Skip to content
Cart (0) Free shipping over $35*
Buybacks (0) Free shipping on buybacks
loading
Help Contact
Return rental ›

Introduction to Computer Security

Best in textbook rentals since 2012!

ISBN-10: 0321247442

ISBN-13: 9780321247445

Edition: 2005

Authors: Matt Bishop

List price: $84.99
Blue ribbon 30 day, 100% satisfaction guarantee!
Marketplace
3 new & used from $26.70
what's this?
Rush Rewards U
Members Receive:
Carrot Coin icon
XP icon
You have reached 400 XP and carrot coins. That is the daily max!

Description:

By removing material from the original book, Computer Security: Art and Science(0201440997, AWP), that is highly mathematical or otherwise difficult for manyreaders to understand, Matt Bishop has made his authoritative work oncomputer security art and science more accessible both for professionals newto the field and undergraduate students. The organization of the abridged bookfollows the syllabus Bishop includes in his current work for a nonmathematicalundergraduate course. It focuses more on the application of theory than thetheory itself. Readers learn quickly how to implement security.
Customers also bought

Book details

List price: $84.99
Copyright year: 2005
Publisher: Addison Wesley Professional
Publication date: 10/26/2004
Binding: Hardcover
Pages: 792
Size: 7.40" wide x 9.30" long x 1.30" tall
Weight: 3.300
Language: English

