Computer security : principles and practice /: principles and practice. ([2018])
- Record Type:
- Book
- Title:
- Computer security : principles and practice /: principles and practice. ([2018])
- Main Title:
- Computer security : principles and practice
- Further Information:
- Note: William Stallings, Lawrie Brown.
- Authors:
- Stallings, William
Brown, Lawrie - Contents:
- Front Cover; Title Page; Copyright Page; Dedication Page; Contents; Preface; Notation; About the Authors; Chapter 1 Overview; 1.1 Computer Security Concepts; 1.2 Threats, Attacks, and Assets; 1.3 Security Functional Requirements; 1.4 Fundamental Security Design Principles; 1.5 Attack Surfaces and Attack Trees; 1.6 Computer Security Strategy; 1.7 Standards; 1.8 Key Terms, Review Questions, and Problems; Part One Computer Security Technology and Principles; Chapter 2 Cryptographic Tools; 2.1 Confidentiality with Symmetric Encryption; 2.2 Message Authentication and Hash Functions. 2.3 Public-Key Encryption2.4 Digital Signatures and Key Management; 2.5 Random and Pseudorandom Numbers; 2.6 Practical Application: Encryption of Stored Data; 2.7 Key Terms, Review Questions, and Problems; Chapter 3 User Authentication; 3.1 Digital User Authentication Principles; 3.2 Password-Based Authentication; 3.3 Token-Based Authentication; 3.4 Biometric Authentication; 3.5 Remote User Authentication; 3.6 Security Issues for User Authentication; 3.7 Practical Application: An Iris Biometric System; 3.8 Case Study: Security Problems for ATM Systems. 3.9 Key Terms, Review Questions, and ProblemsChapter 4 Access Control; 4.1 Access Control Principles; 4.2 Subjects, Objects, and Access Rights; 4.3 Discretionary Access Control; 4.4 Example: UNIX File Access Control; 4.5 Role-Based Access Control; 4.6 Attribute-Based Access Control; 4.7 Identity, Credential, and Access Management; 4.8 Trust Frameworks;Front Cover; Title Page; Copyright Page; Dedication Page; Contents; Preface; Notation; About the Authors; Chapter 1 Overview; 1.1 Computer Security Concepts; 1.2 Threats, Attacks, and Assets; 1.3 Security Functional Requirements; 1.4 Fundamental Security Design Principles; 1.5 Attack Surfaces and Attack Trees; 1.6 Computer Security Strategy; 1.7 Standards; 1.8 Key Terms, Review Questions, and Problems; Part One Computer Security Technology and Principles; Chapter 2 Cryptographic Tools; 2.1 Confidentiality with Symmetric Encryption; 2.2 Message Authentication and Hash Functions. 2.3 Public-Key Encryption2.4 Digital Signatures and Key Management; 2.5 Random and Pseudorandom Numbers; 2.6 Practical Application: Encryption of Stored Data; 2.7 Key Terms, Review Questions, and Problems; Chapter 3 User Authentication; 3.1 Digital User Authentication Principles; 3.2 Password-Based Authentication; 3.3 Token-Based Authentication; 3.4 Biometric Authentication; 3.5 Remote User Authentication; 3.6 Security Issues for User Authentication; 3.7 Practical Application: An Iris Biometric System; 3.8 Case Study: Security Problems for ATM Systems. 3.9 Key Terms, Review Questions, and ProblemsChapter 4 Access Control; 4.1 Access Control Principles; 4.2 Subjects, Objects, and Access Rights; 4.3 Discretionary Access Control; 4.4 Example: UNIX File Access Control; 4.5 Role-Based Access Control; 4.6 Attribute-Based Access Control; 4.7 Identity, Credential, and Access Management; 4.8 Trust Frameworks; 4.9 Case Study: RBAC System for a Bank; 4.10 Key Terms, Review Questions, and Problems; Chapter 5 Database and Data Center Security; 5.1 The Need for Database Security; 5.2 Database Management Systems; 5.3 Relational Databases. 5.4 SQL Injection Attacks5.5 Database Access Control; 5.6 Inference; 5.7 Database Encryption; 5.8 Data Center Security; 5.9 Key Terms, Review Questions, and Problems; Chapter 6 Malicious Software; 6.1 Types of Malicious Software (Malware); 6.2 Advanced Persistent Threat; 6.3 Propagation-Infected Content-Viruses; 6.4 Propagation-Vulnerability Exploit-Worms; 6.5 Propagation-Social Engineering-Spam E-mail, Trojans; 6.6 Payload-System Corruption; 6.7 Payload-Attack Agent-Zombie, Bots; 6.8 Payload-Information Theft-Keyloggers, Phishing, Spyware; 6.9 Payload-Stealthing-Backdoors, Rootkits. 6.10 Countermeasures6.11 Key Terms, Review Questions, and Problems; Chapter 7 Denial-of-Service Attacks; 7.1 Denial-of-Service Attacks; 7.2 Flooding Attacks; 7.3 Distributed Denial-of-Service Attacks; 7.4 Application-Based Bandwidth Attacks; 7.5 Reflector and Amplifier Attacks; 7.6 Defenses Against Denial-of-Service Attacks; 7.7 Responding to a Denial-of-Service Attack; 7.8 Key Terms, Review Questions, and Problems; Chapter 8 Intrusion Detection; 8.1 Intruders; 8.2 Intrusion Detection; 8.3 Analysis Approaches; 8.4 Host-Based Intrusion Detection; 8.5 Network-Based Intrusion Detection. … (more)
- Edition:
- Fourth edition, global edition
- Publisher Details:
- Harlow, United Kingdom : Pearson Education Limited
- Publication Date:
- 2018
- Extent:
- 1 online resource
- Subjects:
- 005.8
Computer security
Computer Security
Sécurité informatique
Computer security
Electronic books - Languages:
- English
- ISBNs:
- 9781292220635
1292220635 - Notes:
- Note: Includes bibliographical references and index.
Note: Online resource; title from digital title page (viewed on January 09, 2019). - Access Rights:
- Legal Deposit; Only available on premises controlled by the deposit library and to one user at any one time; The Legal Deposit Libraries (Non-Print Works) Regulations (UK).
- Access Usage:
- Restricted: Printing from this resource is governed by The Legal Deposit Libraries (Non-Print Works) Regulations (UK) and UK copyright law currently in force.
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library HMNTS - ELD.DS.725758
- Ingest File:
- 14_048.xml