Skip to content
Cart (0) Free shipping over $35*
Buybacks (0) Free shipping on buybacks
loading
Help Contact
Return rental ›

Computer Security Art and Science

Best in textbook rentals since 2012!

ISBN-10: 0201440997

ISBN-13: 9780201440997

Edition: 2003

Authors: Matthew A. Bishop

List price: $99.99
Blue ribbon 30 day, 100% satisfaction guarantee!
Marketplace
4 new & used from $6.72
what's this?
Rush Rewards U
Members Receive:
Carrot Coin icon
XP icon
You have reached 400 XP and carrot coins. That is the daily max!

The importance of computer security has increased dramatically during the past few years. Bishop provides a monumental reference for the theory and practice of computer security. This is a textbook intended for use at the advanced undergraduate and introductory graduate levels, non-University training courses, as well as reference and self-study for security professionals. Comprehensive in scope, this covers applied and practical elements, theory, and the reasons for the design of applications and security techniques. Bishop treats the management and engineering issues of computer. Excellent examples of ideas and mechanisms show how disparate techniques and principles are combined (or not)…    
Customers also bought

Book details

List price: $99.99
Copyright year: 2003
Publisher: Addison Wesley Professional
Publication date: 12/2/2002
Binding: Hardcover
Pages: 1136
Size: 7.50" wide x 9.50" long x 1.75" tall
Weight: 4.136
Language: English

