Table Of Content

Sixth Edition COMPUTER SECURITY HANDBOOK Edited by Seymour Bosworth M.E. Kabay Eric Whyne COMPUTER SECURITY HANDBOOK COMPUTER SECURITY HANDBOOK Sixth Edition Volume 1 Edited by SEYMOUR BOSWORTH MICHEL E. KABAY ERIC WHYNE Coverimage:©iStockphoto.com/JimmyAnderson Coverdesign:Wiley Copyright©2014byJohnWiley&Sons,Inc.Allrightsreserved. PublishedbyJohnWiley&Sons,Inc.,Hoboken,NewJersey. PreviousEdition:ComputerSecurityHandbook,FifthEdition.Copyright©2009byJohnWiley&Sons,Inc. AllRightsReserved.PublishedbyJohnWiley&Sons,Inc.,Hoboken,NewJersey. PublishedsimultaneouslyinCanada. Nopartofthispublicationmaybereproduced,storedinaretrievalsystem,ortransmittedinanyformorbyany means,electronic,mechanical,photocopying,recording,scanning,orotherwise,exceptaspermittedunder Section107or108ofthe1976UnitedStatesCopyrightAct,withouteitherthepriorwrittenpermissionofthe Publisher,orauthorizationthroughpaymentoftheappropriateper-copyfeetotheCopyrightClearanceCenter, Inc.,222RosewoodDrive,Danvers,MA01923,(978)750-8400,fax(978)646-8600,orontheWebat www.copyright.com.RequeststothePublisherforpermissionshouldbeaddressedtothePermissions Department,JohnWiley&Sons,Inc.,111RiverStreet,Hoboken,NJ07030,(201)748-6011, fax(201)748-6008,oronlineathttp://www.wiley.com/go/permissions. LimitofLiability/DisclaimerofWarranty:Whilethepublisherandauthorhaveusedtheirbesteffortsin preparingthisbook,theymakenorepresentationsorwarrantieswithrespecttotheaccuracyorcompletenessof thecontentsofthisbookandspecificallydisclaimanyimpliedwarrantiesofmerchantabilityorfitnessfora particularpurpose.Nowarrantymaybecreatedorextendedbysalesrepresentativesorwrittensalesmaterials. Theadviceandstrategiescontainedhereinmaynotbesuitableforyoursituation.Youshouldconsultwitha professionalwhereappropriate.Neitherthepublishernorauthorshallbeliableforanylossofprofitoranyother commercialdamages,includingbutnotlimitedtospecial,incidental,consequential,orotherdamages. Forgeneralinformationonourotherproductsandservicesorfortechnicalsupport,pleasecontactourCustomer CareDepartmentwithintheUnitedStatesat(800)762-2974,outsidetheUnitedStatesat(317)572-3993or fax(317)572-4002. Wileypublishesinavarietyofprintandelectronicformatsandbyprint-on-demand.Somematerialincluded withstandardprintversionsofthisbookmaynotbeincludedine-booksorinprint-on-demand.Ifthisbook referstomediasuchasaCDorDVDthatisnotincludedintheversionyoupurchased,youmaydownloadthis materialathttp://booksupport.wiley.com.FormoreinformationaboutWileyproducts,visitwww.wiley.com. LibraryofCongressCataloging-in-PublicationData Computersecurityhandbook/[editedby]SeymourBosworth,MichelE.Kabay, EricWhyne.–Sixthedition. volumescm Includesindex. ISBN978-1-118-13410-8(vol.1:pbk.)–ISBN978-1-118-13411-5(vol.2:pbk.)