Preface
Goals
Philosophy
Organization
Differences Between this Book and Computer Security: Art and Science
Special Acknowledgment
Acknowledgments
An Overview of Computer Security
The Basic Components
Confidentiality
Integrity
Availability
Threats
Policy and Mechanism
Goals of Security
Assumptions and Trust
Assurance
Specification
Design
Implementation
Operational Issues
Cost-Benefit Analysis
Risk Analysis
Laws and Customs
Human Issues
Organizational Problems
People Problems
Tying It All Together
Summary
Further Reading
Exercises
Access Control Matrix
Protection State
Access Control Matrix Model
Protection State Transitions
Conditional Commands
Summary
Further Reading
Exercises
Foundational Results
The General Question
Basic Results
Summary
Further Reading
Exercises
Security Policies
Security Policies
Types of Security Policies
The Role of Trust
Types of Access Control
Example: Academic Computer Security Policy
General University Policy
Electronic Mail Policy
Summary
Further Reading
Exercises
Confidentiality Policies
Goals of Confidentiality Policies
The Bell-LaPadula Model
Informal Description
Example: The Data General B2 UNIX System
Summary
Further Reading
Exercises
Integrity Policies
Goals
Biba Integrity Model
Clark-Wilson Integrity Model
The Model
Comparison with the Requirements
Comparison with Other Models
Summary
Further Reading
Exercises
Hybrid Policies
Chinese Wall Model
Bell-LaPadula and Chinese Wall Models
Clark-Wilson and Chinese Wall Models
Clinical Information Systems Security Policy
Bell-LaPadula and Clark-Wilson Models
Originator Controlled Access Control
Role-Based Access Control
Summary
Further Reading
Exercises
Basic Cryptography
What Is Cryptography?
Classical Cryptosystems
Transposition Ciphers
Substitution Ciphers
Data Encryption Standard
Other Classical Ciphers
Public Key Cryptography
RSA
Cryptographic Checksums
HMAC
Summary
Further Reading
Exercises
Key Management
Session and Interchange Keys
Key Exchange
Classical Cryptographic Key Exchange and Authentication
Kerberos
Public Key Cryptographic Key Exchange and Authentication
Cryptographic Key Infrastructures
Certificate Signature Chains
Summary
Storing and Revoking Keys
Key Storage
Key Revocation
Digital Signatures
Classical Signatures
Public Key Signatures
Summary
Further Reading
Exercises
Cipher Techniques
Problems
Precomputing the Possible Messages
Misordered Blocks
Statistical Regularities
Summary
Stream and Block Ciphers
Stream Ciphers
Block Ciphers
Networks and Cryptography
Example Protocols
Secure Electronic Mail: PEM
Security at the Network Layer: IPsec
Conclusion
Summary
Further Reading
Exercises
Authentication
Authentication Basics
Passwords
Attacking a Password System
Countering Password Guessing
Password Aging
Challenge-Response
Pass Algorithms
One-Time Passwords
Hardware-Supported Challenge-Response Procedures
Challenge-Response and Dictionary Attacks
Biometrics
Fingerprints
Voices
Eyes
Faces
Keystrokes
Combinations
Caution
Location
Multiple Methods
Summary
Further Reading
Exercises
Design Principles
Overview
Design Principles
Principle of Least Privilege
Principle of Fail-Safe Defaults
Principle of Economy of Mechanism
Principle of Complete Mediation
Principle of Open Design
Principle of Separation of Privilege
Principle of Least Common Mechanism
Principle of Psychological Acceptability
Summary
Further Reading
Exercises
Representing Identity
What Is Identity?
Files and Objects
Users
Groups and Roles
Naming and Certificates
The Meaning of the Identity
Trust
Identity on the Web
Host Identity
State and Cookies
Anonymity on the Web
Summary
Further Reading
Exercises
Access Control Mechanisms
Access Control Lists
Abbreviations of Access Control Lists
Creation and Maintenance of Access Control Lists
Revocation of Rights
Example: Windows NT Access Control Lists
Capabilities
Implementation of Capabilities
Copying and Amplifying Capabilities
Revocation of Rights
Limits of Capabilities
Comparison with Access Control Lists
Locks and Keys
Type Checking
Ring-Based Access Control
Propagated Access Control Lists
Summary
Further Reading
Exercises
Information Flow
Basics and Background
Information Flow Models and Mechanisms
Compiler-Based Mechanisms
Declarations
Program Statements
Exceptions and Infinite Loops
Concurrency
Soundness
Execution-Based Mechanisms
Fenton's Data Mark Machine
Variable Classes
Example Information Flow Controls
Security Pipeline Interface
Secure Network Server Mail Guard
Summary
Further Reading
Exercises
Confinement Problem
The Confinement Problem
Isolation
Virtual Machines
Sandboxes
Covert Channels
Detection of Covert Channels
Mitigation of Covert Channels
Summary
Further Reading
Exercises
Introduction to Assurance
Assurance and Trust
The Need for Assurance
The Role of Requirements in Assurance
Assurance Throughout the Life Cycle
Building Secure and Trusted Systems
Life Cycle
The Waterfall Life Cycle Model
Other Models of Software Development
Building Security In or Adding Security Later
Summary
Further Reading
Exercises
Evaluating Systems
Goals of Formal Evaluation
Deciding to Evaluate
Historical Perspective of Evaluation Methodologies
TCSEC: 1983-1999
TCSEC Requirements
The TCSEC Evaluation Classes
The TCSEC Evaluation Process
Impacts
FIPS 140: 1994-Present
FIPS 140 Requirements