Preface
Goals
Philosophy
Organization
Roadmap
Dependencies
Background
Undergraduate Level
Graduate Level
Practitioners
Special Acknowledgment
Acknowledgments
Introduction
An Overview of Computer Security
The Basic Components
Threats
Policy and Mechanism
Assumptions and Trust
Assurance
Operational Issues
Human Issues
Tying It All Together
Summary
Research Issues
Further Reading
Exercises
Foundations
Access Control Matrix
Protection State
Access Control Matrix Model
Protection State Transitions
Copying, Owning, and the Attenuation of Privilege
Summary
Research Issues
Further Reading
Exercises
Foundational Results
The General Question
Basic Results
The Take-Grant Protection Model
Closing the Gap
Expressive Power and the Models
Summary
Research Issues
Further Reading
Exercises
Policy
Security Policies
Security Policies
Types of Security Policies
The Role of Trust
Types of Access Control
Policy Languages
Example: Academic Computer Security Policy
Security and Precision
Summary
Research Issues
Further Reading
Exercises
Confidentiality Policies
Goals of Confidentiality Policies
The Bell-LaPadula Model
Tranquility
The Controversy over the Bell-LaPadula Model
Summary
Research Issues
Further Reading
Exercises
Integrity Policies
Goals
Biba Integrity Model
Lipner's Integrity Matrix Model
Clark-Wilson Integrity Model
Summary
Research Issues
Further Reading
Exercises
Hybrid Policies
Chinese Wall Model
Clinical Information Systems Security Policy
Originator Controlled Access Control
Role-Based Access Control
Summary
Research Issues
Further Reading
Exercises
Noninterference and Policy Composition
The Problem
Deterministic Noninterference
Nondeducibility
Generalized Noninterference
Restrictiveness
Summary
Research Issues
Further Reading
Exercises
Implementation I: Cryptography
Basic Cryptography
What Is Cryptography?
Classical Cryptosystems
Public Key Cryptography
Cryptographic Checksums
Summary
Research Issues
Further Reading
Exercises
Key Management
Session and Interchange Keys
Key Exchange
Key Generation
Cryptographic Key Infrastructures
Storing and Revoking Keys
Digital Signatures
Summary
Research Issues
Further Reading
Exercises
Cipher Techniques
Problems
Stream and Block Ciphers
Networks and Cryptography
Example Protocols
Summary
Research Issues
Further Reading
Exercises
Authentication
Authentication Basics
Passwords
Challenge-Response
Biometrics
Location
Multiple Methods
Summary
Research Issues
Further Reading
Exercises
Implementation II: Systems
Design Principles
Overview
Design Principles
Summary
Research Issues
Further Reading
Exercises
Representing Identity
What Is Identity?
Files and Objects
Users
Groups and Roles
Naming and Certificates
Identity on the Web
Summary
Research Issues
Further Reading
Exercises
Access Control Mechanisms
Access Control Lists
Capabilities
Locks and Keys
Ring-Based Access Control
Propagated Access Control Lists
Summary
Research Issues
Further Reading
Exercises
Information Flow
Basics and Background
Nonlattice Information Flow Policies
Compiler-Based Mechanisms
Execution-Based Mechanisms
Example Information Flow Controls
Summary
Research Issues
Further Reading
Exercises
Confinement Problem
The Confinement Problem
Isolation
Covert Channels
Summary
Research Issues
Further Reading
Exercises
Assurance
Introduction to Assurance
Assurance and Trust
Building Secure and Trusted Systems
Summary
Research Issues
Further Reading
Exercises
Building Systems with Assurance
Assurance in Requirements Definition and Analysis
Assurance During System and Software Design
Assurance in Implementation and Integration
Assurance During Operation and Maintenance
Summary
Research Issues
Further Reading
Exercises
Formal Methods
Formal Verification Techniques
Formal Specification
Early Formal Verification Techniques
Current Verification Systems
Summary
Research Issues
Further Reading
Exercises
Evaluating Systems
Goals of Formal Evaluation
TCSEC: 1983-1999
International Efforts and the ITSEC: 1991-2001
Commercial International Security Requirements: 1991
Other Commercial Efforts: Early 1990s
The Federal Criteria: 1992
FIPS 140: 1994-Present
The Common Criteria: 1998-Present
SSE-CMM: 1997-Present
Summary
Research Issues
Further Reading
Exercises
Special Topics
Malicious Logic
Introduction
Trojan Horses
Computer Viruses
Computer Worms
Other Forms of Malicious Logic
Theory of Malicious Logic
Defenses
Summary
Research Issues
Further Reading
Exercises
Vulnerability Analysis
Introduction
Penetration Studies
Vulnerability Classification
Frameworks
Gupta and Gligor's Theory of Penetration Analysis
Summary
Research Issues
Further Reading
Exercises
Auditing
Definitions
Anatomy of an Auditing System
Designing an Auditing System
A Posteriori Design
Auditing Mechanisms
Examples: Auditing File Systems
Audit Browsing
Summary
Research Issues
Further Reading
Exercises
Intrusion Detection
Principles
Basic Intrusion Detection
Models
Architecture
Organization of Intrusion Detection Systems
Intrusion Response
Summary
Research Issues
Further Reading
Exercises
Practicum
Network Security
Introduction
Policy Development
Network Organization
Availability and Network Flooding
Anticipating Attacks
Summary
Research Issues
Further Reading
Exercises
System Security
Introduction
Policy
Networks
Users
Authentication
Processes
Files
Retrospective
Summary
Research Issues
Further Reading
Exercises
User Security
Policy
Access
Files and Devices
Processes
Electronic Communications
Summary
Research Issues
Further Reading
Exercises
Program Security
Introduction
Requirements and Policy
Design
Refinement and Implementation
Common Security-Related Programming Problems
Testing, Maintenance, and Operation
Distribution
Conclusion
Summary
Research Issues
Further Reading
Exercises
End Matter
Lattices
Basics
Lattices
Exercises
The Extended Euclidean Algorithm
The Euclidean Algorithm
The Extended Euclidean Algorithm
Solving ax mod n = 1
Solving ax mod n = b
Exercises
Entropy and Uncertainty
Conditional and Joint Probability
Entropy and Uncertainty
Joint and Conditional Entropy
Exercises
Virtual Machines
Virtual Machine Structure
Virtual Machine Monitor
Exercises
Symbolic Logic
Propositional Logic
Predicate Logic
Temporal Logic Systems
Exercises
Example Academic Security Policy
University of California E-mail Policy
The Acceptable Use Policy for the University of California, Davis
Bibliography
Index
  • TextbookRush.com BBB Business Review
  • Trustpilot
Like TextbookRush on Facebook Follow TextbookRush on X Follow TextbookRush on Instagram Subscribe to TextbookRush on YouTube Follow TextbookRush on Pinterest Add TextbookRush on Snapchat Add TextbookRush on TikTok
© 2002-2024 TextbookRush
Subscribe