– ISBN978-1-118-12706-3(2volumeset:pbk.);ISBN978-1-118-85174-6(ebk); ISBN978-1-118-85179-1(ebk) 1.Electronicdataprocessingdepartments–Securitymeasures. I.Bosworth,Seymour. II.Kabay,MichelE. III.Whyne,Eric,1981– HF5548.37.C642014 658.4′78–dc23 2013041083 PrintedintheUnitedStatesofAmerica 10 9 8 7 6 5 4 3 2 1 CONTENTS PREFACE ACKNOWLEDGMENTS ABOUTTHEEDITORS ABOUTTHECONTRIBUTORS ANOTETOTHEINSTRUCTOR PARTI FOUNDATIONSOFCOMPUTERSECURITY 1. BriefHistoryandMissionofInformationSystemSecurity SeymourBosworthandRobertV.Jacobson 2. HistoryofComputerCrime M.E.Kabay 3. TowardaNewFrameworkforInformationSecurity DonnB.Parker,CISSP 4. HardwareElementsofSecurity SyBosworthandStephenCobb 5. DataCommunicationsandInformationSecurity RaymondPankoandEricFisher 6. LocalAreaNetworkTopologies,Protocols,andDesign GaryC.Kessler 7. Encryption StephenCobbandCorinneLeFranc¸ois 8. UsingaCommonLanguageforComputerSecurityIncidentInformation JohnD.Howard v vi CONTENTS 9. MathematicalModelsofComputerSecurity MattBishop 10. UnderstandingStudiesandSurveysofComputerCrime M.E.Kabay 11. FundamentalsofIntellectualPropertyLaw WilliamA.ZuckerandScottJ.Nathan PARTII THREATSANDVULNERABILITIES 12. ThePsychologyofComputerCriminals Q.CampbellandDavidM.Kennedy 13. TheInsiderThreat GaryL.Tagg,CISSP 14. InformationWarfare SeymourBosworth 15. PenetratingComputerSystemsandNetworks CheyCobb,StephenCobb,M.E.Kabay,andTimCrothers 16. MaliciousCode RobertGuessandEricSalveggio 17. MobileCode RobertGezelter 18. Denial-of-ServiceAttacks GaryC.Kessler 19. Social-EngineeringandLow-TechAttacks KarthikRaman,SusanBaumes,KevinBeets,andCarlNess 20. Spam,Phishing,andTrojans:AttacksMeanttoFool StephenCobb 21. Web-BasedVulnerabilities AnupK.Ghosh,KurtBaumgarten,JenniferHadley,andStevenLovaas 22. PhysicalThreatstotheInformationInfrastructure FranklinPlatt PARTIII PREVENTION:TECHNICALDEFENSES 23. ProtectingthePhysicalInformationInfrastructure FranklinPlatt CONTENTS vii 24. OperatingSystemSecurity WilliamStallings 25. LocalAreaNetworks N.ToddPritsky,JosephR.Bumblis,andGaryC.Kessler 26. GatewaySecurityDevices JustinOpatrny 27. IntrusionDetectionandIntrusionPreventionDevices RebeccaGurleyBace 28. IdentificationandAuthentication RaviSandhu,JenniferHadley,StevenLovaas,andNicholasTakacs 29. BiometricAuthentication EricSalveggio,StevenLovaas,DavidR.Lease,andRobertGuess 30. E-CommerceandWebServerSafeguards RobertGezelter 31. WebMonitoringandContentFiltering StevenLovaas 32. VirtualPrivateNetworksandSecureRemoteAccess JustinOpatrnyandCarlNess 33. 802.11WirelessLANSecurity GaryL.Tagg,CISSPandJasonSinchak,CISSP 34. SecuringVoIP ChristopherDantosandJohnMason 35. SecuringP2P,IM,SMS,andCollaborationTools CarlNess 36. SecuringStoredData DavidJ.Johnson,NicholasTakacs,JenniferHadley,andM.E.Kabay 37. PKIandCertificateAuthorities SantoshChokhani,PadgettPeterson,andStevenLovaas 38. WritingSecureCode LesterE.Nichols,M.E.Kabay,andTimothyBraithwaite 39. SoftwareDevelopmentandQualityAssurance DianeE.Levine,JohnMason,andJenniferHadley 40. ManagingSoftwarePatchesandVulnerabilities KarenScarfone,PeterMell,andMurugiahSouppaya viii