Amazon cover image
Image from Amazon.com
Image from Google Jackets

The craft of system security / Sean Smith, John Marchesini.

By: Contributor(s): Material type: TextTextPublication details: Upper Saddle River, NJ : Addison-Wesley, c2008.Description: xxxiii, 557 p. : ill. ; 24 cmISBN:
  • 0321434838 (pbk.)
  • 9780321434838
Subject(s): DDC classification:
  • 005.8   22
Contents:
Preface -- Acknowledgments -- History -- Introduction -- The Standard Rubric -- The Matrix -- Other Views -- Safe States and the Access Control Matrix -- Other Hard Questions -- The Take-Home Message -- Project Ideas -- The Old Testament -- The Basic Framework -- Security Models -- The Orange Book -- INFOSEC, OPSEC, JOBSEC -- The Take-Home Message -- Project Ideas -- Old Principles, New World -- Solving the Wrong Problem? -- Lack of Follow-Through? -- Too Unwieldy? -- Saltzer and Schroeder -- Modern Relevance -- The Take-Home Messagev57 -- Project Ideas -- -- OS Security -- OS Background -- OS Security Primitives and Principles -- Real OSes: Everything but the Kitchen Sink -- When the Foundation Cracks -- Where Are We? -- The Take-Home Message -- Project Ideas -- Network Security -- Basic Framework -- Protocols -- The Network as a Battlefield -- The Brave New World -- The Take-Home Message -- Project Ideas -- Implementation Security -- Buffer Overflow -- Argument Validation and Other Mishaps -- TOCTOU -- Malware -- Programming Language Security -- Security in the Development Lifecycle -- The Take-Home Message -- Project Ideas -- -- Using Cryptography -- Framework and Terminology -- Randomness -- Symmetric Cryptography -- Applications of Symmetric Cryptography -- Public-Key Cryptography -- Hash Functions -- Practical Issues: Public Key -- Past and Future -- The Take-Home Message -- Project Ideas -- Subverting Cryptography -- Breaking Symmetric Key without Brute Force -- Breaking Symmetric Key with Brute Force -- Breaking Public Key without Factoring -- Breaking Cryptography via the Real World -- The Potential of Efficiently Factoring Moduli -- The Take-Home Message -- Project Ideas -- Authentication -- Basic Framework -- Authenticating Humans -- Human Factors -- From the Machine's Point of View -- Advanced Approaches -- Case Studies -- Broader Issues -- The Take-Home Message -- Project Ideas -- Public Key Infrastructure -- Basic Definitions -- Basic Structure -- Complexity Arrives -- Multiple CAs -- Revocation -- The X.509 World -- Dissent -- Ongoing Trouble -- The Take-Home Message -- Project Ideas -- Standards, Compliance, and Testing -- Standards -- Policy Compliance -- Testing -- The Take-Home Message -- Project Ideas -- -- The Web and Security -- Basic Structure -- Security Techniques -- Privacy Issues -- Web Services -- The Take-Home Message -- Project Ideas -- Office Tools and Security -- Word -- Lotus 1-2-3 -- PDF -- Cut-and-Paste -- PKI and Office Tools -- Mental Models -- The Take-Home Message -- Project Ideas -- Money, Time, Property -- Money -- Time -- Property -- The Take-Home Message -- Project Ideas -- Formal Methods and Security -- Specification -- Logics -- Cranking the Handle -- Case Studies -- Spinning Your Bank Account -- Limits -- The Take-Home Message -- Project Ideas.
Summary: After quickly reviewing the history of computer security, the authors move on to discuss the modern landscape, showing how security challenges and responses have evolved, and offering a coherent framework for understanding today's systems and vulnerabilities. Next, they systematically introduce the basic building blocks for securing contemporary systems, apply those building blocks to today's applications, and consider important emerging trends such as hardware-based security.
Tags from this library: No tags from this library for this title. Log in to add tags.
Star ratings
    Average rating: 0.0 (0 votes)
Holdings
Item type Current library Call number Copy number Status Date due Barcode
Books Books Main library General Stacks 005.8 / SM.C 2008 (Browse shelf(Opens below)) 1 Available 000493

Includes bibliographical references (p. 503-524) and index.

Preface -- Acknowledgments -- History -- Introduction -- The Standard Rubric -- The Matrix -- Other Views -- Safe States and the Access Control Matrix -- Other Hard Questions -- The Take-Home Message -- Project Ideas -- The Old Testament -- The Basic Framework -- Security Models -- The Orange Book -- INFOSEC, OPSEC, JOBSEC -- The Take-Home Message -- Project Ideas -- Old Principles, New World -- Solving the Wrong Problem? -- Lack of Follow-Through? -- Too Unwieldy? -- Saltzer and Schroeder -- Modern Relevance -- The Take-Home Messagev57 -- Project Ideas -- -- OS Security -- OS Background -- OS Security Primitives and Principles -- Real OSes: Everything but the Kitchen Sink -- When the Foundation Cracks -- Where Are We? -- The Take-Home Message -- Project Ideas -- Network Security -- Basic Framework -- Protocols -- The Network as a Battlefield -- The Brave New World -- The Take-Home Message -- Project Ideas -- Implementation Security -- Buffer Overflow -- Argument Validation and Other Mishaps -- TOCTOU -- Malware -- Programming Language Security -- Security in the Development Lifecycle -- The Take-Home Message -- Project Ideas -- -- Using Cryptography -- Framework and Terminology -- Randomness -- Symmetric Cryptography -- Applications of Symmetric Cryptography -- Public-Key Cryptography -- Hash Functions -- Practical Issues: Public Key -- Past and Future -- The Take-Home Message -- Project Ideas -- Subverting Cryptography -- Breaking Symmetric Key without Brute Force -- Breaking Symmetric Key with Brute Force -- Breaking Public Key without Factoring -- Breaking Cryptography via the Real World -- The Potential of Efficiently Factoring Moduli -- The Take-Home Message -- Project Ideas -- Authentication -- Basic Framework -- Authenticating Humans -- Human Factors -- From the Machine's Point of View -- Advanced Approaches -- Case Studies -- Broader Issues -- The Take-Home Message -- Project Ideas -- Public Key Infrastructure -- Basic Definitions -- Basic Structure -- Complexity Arrives -- Multiple CAs -- Revocation -- The X.509 World -- Dissent -- Ongoing Trouble -- The Take-Home Message -- Project Ideas -- Standards, Compliance, and Testing -- Standards -- Policy Compliance -- Testing -- The Take-Home Message -- Project Ideas -- -- The Web and Security -- Basic Structure -- Security Techniques -- Privacy Issues -- Web Services -- The Take-Home Message -- Project Ideas -- Office Tools and Security -- Word -- Lotus 1-2-3 -- PDF -- Cut-and-Paste -- PKI and Office Tools -- Mental Models -- The Take-Home Message -- Project Ideas -- Money, Time, Property -- Money -- Time -- Property -- The Take-Home Message -- Project Ideas -- Formal Methods and Security -- Specification -- Logics -- Cranking the Handle -- Case Studies -- Spinning Your Bank Account -- Limits -- The Take-Home Message -- Project Ideas.

After quickly reviewing the history of computer security, the authors move on to discuss the modern landscape, showing how security challenges and responses have evolved, and offering a coherent framework for understanding today's systems and vulnerabilities. Next, they systematically introduce the basic building blocks for securing contemporary systems, apply those building blocks to today's applications, and consider important emerging trends such as hardware-based security.

1

There are no comments on this title.

to post a comment.