicious Logic
Theory of Malicious Logic
Defenses
Summary
Research Issues
Further Reading
Exercises
Vulnerability Analysis
Introduction
Penetration Studies
Vulnerability Classification
Frameworks
Gupta and Gligor's Theory of Penetration Analysis
Summary
Research Issues
Further Reading
Exercises
Auditing
Definitions
Anatomy of an Auditing System
Designing an Auditing System
A Posteriori Design
Auditing Mechanisms
Examples: Auditing File Systems
Audit Browsing
Summary
Research Issues
Further Reading
Exercises
Intrusion Detection
Principles
Basic Intrusion Detection
Models
Architecture
Organization of Intrusion Detection Systems
Intrusion Response
Summary
Research Issues
Further Reading
Exercises
Practicum
Network Security
Introduction
Policy Development
Network Organization
Availability and Network Flooding
Anticipating Attacks
Summary
Research Issues
Further Reading
Exercises
System Security
Introduction
Policy
Networks
Users
Authentication
Processes
Files
Retrospective
Summary
Research Issues
Further Reading
Exercises
User Security
Policy
Access
Files and Devices
Processes
Electronic Communications
Summary
Research Issues
Further Reading
Exercises
Program Security
Introduction
Requirements and Policy
Design
Refinement and Implementation
Common Security-Related Programming Problems
Testing, Maintenance, and Operation
Distribution
Conclusion
Summary
Research Issues
Further Reading
Exercises
End Matter
Lattices
Basics
Lattices
Exercises
The Extended Euclidean Algorithm
The Euclidean Algorithm
The Extended Euclidean Algorithm
Solving ax mod n = 1
Solving ax mod n = b
Exercises
Entropy and Uncertainty
Conditional and Joint Probability
Entropy and Uncertainty
Joint and Conditional Entropy
Exercises
Virtual Machines
Virtual Machine Structure
Virtual Machine Monitor
Exercises
Symbolic Logic
Propositional Logic
Predicate Logic
Temporal Logic Systems
Exercises
Example Academic Security Policy
University of California E-mail Policy
The Acceptable Use Policy for the University of California, Davis
Bibliography
Index

×
Free shipping on orders over $35*

*A minimum purchase of $35 is required. Shipping is provided via FedEx SmartPost® and FedEx Express Saver®. Average delivery time is 1 – 5 business days, but is not guaranteed in that timeframe. Also allow 1 - 2 days for processing. Free shipping is eligible only in the continental United States and excludes Hawaii, Alaska and Puerto Rico. FedEx service marks used by permission."Marketplace" orders are not eligible for free or discounted shipping.

Learn more about the TextbookRush Marketplace.

×