Computer security

Art and Science

Matt Bishop

1084 pages, parution le 19/12/2002

Ajouter à une liste

Indisponible

Résumé

This highly anticipated book introduces the theory and practice of computer security. It is both a comprehensive text, explaining the most fundamental and pervasive aspects of the field, and a detailed reference, filled with valuable information for even the most seasoned practitioner. In one extraordinary volume, the author has compiled a report on the current state of computer security art and science.

Computer Security: Art and Science includes detailed discussions of the following topics:

The nature and challenges of computer security
The relationship between policy and security
The role and application of cryptography
The implementation of requirements imposed by policies
Methodologies and technologies for assurance
Vulnerability analysis and intrusion detection

Each chapter states a desired policy and explains how to translate that policy into a set of mechanisms and procedures that will support the policy. The book concludes with examples that demonstrate how to apply the principles discussed in earlier sections, beginning with networks and moving on to systems, users, and programs.

The author states three goals for his work:

To show the importance of both theory and practice to computer security
To emphasize that computer security is more than just cryptography
To demonstrate that computer security is an art as well as a science

In meeting these goals with distinction, Matt Bishop has written a book that is essential for anyone who needs to understand, implement, or maintain a secure network or computer system.

Contents

I. INTRODUCTION.
1. An Overview Of Computer Security.
II. FOUNDATIONS.
2. Access Control Matrix.
3. Fundamental Results.
III. POLICY.
4. Security Policies.
5. Confidentiality Policies.
6. Integrity Policies.
7. Hybrid Policies.
8. Non-Interference and Policy Composition.
IV. IMPLEMENTATION I: CRYPTOGRAPHY.
9. Basic Cryptography.
10. Key Management.
11. Cipher Techniques.
12. Authentication.
V. IMPLEMENTATION II: SYSTEMS.
13. Design Principles.
14. Representing Identity.
15. Access Control Mechanisms.
16. Information Flow.
17. Confinement Problem.
VI. ASSURANCE.
18. Assurance Basics.
19. Building Systems.
20. Formal Methods and Testing.
21. Evaluating Systems.
22. Malicious Logic.
VII. SPECIAL TOPICS.
23. Vulnerability Analysis.
24. Auditing.
25. Intrusion Detection.
VIII. Practicum.
26. Network Security.
27. System Security.
28. User Security.
29. Program Security.
IX. End Matter.
30. Lattices.
31. The Extended Euclidean Algorithm.
32. Entropy and Uncertainty.
34. Example Academic Security Policy.
35. Bibliography.

Caractéristiques techniques

	PAPIER
Éditeur(s)	Addison Wesley
Auteur(s)	Matt Bishop
Parution	19/12/2002
Nb. de pages	1084
Format	19,5 x 24
Couverture	Broché
Poids	1881g
Intérieur	Noir et Blanc
EAN13	9780201440997
ISBN13	978-0-201-44099-7