000 04351cam a2200289 a 4500
008 080320s2008 njua b 001 0 eng
010 _a2007032843
020 _a0321434838 (pbk.)
020 _a9780321434838
035 _a(Sirsi) u252
040 _aEG-CaNU
_cEG-CaNU
_dEG-CaNU
042 _ancode
082 0 0 _a005.8
_2 22
100 1 _aSmith, Sean W.,
_d 1964-
_94700
245 1 4 _aThe craft of system security /
_c Sean Smith, John Marchesini.
260 _aUpper Saddle River, NJ :
_b Addison-Wesley,
_c c2008.
300 _axxxiii, 557 p. :
_b ill. ;
_c 24 cm.
504 _aIncludes bibliographical references (p. 503-524) and index.
505 0 _aPreface -- Acknowledgments -- History -- Introduction -- The Standard Rubric -- The Matrix -- Other Views -- Safe States and the Access Control Matrix -- Other Hard Questions -- The Take-Home Message -- Project Ideas -- The Old Testament -- The Basic Framework -- Security Models -- The Orange Book -- INFOSEC, OPSEC, JOBSEC -- The Take-Home Message -- Project Ideas -- Old Principles, New World -- Solving the Wrong Problem? -- Lack of Follow-Through? -- Too Unwieldy? -- Saltzer and Schroeder -- Modern Relevance -- The Take-Home Messagev57 -- Project Ideas -- -- OS Security -- OS Background -- OS Security Primitives and Principles -- Real OSes: Everything but the Kitchen Sink -- When the Foundation Cracks -- Where Are We? -- The Take-Home Message -- Project Ideas -- Network Security -- Basic Framework -- Protocols -- The Network as a Battlefield -- The Brave New World -- The Take-Home Message -- Project Ideas -- Implementation Security -- Buffer Overflow -- Argument Validation and Other Mishaps -- TOCTOU -- Malware -- Programming Language Security -- Security in the Development Lifecycle -- The Take-Home Message -- Project Ideas -- -- Using Cryptography -- Framework and Terminology -- Randomness -- Symmetric Cryptography -- Applications of Symmetric Cryptography -- Public-Key Cryptography -- Hash Functions -- Practical Issues: Public Key -- Past and Future -- The Take-Home Message -- Project Ideas -- Subverting Cryptography -- Breaking Symmetric Key without Brute Force -- Breaking Symmetric Key with Brute Force -- Breaking Public Key without Factoring -- Breaking Cryptography via the Real World -- The Potential of Efficiently Factoring Moduli -- The Take-Home Message -- Project Ideas -- Authentication -- Basic Framework -- Authenticating Humans -- Human Factors -- From the Machine's Point of View -- Advanced Approaches -- Case Studies -- Broader Issues -- The Take-Home Message -- Project Ideas -- Public Key Infrastructure -- Basic Definitions -- Basic Structure -- Complexity Arrives -- Multiple CAs -- Revocation -- The X.509 World -- Dissent -- Ongoing Trouble -- The Take-Home Message -- Project Ideas -- Standards, Compliance, and Testing -- Standards -- Policy Compliance -- Testing -- The Take-Home Message -- Project Ideas -- -- The Web and Security -- Basic Structure -- Security Techniques -- Privacy Issues -- Web Services -- The Take-Home Message -- Project Ideas -- Office Tools and Security -- Word -- Lotus 1-2-3 -- PDF -- Cut-and-Paste -- PKI and Office Tools -- Mental Models -- The Take-Home Message -- Project Ideas -- Money, Time, Property -- Money -- Time -- Property -- The Take-Home Message -- Project Ideas -- Formal Methods and Security -- Specification -- Logics -- Cranking the Handle -- Case Studies -- Spinning Your Bank Account -- Limits -- The Take-Home Message -- Project Ideas.
520 _aAfter quickly reviewing the history of computer security, the authors move on to discuss the modern landscape, showing how security challenges and responses have evolved, and offering a coherent framework for understanding today's systems and vulnerabilities. Next, they systematically introduce the basic building blocks for securing contemporary systems, apply those building blocks to today's applications, and consider important emerging trends such as hardware-based security.
630 0 0 _aCIT.
_914
650 0 _aComputer security.
_94701
650 0 _aSystem design.
_964
650 0 _aComputer networks
_x Security measures.
_94702
700 1 _aMarchesini, John.
_94703
596 _a1
999 _c1645
_d1645