Table Of Content

ENGINEERING INFORMATION SECURITY IEEEPress 445HoesLane Piscataway,NJ08854 IEEEPressEditorialBoard LajosHanzo,EditorinChief R.Abari M.El-Hawary S.Nahavandi J.Anderson B.M.Hammerli W.Reeve F.Canavero M.Lanzerotti T.Samad T.G.Croda O.Malik G.Zobrist KennethMoore,DirectorofIEEEBookandInformationServices(BIS) IEEEPRESSSERIESONINFORMATION&COMMUNICATION NETWORKSSECURITY SERIESEDITOR StamatiosKartalopoulos SecurityofInformationandCommunicationNetworks StamatiosKartalopoulos EngineeringInformationSecurity:TheApplicationofSystemsEngineering ConceptstoAchieveInformationAssurance StuartJacobs ENGINEERING INFORMATION SECURITY The Application of Systems Engineering Concepts to Achieve Information Assurance Stuart Jacobs Copyright(cid:1)2011byInstituteofElectricalandElectronicsEngineers. Allrightsreserved. PublishedbyJohnWiley&Sons,Inc.,Hoboken,NewJersey. PublishedsimultaneouslyinCanada. Nopartofthispublicationmaybereproduced,storedinaretrievalsystem,ortransmittedinanyform orbyanymeans,electronic,mechanical,photocopying,recording,scanning,orotherwise,exceptas permittedunderSection107or108ofthe1976UnitedStatesCopyrightAct,withouteithertheprior writtenpermissionofthePublisher,orauthorizationthroughpaymentoftheappropriateper-copy feetotheCopyrightClearanceCenter,Inc.,222RosewoodDrive,Danvers,MA01923,(978)750-8400, fax (978) 750-4470, or on the web at www.copyright.com. Requests to the Publisher for permission shouldbeaddressedtothePermissionsDepartment,JohnWiley&Sons,Inc.,111RiverStreet,Hoboken, NJ 07030, (201) 748-6011, fax (201) 748-6008, or online at http://www.wiley.com/go/permission. LimitofLiability/DisclaimerofWarranty:Whilethepublisherandauthorhaveusedtheirbesteffortsin preparingthisbook,theymakenorepresentationsorwarrantieswithrespecttotheaccuracyorcompletenessof thecontentsofthisbookandspecificallydisclaimanyimpliedwarrantiesofmerchantabilityorfitnessfora particularpurpose.Nowarrantymaybecreatedorextendedbysalesrepresentativesorwrittensalesmaterials. Theadviceandstrategiescontainedhereinmaynotbesuitableforyoursituation.Youshouldconsultwitha professionalwhereappropriate.Neitherthepublishernorauthorshallbeliableforanylossofprofitoranyother commercialdamages,includingbutnotlimitedtospecial,incidental,consequential,orotherdamages. Forgeneralinformationonourotherproductsandservicesorfortechnicalsupport,pleasecontactour CustomerCareDepartmentwithintheUnitedStatesat(800)762-2974,outsidetheUnitedStatesat (317)572-3993orfax(317)572-4002. Wileyalsopublishesitsbooksinavarietyofelectronicformats.Somecontentthatappearsinprintmay notbeavailableinelectronicformats.FormoreinformationaboutWileyproducts,visitourwebsite at www.wiley.com. LibraryofCongressCataloging-in-PublicationData: Jacobs,Stuart. Engineeringinformationsecurity:Theapplicationofsystemsengineeringconceptstoachieveinformation assurance/StuartJacobs. p.cm. ISBN978-0-470-56512-4(hardback) 1. Computersecurity.2. Computernetworks–Securitymeasures.3. Informationtechnology–Security measures.4. Dataprotection. I. Title. QA76.9.A25J3252010 005.8–dc22 2010028408 oBookISBN:978-0-470-94791-3 ePDFISBN: 978-0-470-94783-8 ePubISBN: 978-1-118-00901-7 PrintedinSingapore. 10 9 8 7 6 5 4 3 2 1 This book is dedicated to my wife, Eileen, for her patience with my spending so much time at the keyboard rather than with her. CONTENTS Preface and Acknowledgments xxiii 1 WHAT ISSECURITY? 1 1.1 Introduction 1 1.2 The Subject ofSecurity 2 1.2.1 Branchesof Security 2 1.2.2 DefiningSecurityby Function 5 1.2.2.1 Risk Avoidance 5 1.2.2.2 Deterrence 5 1.2.2.3 Prevention 6 1.2.2.4 Detection 7 1.2.2.5 Recovery 7 1.2.3 The Common Body of Knowledge (CBK) Security Domains 7 1.2.3.1 Access ControlSystems and Methodology 8 1.2.3.2 Application and Systems DevelopmentSecurity 9 1.2.3.3 BusinessContinuityPlanningand DisasterRecovery Planning 10 1.2.3.4 Cryptography 10 1.2.3.5 InformationSecurity andRisk Management 11 1.2.3.6 Legal,Regulations, Compliance, and Investigations 11 1.2.3.7 Operations Security 12 1.2.3.8 PhysicalSecurity 13 1.2.3.9 SecurityArchitecture and Models 14 1.2.3.10 Telecommunicationsand NetworkSecurity 14 1.2.3.11 CBK Summary 15 1.3 ATwenty-First Century Tale 15 1.3.1 The Actors 15 1.3.1.1 Bob’s Story 15 1.3.1.2 Carol’s Story 16 1.3.1.3 Alice’s Story 17 vii viii CONTENTS 1.3.2 What Actually Occurred 17 1.3.3 HowCouldAll This HaveBeen Prevented? 19 1.3.4 TheyDid Not LiveHappily EverAfter 20 1.4 Why are You Important to Computer Security? 21 1.4.1 What are the Threats toYourComputer? 22 1.4.2 As a User, What toDo? 23 1.5 End ofthe Beginning 23 1.6 ChapterSummary 25 1.7 Further Reading and Resources 26 1.8 Questions 26 1.9 Exercises 27 2 SYSTEMS ENGINEERING 29 2.1 So What IsSystems Engineering? 29 2.1.1 SIMILARSystems EngineeringProcess 30 2.1.1.1 Statingthe Problem 32 2.1.1.2 InvestigateAlternativesand Model the System 33 2.1.1.3 Develop/Integrate 34 2.1.1.4 Launch the System 35 2.1.1.5 Assess Performance 36 2.1.1.6 Re-evaluate 36 2.1.2 Another Systems Engineering View 36 2.1.3 ProcessVariations 37 2.2 ProcessManagement 37 2.2.1 ISO 9000 Processes andProcedures 39 2.2.2 Capability MaturityModel (CMM) 41 2.3 Organization Environments 44 2.3.1 Economic, Legal,and Political Contexts 44 2.3.1.1 Regulations/Legislation 45 2.3.1.2 Market-BasedRegulations 47 2.3.1.3 TechnologyEvolution 48 2.3.1.4 Customer Demandsand Expectations 49 2.3.1.5 LegalLiability 49 2.3.1.6 Competition 49 2.3.1.7 Terrorism andCyberCrime 49 2.3.2 Business/Organizational Types 50 2.3.2.1 Commercial 51

