Book Description

The New State-of-the-Art in Information Security: Now Covers the Economics of Cyber Security and the Intersection of Privacy and Information Security

For years, IT and security professionals and students have turned to Security in Computing as the definitive guide to information about computer security attacks and countermeasures. In their new fourth edition, Charles P. Pfleeger and Shari Lawrence Pfleeger have thoroughly updated their classic guide to reflect today's newest technologies, standards, and trends.

The authors first introduce the core concepts and vocabulary of computer security, including attacks and controls. Next, the authors systematically identify and assess threats now facing programs, operating systems, database systems, and networks. For each threat, they offer best-practice responses.

Security in Computing, Fourth Edition, goes beyond technology, covering crucial management issues faced in protecting infrastructure and information. This edition contains an all-new chapter on the economics of cybersecurity, explaining ways to make a business case for security investments. Another new chapter addresses privacy--from data mining and identity theft, to RFID and e-voting.

New coverage also includes

Programming mistakes that compromise security: man-in-the-middle, timing, and privilege escalation attacks

Web application threats and vulnerabilities

Networks of compromised systems: bots, botnets, and drones

Rootkits--including the notorious Sony XCP

Wi-Fi network security challenges, standards, and techniques

New malicious code attacks, including false interfaces and keystroke loggers

Improving code quality: software engineering, testing, and liability approaches

Biometric authentication: capabilities and limitations

Using the Advanced Encryption System (AES) more effectively

Balancing dissemination with piracy control in music and other digital content

Countering new cryptanalytic attacks against RSA, DES, and SHA

Responding to the emergence of organized attacker groups pursuing profit

The publisher, Prentice-Hall ECS Professional

A sweeping revision of the classic computer security text. This book provides end-to-end, detailed coverage of the state of the art in all aspects of computer security. Starting with a clear, in-depth review of cryptography, it also covers specific options for securing software and data against malicious code and intruders; the special challenges of securing networks and distributed systems; firewalls; ways to administer security on personal computers and UNIX systems; analyzing security risks and benefits; and the legal and ethical issues surrounding computer security. --This text refers to the Hardcover edition.