Computer Security: Art and Science, 2nd edition

Published by Addison-Wesley Professional (November 27, 2018) © 2019

  • Matt Bishop University of California - Davis
Products list

Access details

  • Digital eBook
  • Instant access
  • Available online, offline and via apps
  • Accessible through the VitalSource Bookshelf

Features

  • 4 new chapters
  • Make highlights and notes
  • Listen as the Bookshelf reads to you
Products list

Details

  • A print copy
  • Free shipping

Features

  • 4 new chapters
  • Case studies

An introduction to computer security

Today, everyone recognises the importance of safeguarding computer systems and networks from vulnerability, attack, and compromise. But computer security is neither an easy art nor a simple science: its methodologies and technologies require rigorous study, and a deep grounding in principles that can be applied even as technologies change. Moreover, practitioners must understand how to align concepts with real policies, and then actually implement those policies - managing inevitable tradeoffs such as 'How secure do our devices really need to be, and how much inconvenience can we accept?'

In his extensively updated Computer Security: Art and Science, Matt Bishop offers a clear, rigorous, and thorough introduction to the entire modern field of computer security. Bishop covers access control; security, confidentiality, integrity, availability, and hybrid policies; policy composition; cryptography; authentication; identity management; information flow; assurance; formal methods; system evaluation; vulnerability analysis; auditing; intrusion detection, and many other topics.

This edition adds four new chapters, including a brand-new chapter-length case study on the high-profile issue of electronic voting. Through this case study, Bishop demonstrates how principles, policies, procedures, and technology come together in a crucial real-world application.

  • Part I: Introduction
  • Chapter 1: An Overview of Computer Security
  • Part II: Foundations
  • Chapter 2: Access Control Matrix
  • Chapter 3: Foundational Results
  • Part III: Policy
  • Chapter 4: Security Policies
  • Chapter 5: Confidentiality Policies
  • Chapter 6: Integrity Policies
  • Chapter 7: Availability Policies
  • Chapter 8: Hybrid Policies
  • Chapter 9: Noninterference and Policy Composition
  • Part IV: Implementation I: Cryptography
  • Chapter 10: Basic Cryptography
  • Chapter 11: Key Management
  • Chapter 12: Cipher Techniques
  • Chapter 13: Authentication
  • Part V: Implementation II: Systems
  • Chapter 14: Design Principles
  • Chapter 15: Representing Identity
  • Chapter 16: Access Control Mechanisms
  • Chapter 17: Information Flow
  • Chapter 18: Confinement Problem
  • Part VI: Assurance
  • Chapter 19: Introduction to Assurance
  • Chapter 20: Building Systems with Assurance
  • Chapter 21: Formal Methods
  • Chapter 22: Evaluating Systems
  • Part VII: Special Topics
  • Chapter 23: Malware
  • Chapter 24: Vulnerability Analysis
  • Chapter 25: Auditing
  • Chapter 26: Intrusion Detection
  • Chapter 27: Attacks and Responses
  • Part VIII: Practicum
  • Chapter 28: Network Security
  • Chapter 29: System Security
  • Chapter 30: User Security
  • Chapter 31: Program Security
  • Part IX: Appendices
  • Appendix A: Lattices
  • Appendix B: The Extended Euclidean Algorithm
  • Appendix C: Entropy and Uncertainty
  • Appendix D: Virtual Machines
  • Appendix E: Symbolic Logic
  • Appendix F: The Encryption Standards
  • Appendix G: Example Academic Security Policy
  • Appendix H: Programming Rules

Need help? Get in touch