Description:

Information security is the act of protecting information from unauthorized access, use, disclosure, disruption, modification, or destruction. This book discusses why information security is needed and how security problems can have widespread impacts. It covers the complete security lifecycle of pr

Engineering Information Security: The Application of Systems Engineering Concepts to Achieve Information Assurance PDF

728 Pages·2011·9 MB·English

by Stuart Jacobs

Checking for file health...

Download

Upgrade Premium

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Download Engineering Information Security: The Application of Systems Engineering Concepts to Achieve Information Assurance PDF Free - Full Version

by Stuart Jacobs| 2011| 728 pages| 9| English

Download Engineering Information Security: The Application of Systems Engineering Concepts to Achieve Information Assurance by Stuart Jacobs in PDF format completely FREE. No registration required, no payment needed. Get instant access to this valuable resource on PDFdrive.to!

Free Download PDF

About Engineering Information Security: The Application of Systems Engineering Concepts to Achieve Information Assurance

Detailed Information

Author:	Stuart Jacobs
Publication Year:	2011
Pages:	728
Language:	English
File Size:	9
Format:	PDF
Price:	FREE

Download Free PDF

Safe & Secure Download - No registration required

Why Choose PDFdrive for Your Free Engineering Information Security: The Application of Systems Engineering Concepts to Achieve Information Assurance Download?

100% Free: No hidden fees or subscriptions required for one book every day.
No Registration: Immediate access is available without creating accounts for one book every day.
Safe and Secure: Clean downloads without malware or viruses
Multiple Formats: PDF, MOBI, Mpub,... optimized for all devices
Educational Resource: Supporting knowledge sharing and learning

Frequently Asked Questions

Is it really free to download Engineering Information Security: The Application of Systems Engineering Concepts to Achieve Information Assurance PDF?

Yes, on https://PDFdrive.to you can download Engineering Information Security: The Application of Systems Engineering Concepts to Achieve Information Assurance by Stuart Jacobs completely free. We don't require any payment, subscription, or registration to access this PDF file. For 3 books every day.

How can I read Engineering Information Security: The Application of Systems Engineering Concepts to Achieve Information Assurance on my mobile device?

After downloading Engineering Information Security: The Application of Systems Engineering Concepts to Achieve Information Assurance PDF, you can open it with any PDF reader app on your phone or tablet. We recommend using Adobe Acrobat Reader, Apple Books, or Google Play Books for the best reading experience.

Is this the full version of Engineering Information Security: The Application of Systems Engineering Concepts to Achieve Information Assurance?

Yes, this is the complete PDF version of Engineering Information Security: The Application of Systems Engineering Concepts to Achieve Information Assurance by Stuart Jacobs. You will be able to read the entire content as in the printed version without missing any pages.

Is it legal to download Engineering Information Security: The Application of Systems Engineering Concepts to Achieve Information Assurance PDF for free?

https://PDFdrive.to provides links to free educational resources available online. We do not store any files on our servers. Please be aware of copyright laws in your country before downloading.

The materials shared are intended for research, educational, and personal use in accordance with fair use principles.