David A. Curry is a technically sophisticated, business-savvy information security professional with over 25 years of cross-industry experience in diverse security, privacy, and systems roles including security and privacy governance, risk management and analysis, legal and regulatory compliance, security incident response, professional services, software design, systems programming, and systems administration. He has held multiple senior-level positions with responsibility for envisioning, implementing, and maintaining the major components of information security programs, including policies and standards, risk management methodologies, training and awareness programs, legal and regulatory compliance, third party vendor security management, and security incident management.

Prior to his specialization in information security governance, David spent over ten years as a UNIX and TCP/IP systems programmer and systems administrator in the university/research sector. Some of the software he developed during that time is still in use today. He also spent five years in the professional security services field, where he worked with many cutting-edge security technologies and applications that are taken for granted today. He was a founding member of the world’s first commercial computer security incident response service, and the principal designer of the world’s first commercial real-time intrusion detection monitoring service. He is also the author of three successful technical books: two on the topic of UNIX systems programming, and one on UNIX system security.

David’s varied background gives him a unique ability to examine problems from both the “business” and “technical” perspectives and devise an appropriate solution that meets the requirements of all stakeholders—business and information technology. He believes that one of the most important characteristics of any information security program is that it must support the business goals of the company and enable work to get done in a time- and cost-effective manner. David’s background has also allowed him to develop oral and written presentation skills suitable for any audience—technical, non-technical, or executive—an ability which is demonstrated by his selection as one of the top-five presenters at the Information Security Forum’s worldwide conference four years in a row.

David holds a Bachelor’s degree in Computer Science from Purdue University and is a Certified Information Systems Security Professional (CISSP).

Using C on the UNIX System provides a thorough introduction to the UNIX system call libraries. It is aimed at programmers who already know C, but who want to take full advantage of the UNIX programming environment. If you want to learn how to work with the operating system and to write programs that can interact with directories, terminals, and networks at the lowest level, you will find this book essential. It is impossible to write UNIX utilities of any sophistication without understanding the material in this book.Even if you don't want to program at this level, familiarity with the UNIX system interface is the mark of an experienced and fluent user. If you want to know how the C shell performs job control or how network addressing works, you will find the answer here. Your knowledge of the UNIX system is fundamentally incomplete until you can make C work for you.Using C provides discussions of the most important system calls as well as detailed descriptions of the important system data structures.Topics covered include:

Low-level I/O (open, close, read, write).

Files, directories, and the low-level structure of the file system.

I/O control, including terminal management (ioctl).

Reading the system administrative databases (getpwent, etc.).

Time, timers, and timing.

Signal handling.

How one program starts another program (system, execv, fork).

Job control.

Interprocess communication (sockets, message queues, semaphores, shared memory).

Networking (addressing, port numbers).

This book is based on Berkeley 4.3 UNIX, but also covers System V.