CONTENTS 41. AntivirusTechnology CheyCobbandAllysaMyers 42. ProtectingDigitalRights:TechnicalApproaches RobertGuess,JenniferHadley,StevenLovaas,andDianeE.Levine PARTIV PREVENTION:HUMANFACTORS 43. EthicalDecisionMakingandHighTechnology JamesLandonLinderman 44. SecurityPolicyGuidelines M.E.KabayandBridgittRobertson 45. EmploymentPracticesandPolicies M.E.KabayandBridgittRobertson 46. VulnerabilityAssessment RebeccaGurleyBaceandJasonSinchak 47. OperationsSecurityandProductionControls M.E.Kabay,DonHolden,andMylesWalsh 48. EmailandInternetUsePolicies M.E.KabayandNicholasTakacs 49. ImplementingaSecurity-AwarenessProgram K.Rudolph 50. UsingSocialPsychologytoImplementSecurityPolicies M.E.Kabay,BridgittRobertson,ManiAkella,andD.T.Lang 51. SecurityStandardsforProducts PaulBrusilandNoelZakin PARTV DETECTINGSECURITYBREACHES 52. ApplicationControls MylesWalshandSusanBaumes 53. MonitoringandControlSystems CalebS.CogginsandDianeE.Levine 54. SecurityAudits DonaldGlass,RichardO.MooreIII,ChrisDavis,JohnMason, DavidGursky,JamesThomas,WendyCarr,M.E.Kabay,andDianeLevine 55. CyberInvestigation PeterStephenson

ebook img

computer security handbook PDF

2207 Pages·2014·27.72 MB·English
by  Seymour Bosworth
#computer security #william stalling #william stallings cryptography and network security
Save to my drive
Quick download
Download
Upgrade Premium
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview computer security handbook

Sixth Edition COMPUTER SECURITY HANDBOOK Edited by Seymour Bosworth M.E. Kabay Eric Whyne COMPUTER SECURITY HANDBOOK COMPUTER SECURITY HANDBOOK Sixth Edition Volume 1 Edited by SEYMOUR BOSWORTH MICHEL E. KABAY ERIC WHYNE Coverimage:©iStockphoto.com/JimmyAnderson Coverdesign:Wiley Copyright©2014byJohnWiley&Sons,Inc.Allrightsreserved. PublishedbyJohnWiley&Sons,Inc.,Hoboken,NewJersey. PreviousEdition:ComputerSecurityHandbook,FifthEdition.Copyright©2009byJohnWiley&Sons,Inc. AllRightsReserved.PublishedbyJohnWiley&Sons,Inc.,Hoboken,NewJersey. PublishedsimultaneouslyinCanada. Nopartofthispublicationmaybereproduced,storedinaretrievalsystem,ortransmittedinanyformorbyany means,electronic,mechanical,photocopying,recording,scanning,orotherwise,exceptaspermittedunder Section107or108ofthe1976UnitedStatesCopyrightAct,withouteitherthepriorwrittenpermissionofthe Publisher,orauthorizationthroughpaymentoftheappropriateper-copyfeetotheCopyrightClearanceCenter, Inc.,222RosewoodDrive,Danvers,MA01923,(978)750-8400,fax(978)646-8600,orontheWebat www.copyright.com.RequeststothePublisherforpermissionshouldbeaddressedtothePermissions Department,JohnWiley&Sons,Inc.,111RiverStreet,Hoboken,NJ07030,(201)748-6011, fax(201)748-6008,oronlineathttp://www.wiley.com/go/permissions. LimitofLiability/DisclaimerofWarranty:Whilethepublisherandauthorhaveusedtheirbesteffortsin preparingthisbook,theymakenorepresentationsorwarrantieswithrespecttotheaccuracyorcompletenessof