Introduction to Computer Security
Autor Michael Goodrich, Roberto Tamassiaen Limba Engleză Paperback – 14 aug 2013
A new Computer Security textbook for a new generation of IT professionals.
Unlike most other computer security textbooks available today, Introduction to Computer Security, 1e does NOT focus on the mathematical and computational foundations of security, and it does not assume an extensive background in computer science. Instead it looks at the systems, technology, management, and policy side of security, and offers students fundamental security concepts and a working knowledge of threats and countermeasures with ?just-enough? background in computer science. The result is a presentation of the material that is accessible to students of all levels.
Preț: 513.85 lei
Preț vechi: 590.64 lei
-13% Nou
Puncte Express: 771
Preț estimativ în valută:
98.34€ • 103.75$ • 81.96£
98.34€ • 103.75$ • 81.96£
Carte disponibilă
Livrare economică 12-26 decembrie
Livrare express 27 noiembrie-03 decembrie pentru 51.80 lei
Preluare comenzi: 021 569.72.76
Specificații
ISBN-13: 9781292025407
ISBN-10: 1292025409
Pagini: 520
Dimensiuni: 218 x 273 x 19 mm
Greutate: 1.11 kg
Editura: Pearson Education
ISBN-10: 1292025409
Pagini: 520
Dimensiuni: 218 x 273 x 19 mm
Greutate: 1.11 kg
Editura: Pearson Education
Cuprins
1 Introduction 1 1.1 Fundamental Concepts . . . . . . . . . . . . . . . . . . . . . 2 1.2 Access Control Models . . . . . . . . . . . . . . . . . . . . . 19 1.3 Cryptographic Concepts . . . . . . . . . . . . . . . . . . . . . 25 1.4 Implementation and Usability Issues . . . . . . . . . . . . . . 39 1.5 Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46 2 Physical Security 55 2.1 Physical Protections and Attacks . . . . . . . . . . . . . . . . 56 2.2 Locks and Safes . . . . . . . . . . . . . . . . . . . . . . . . . 57 2.3 Authentication Technologies . . . . . . . . . . . . . . . . . . . 71 2.4 Direct Attacks Against Computers . . . . . . . . . . . . . . . 88 2.5 Special-Purpose Machines . . . . . . . . . . . . . . . . . . . 99 2.6 Physical Intrusion Detection . . . . . . . . . . . . . . . . . . . 13 2.7 Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106
3 Operating Systems Security 113 3.1 Operating Systems Concepts . . . . . . . . . . . . . . . . . . 114
3.2 Process Security . . . . . . . . . . . . . . . . . . . . . . . . . 130 3.3 Memory and Filesystem Security . . . . . . . . . . . . . . . . 136
3.4 Application Program Security . . . . . . . . . . . . . . . . . . 149 3.5 Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166
4 Malware 173
4.1 Insider Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . 174 4.2 Computer Viruses . . . . . . . . . . . . . . . . . . . . . . . . 181 4.3 Malware Attacks . . . . . . . . . . . . . . . . . . . . . . . . . 188 4.4 Privacy-Invasive Software . . . . . . . . . . . . . . . . . . . . 202
4.5 Countermeasures . . . . . . . . . . . . . . . . . . . . . . . . 208 4.6 Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 215
5 Network Security I 221 5.1 Network Security Concepts . . . . . . . . . . . . . . . . . . . 222 5.2 The Link Layer . . . . . . . . . . . . . . . . . . . . . . . . . . 229 5.3 The Network Layer . . . . . . . . . . . . . . . . . . . . . . . . 236 5.4 The Transport Layer . . . . . . . . . . . . . . . . . . . . . . . 246 5.5 Denial-of-Service Attacks . . . . . . . . . . . . . . . . . . . . 256
5.6 Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 264
6 Network Security II 269 6.1 The Application Layer and DNS . . . . . . . . . . . . . . . . . 270 6.2 Firewalls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 287 6.3 Tunneling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 292
6.4 Intrusion Detection . . . . . . . . . . . . . . . . . . . . . . . . 299 6.5 Wireless Networking . . . . . . . . . . . . . . . . . . . . . . . 313
6.6 Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 322
7 Web Security 327 7.1 The World Wide Web . . . . . . . . . . . . . . . . . . . . . . 328 7.2 Attacks on Clients . . . . . . . . . . . . . . . . . . . . . . . . 347
7.3 Attacks on Servers . . . . . . . . . . . . . . . . . . . . . . . . 368 7.4 Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 382
8 Cryptography 387 8.1 Symmetric Cryptography . . . . . . . . . . . . . . . . . . . . 388 8.2 Public-Key Cryptography . . . . . . . . . . . . . . . . . . . . . 406 8.3 Cryptographic Hash Functions . . . . . . . . . . . . . . . . . 417 8.4 Digital Signatures . . . . . . . . . . . . . . . . . . . . . . . . . 421 8.5 Details on AES and RSA . . . . . . . . . . . . . . . . . . . . 425 8.6 Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 439
9 Distributed-Applications Security 487 9.1 Database
3 Operating Systems Security 113 3.1 Operating Systems Concepts . . . . . . . . . . . . . . . . . . 114
3.2 Process Security . . . . . . . . . . . . . . . . . . . . . . . . . 130 3.3 Memory and Filesystem Security . . . . . . . . . . . . . . . . 136
3.4 Application Program Security . . . . . . . . . . . . . . . . . . 149 3.5 Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166
4 Malware 173
4.1 Insider Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . 174 4.2 Computer Viruses . . . . . . . . . . . . . . . . . . . . . . . . 181 4.3 Malware Attacks . . . . . . . . . . . . . . . . . . . . . . . . . 188 4.4 Privacy-Invasive Software . . . . . . . . . . . . . . . . . . . . 202
4.5 Countermeasures . . . . . . . . . . . . . . . . . . . . . . . . 208 4.6 Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 215
5 Network Security I 221 5.1 Network Security Concepts . . . . . . . . . . . . . . . . . . . 222 5.2 The Link Layer . . . . . . . . . . . . . . . . . . . . . . . . . . 229 5.3 The Network Layer . . . . . . . . . . . . . . . . . . . . . . . . 236 5.4 The Transport Layer . . . . . . . . . . . . . . . . . . . . . . . 246 5.5 Denial-of-Service Attacks . . . . . . . . . . . . . . . . . . . . 256
5.6 Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 264
6 Network Security II 269 6.1 The Application Layer and DNS . . . . . . . . . . . . . . . . . 270 6.2 Firewalls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 287 6.3 Tunneling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 292
6.4 Intrusion Detection . . . . . . . . . . . . . . . . . . . . . . . . 299 6.5 Wireless Networking . . . . . . . . . . . . . . . . . . . . . . . 313
6.6 Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 322
7 Web Security 327 7.1 The World Wide Web . . . . . . . . . . . . . . . . . . . . . . 328 7.2 Attacks on Clients . . . . . . . . . . . . . . . . . . . . . . . . 347
7.3 Attacks on Servers . . . . . . . . . . . . . . . . . . . . . . . . 368 7.4 Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 382
8 Cryptography 387 8.1 Symmetric Cryptography . . . . . . . . . . . . . . . . . . . . 388 8.2 Public-Key Cryptography . . . . . . . . . . . . . . . . . . . . . 406 8.3 Cryptographic Hash Functions . . . . . . . . . . . . . . . . . 417 8.4 Digital Signatures . . . . . . . . . . . . . . . . . . . . . . . . . 421 8.5 Details on AES and RSA . . . . . . . . . . . . . . . . . . . . 425 8.6 Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 439
9 Distributed-Applications Security 487 9.1 Database