FIPS 140-2 Security Levels
Impact
The Common Criteria: 1998-Present
Overview of the Methodology
CC Requirements
CC Security Functional Requirements
Assurance Requirements
Evaluation Assurance Levels
Evaluation Process
Impacts
Future of the Common Criteria
SSE-CMM: 1997-Present
The SSE-CMM Model
Using the SSE-CMM
Summary
Further Reading
Exercises
Malicious Logic
Introduction
Trojan Horses
Computer Viruses
Boot Sector Infectors
Executable Infectors
Multipartite Viruses
TSR Viruses
Stealth Viruses
Encrypted Viruses
Polymorphic Viruses
Macro Viruses
Computer Worms
Other Forms of Malicious Logic
Rabbits and Bacteria
Logic Bombs
Defenses
Malicious Logic Acting as Both Data and Instructions
Malicious Logic Assuming the Identity of a User
Malicious Logic Crossing Protection Domain Boundaries by Sharing
Malicious Logic Altering Files
Malicious Logic Performing Actions Beyond Specification
Malicious Logic Altering Statistical Characteristics
The Notion of Trust
Summary
Further Reading
Exercises
Vulnerability Analysis
Introduction
Penetration Studies
Goals
Layering of Tests
Methodology at Each Layer
Flaw Hypothesis Methodology
Example: Penetration of the Michigan Terminal System
Example: Compromise of a Burroughs System
Example: Penetration of a Corporate Computer System
Example: Penetrating a UNIX System
Example: Penetrating a Windows NT System
Debate
Conclusion
Vulnerability Classification
Two Security Flaws
Frameworks
The RISOS Study
Protection Analysis Model
The NRL Taxonomy
Aslam's Model
Comparison and Analysis
Further Reading
Exercises
Auditing
Definitions
Anatomy of an Auditing System
Logger
Analyzer
Notifier
Designing an Auditing System
Implementation Considerations
Syntactic Issues
Log Sanitization
Application and System Logging
A Posteriori Design
Auditing to Detect Violations of a Known Policy
Auditing to Detect Known Violations of a Policy
Auditing Mechanisms
Secure Systems
Nonsecure Systems
Examples: Auditing File Systems
Audit Analysis of the NFS Version 2 Protocol
The Logging and Auditing File System (LAFS)
Comparison
Audit Browsing
Summary
Further Reading
Exercises
Intrusion Detection
Principles
Basic Intrusion Detection
Models
Anomaly Modeling
Misuse Modeling
Specification Modeling
Summary
Architecture
Agent
Director
Notifier
Organization of Intrusion Detection Systems
Monitoring Network Traffic for Intrusions: NSM
Combining Host and Network Monitoring: DIDS
Autonomous Agents: AAFID
Intrusion Response
Incident Prevention
Intrusion Handling
Exercises
Network Security
Introduction
Policy Development
Data Classes
User Classes
Availability
Consistency Check
Network Organization
Firewalls and Proxies
Analysis of the Network Infrastructure
In the DMZ
In the Internal Network
General Comment on Assurance
Availability and Network Flooding
Intermediate Hosts
TCP State and Memory Allocations
Anticipating Attacks
Summary
Further Reading
Exercises
System Security
Introduction
Policy
The Web Server System in the DMZ
The Development System
Comparison
Conclusion
Networks
The Web Server System in the DMZ
The Development System
Comparison
Users
The Web Server System in the DMZ
The Development System
Comparison
Authentication
The Web Server System in the DMZ
Development Network System
Comparison
Processes
The Web Server System in the DMZ
The Development System
Comparison
Files
The Web Server System in the DMZ
The Development System
Comparison
Retrospective
The Web Server System in the DMZ
The Development System
Summary
Further Reading
Exercises
User Security
Policy
Access
Passwords
The Login Procedure
Leaving the System
Files and Devices
Files
Devices
Processes
Copying and Moving Files
Accidentally Overwriting Files
Encryption, Cryptographic Keys, and Passwords
Start-up Settings
Limiting Privileges
Malicious Logic
Electronic Communications
Automated Electronic Mail Processing
Failure to Check Certificates
Sending Unexpected Content
Summary
Further Reading
Exercises
Program Security
Introduction
Requirements and Policy
Requirements
Threats
Design
Framework
Access to Roles and Commands
Refinement and Implementation
First-Level Refinement
Second-Level Refinement
Functions
Summary
Common Security-Related Programming Problems
Improper Choice of Initial Protection Domain
Improper Isolation of Implementation Detail
Improper Change
Improper Naming
Improper Deallocation or Deletion
Improper Validation
Improper Indivisibility
Improper Sequencing
Improper Choice of Operand or Operation
Summary
Testing, Maintenance, and Operation
Testing
Testing Composed Modules
Testing the Program
Distribution
Conclusion
Summary
Further Reading
Exercises
Lattices
Basics
Lattices
Exercises
The Extended Euclidean Algorithm
The Euclidean Algorithm
The Extended Euclidean Algorithm
Solving ax mod n = 1
Solving ax mod n = b
Exercises
Virtual Machines
Virtual Machine Structure
Virtual Machine Monitor
Privilege and Virtual Machines
Physical Resources and Virtual Machines
Paging and Virtual Machines
Exercises
Bibliography
Index
  • TextbookRush.com BBB Business Review
  • Trustpilot
Like TextbookRush on Facebook Follow TextbookRush on X Follow TextbookRush on Instagram Subscribe to TextbookRush on YouTube Follow TextbookRush on Pinterest Add TextbookRush on Snapchat Add TextbookRush on TikTok
© 2002-2024 TextbookRush
Subscribe