thecontentsofthisbookandspecificallydisclaimanyimpliedwarrantiesofmerchantabilityorfitnessfora particularpurpose.Nowarrantymaybecreatedorextendedbysalesrepresentativesorwrittensalesmaterials. Theadviceandstrategiescontainedhereinmaynotbesuitableforyoursituation.Youshouldconsultwitha professionalwhereappropriate.Neitherthepublishernorauthorshallbeliableforanylossofprofitoranyother commercialdamages,includingbutnotlimitedtospecial,incidental,consequential,orotherdamages. Forgeneralinformationonourotherproductsandservicesorfortechnicalsupport,pleasecontactourCustomer CareDepartmentwithintheUnitedStatesat(800)762-2974,outsidetheUnitedStatesat(317)572-3993or fax(317)572-4002. Wileypublishesinavarietyofprintandelectronicformatsandbyprint-on-demand.Somematerialincluded withstandardprintversionsofthisbookmaynotbeincludedine-booksorinprint-on-demand.Ifthisbook referstomediasuchasaCDorDVDthatisnotincludedintheversionyoupurchased,youmaydownloadthis materialathttp://booksupport.wiley.com.FormoreinformationaboutWileyproducts,visitwww.wiley.com. LibraryofCongressCataloging-in-PublicationData Computersecurityhandbook/[editedby]SeymourBosworth,MichelE.Kabay, EricWhyne.–Sixthedition. volumescm Includesindex. ISBN978-1-118-13410-8(vol.1:pbk.)–ISBN978-1-118-13411-5(vol.2:pbk.)– ISBN978-1-118-12706-3(2volumeset:pbk.);ISBN978-1-118-85174-6(ebk); ISBN978-1-118-85179-1(ebk) 1.Electronicdataprocessingdepartments–Securitymeasures. I.Bosworth,Seymour. II.Kabay,MichelE. III.Whyne,Eric,1981– HF5548.37.C642014 658.4′78–dc23 2013041083 PrintedintheUnitedStatesofAmerica 10 9 8 7 6 5 4 3 2 1 CONTENTS PREFACE ACKNOWLEDGMENTS ABOUTTHEEDITORS ABOUTTHECONTRIBUTORS ANOTETOTHEINSTRUCTOR PARTI FOUNDATIONSOFCOMPUTERSECURITY 1. BriefHistoryandMissionofInformationSystemSecurity SeymourBosworthandRobertV.Jacobson 2. HistoryofComputerCrime M.E.Kabay 3. TowardaNewFrameworkforInformationSecurity DonnB.Parker,CISSP 4. HardwareElementsofSecurity SyBosworthandStephenCobb 5. DataCommunicationsandInformationSecurity RaymondPankoandEricFisher 6. LocalAreaNetworkTopologies,Protocols,andDesign GaryC.Kessler 7. Encryption StephenCobbandCorinneLeFranc¸ois 8. UsingaCommonLanguageforComputerSecurityIncidentInformation JohnD.Howard v vi CONTENTS 9. MathematicalModelsofComputerSecurity MattBishop 10. UnderstandingStudiesandSurveysofComputerCrime M.E.Kabay 11. FundamentalsofIntellectualPropertyLaw WilliamA.ZuckerandScottJ.Nathan PARTII THREATSANDVULNERABILITIES 12. ThePsychologyofComputerCriminals Q.CampbellandDavidM.Kennedy 13. TheInsiderThreat GaryL.Tagg,CISSP 14. InformationWarfare SeymourBosworth 15. PenetratingComputerSystemsandNetworks CheyCobb,StephenCobb,M.E.Kabay,andTimCrothers 16. MaliciousCode RobertGuessandEricSalveggio 17. MobileCode RobertGezelter 18. Denial-of-ServiceAttacks GaryC.Kessler 19. Social-EngineeringandLow-TechAttacks KarthikRaman,SusanBaumes,KevinBeets,andCarlNess 20. Spam,Phishing,andTrojans:AttacksMeanttoFool StephenCobb 