Teaching a web security course to practice information assurance
Proceedings of the 37th SIGCSE technical symposium on Computer science education
Scanning electronic documents for personally identifiable information
Proceedings of the 5th ACM workshop on Privacy in electronic society
Rewriting-Based Access Control Policies
Electronic Notes in Theoretical Computer Science (ENTCS)
Taming the diversity of information assurance & security
Journal of Computing Sciences in Colleges
An authentication and validation mechanism for analyzing syslogs forensically
ACM SIGOPS Operating Systems Review
Design and Delivery of Undergraduate IT Security Management Course
ISA '09 Proceedings of the 3rd International Conference and Workshops on Advances in Information Security and Assurance
Automatic Testing of Access Control for Security Properties
TESTCOM '09/FATES '09 Proceedings of the 21st IFIP WG 6.1 International Conference on Testing of Software and Communication Systems and 9th International FATES Workshop
Proceedings of the 3rd international conference on Security of information and networks
Internet voting: structural governance principles for election cyber security in democratic nations
Proceedings of the 2010 Workshop on Governance of Technology, Information and Policies
Principles, Systems and Applications of IP Telecommunications
Automated forensic fingerprint analysis: a novel generic process model and container format
BioID'11 Proceedings of the COST 2101 European conference on Biometrics and ID management
Relating declarative semantics and usability in access control
Proceedings of the Eighth Symposium on Usable Privacy and Security
A security pattern for data integrity in P2P systems
Proceedings of the 17th Conference on Pattern Languages of Programs
Hi-index | 0.00 |
In this authoritative book, widely respected practitioner and teacher Matt Bishop presents a clear and useful introduction to the art and science of information security. Bishop's insights and realistic examples will help any practitioner or student understand the crucial links between security theory and the day-to-day security challenges of IT environments.Bishop explains the fundamentals of security: the different types of widely used policies, the mechanisms that implement these policies, the principles underlying both policies and mechanisms, and how attackers can subvert these tools--as well as how to defend against attackers. A practicum demonstrates how to apply these ideas and mechanisms to a realistic company.Coverage includes Confidentiality, integrity, and availability Operational issues, cost-benefit and risk analyses, legal and human factors Planning and implementing effective access control Defining security, confidentiality, and integrity policies Using cryptography and public-key systems, and recognizing their limits Understanding and using authentication: from passwords to biometrics Security design principles: least-privilege, fail-safe defaults, open design, economy of mechanism, and more Controlling information flow through systems and networks Assuring security throughout the system lifecycle Malicious logic: Trojan horses, viruses, boot sector and executable infectors, rabbits, bacteria, logic bombs--and defenses against them Vulnerability analysis, penetration studies, auditing, and intrusion detection and prevention Applying security principles to networks, systems, users, and programsIntroduction to Computer Security is adapted from Bishop's comprehensive and widely praised book, Computer Security: Art and Science. This shorter version of the original work omits much mathematical formalism, making it more accessible for professionals and students who have a less formal mathematical background, or for readers with a more practical than theoretical interest.