Product Description: The New State-of-the-Art in Information Security: Now Covers the Economics of Cyber Security and the Intersection of Privacy and Information Security
For years, IT and security professionals and students have turned to Security in Computing as the definitive guide to information about computer security attacks and countermeasures. In their new fourth edition, Charles P. Pfleeger and Shari Lawrence Pfleeger have thoroughly updated their classic guide to reflect today's newest technologies, standards, and trends.
The authors first introduce the core concepts and vocabulary of computer security, including attacks and controls. Next, the authors systematically identify and assess threats now facing programs, operating systems, database systems, and networks. For each threat, they offer best-practice responses.
Security in Computing, Fourth Edition, goes beyond technology, covering crucial management issues faced in protecting infrastructure and information. This edition contains an all-new chapter on the economics of cybersecurity, explaining ways to make a business case for security investments. Another new chapter addresses privacy--from data mining and identity theft, to RFID and e-voting.
New coverage also includes
Programming mistakes that compromise security: man-in-the-middle, timing, and privilege escalation attacks
Web application threats and vulnerabilities
Networks of compromised systems: bots, botnets, and drones
Rootkits--including the notorious Sony XCP
Wi-Fi network security challenges, standards, and techniques
New malicious code attacks, including false interfaces and keystroke loggers
Improving code quality: software engineering, testing, and liability approaches
Biometric authentication: capabilities and limitations
Using the Advanced Encryption System (AES) more effectively
Balancing dissemination with piracy control in music and other digital content
Countering new cryptanalytic attacks against RSA, DES, and SHA
Responding to the emergence of organized attacker groups pursuing profit
Good resource Nutshell review - This is a very good resource for infosec professionals. Topics are broken down by chapters and they can be read and referenced in any order. Covers the basics and then some. Good balance of depth and breadth.
useless This was a required book for a security course at my school, the money would have been better spent on paper to print wikipedia articles which are just as relevant and useful as this book. If you are looking for a book to learn anything about security from, this is not the book for you.
Aimed at a really low level I tried using this book for an undergraduate computer security course I teach. I found the level pathetically low, and found only a few scattered sections to have any value for someone with a basic knowledge of computers (like what a first-year student in CS would know). It seems the authors have aimed their book at a general audience; if you want something at all technical, look elsewhere.
The foundational information every professional should know... It's easy to find security books that will tell you how to break or secure a system. But there's not an abundance of books that go into the foundational information in great depth. This one does just that... Security in Computing (4th Edition) by Charles P. Pfleeger and Shari Lawrence Pfleeger.
Contents: Is There a Security Problem in Computing?; Elementary Cryptography; Program Security; Protection in General-Purpose Operating Systems; Designing Trusted Operating Systems; Database and Data Mining Security; Security in Networks; Administering Security; The Economics of Cybersecurity; Privacy in Computing; Legal and Ethical Issues in Computer Security; Cryptography Explained; Bibliography; Index
Security in Computing is probably best thought of as a "textbook" on the subject. At 850 pages, it's pretty dense and structured similar to what you'd expect to pick up at a college bookstore. In all the chapters, you'll be introduced to the essential terms and concepts, which then serve as the base for additional discussion of the finer details and implications. And like most textbooks, there are exercises at the end which you can just see being assigned by your prof. There's a strong emphasis on cryptography, as two of the chapters deal with that topic. Without getting into minutiae and esoterica, the authors give you all the foundational information you could ask for.
This is *not* a practical hands-on treatment of software security. If you're expecting to read up on the latest hacks and virus techniques, you'll be disappointed. This also isn't the type of book you'll be pulling off your bookshelf every day as reference. But if you're a security professional, you *need* to know these essential concepts. This would be one of those "other" security books that you should own to make sure you're covering all the bases on your education.
very superficial, not in depth enough I found this book to give only a cursory overview to some very important topics. If you're very new to computer security, and for that matter computers and IT in general, this may be a useful book. Anyone who has even a basic knowledge of computer security will not find this book useful at all.
Anything Goes Trivia
Megaton Man
Trevor