21. Web-BasedVulnerabilities AnupK.Ghosh,KurtBaumgarten,JenniferHadley,andStevenLovaas 22. PhysicalThreatstotheInformationInfrastructure FranklinPlatt PARTIII PREVENTION:TECHNICALDEFENSES 23. ProtectingthePhysicalInformationInfrastructure FranklinPlatt CONTENTS vii 24. OperatingSystemSecurity WilliamStallings 25. LocalAreaNetworks N.ToddPritsky,JosephR.Bumblis,andGaryC.Kessler 26. GatewaySecurityDevices JustinOpatrny 27. IntrusionDetectionandIntrusionPreventionDevices RebeccaGurleyBace 28. IdentificationandAuthentication RaviSandhu,JenniferHadley,StevenLovaas,andNicholasTakacs 29. BiometricAuthentication EricSalveggio,StevenLovaas,DavidR.Lease,andRobertGuess 30. E-CommerceandWebServerSafeguards RobertGezelter 31. WebMonitoringandContentFiltering StevenLovaas 32. VirtualPrivateNetworksandSecureRemoteAccess JustinOpatrnyandCarlNess 33. 802.11WirelessLANSecurity GaryL.Tagg,CISSPandJasonSinchak,CISSP 34. SecuringVoIP ChristopherDantosandJohnMason 35. SecuringP2P,IM,SMS,andCollaborationTools CarlNess 36. SecuringStoredData DavidJ.Johnson,NicholasTakacs,JenniferHadley,andM.E.Kabay 37. PKIandCertificateAuthorities SantoshChokhani,PadgettPeterson,andStevenLovaas 38. WritingSecureCode LesterE.Nichols,M.E.Kabay,andTimothyBraithwaite 39. SoftwareDevelopmentandQualityAssurance DianeE.Levine,JohnMason,andJenniferHadley 40. ManagingSoftwarePatchesandVulnerabilities KarenScarfone,PeterMell,andMurugiahSouppaya viii CONTENTS 41. AntivirusTechnology CheyCobbandAllysaMyers 42. ProtectingDigitalRights:TechnicalApproaches RobertGuess,JenniferHadley,StevenLovaas,andDianeE.Levine PARTIV PREVENTION:HUMANFACTORS 43. EthicalDecisionMakingandHighTechnology JamesLandonLinderman 44. SecurityPolicyGuidelines M.E.KabayandBridgittRobertson 45. EmploymentPracticesandPolicies M.E.KabayandBridgittRobertson 46. VulnerabilityAssessment RebeccaGurleyBaceandJasonSinchak 47. OperationsSecurityandProductionControls M.E.Kabay,DonHolden,andMylesWalsh 48. EmailandInternetUsePolicies M.E.KabayandNicholasTakacs 49. ImplementingaSecurity-AwarenessProgram K.Rudolph 50. UsingSocialPsychologytoImplementSecurityPolicies M.E.Kabay,BridgittRobertson,ManiAkella,andD.T.Lang 51. SecurityStandardsforProducts PaulBrusilandNoelZakin PARTV DETECTINGSECURITYBREACHES 52. ApplicationControls MylesWalshandSusanBaumes 53. MonitoringandControlSystems CalebS.CogginsandDianeE.Levine 54. SecurityAudits DonaldGlass,RichardO.MooreIII,ChrisDavis,JohnMason, DavidGursky,JamesThomas,WendyCarr,M.E.Kabay,andDianeLevine 55. CyberInvestigation PeterStephenson

See more

The list of books you might like

Upgrade Premium
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.
DMCA & Copyright: Dear all, most of the website is community built, users are uploading hundred of books everyday, which makes really hard for us to identify copyrighted material, please contact us if you want any material removed.
Copyright @ PDFdrive.to, 2022 | We love our users