The fifth edition of the book Computer Security provides a balanced and comprehensive overview of the principles and practices governing computer and network security, as well as an overview of relevant developments.
Across its five parts, the book describes the technology and principles of computer security, software and system security, various management issues, cryptographic algorithms, and network security. The organization and analysis of the topics are based on four key axes: fundamental principles, design approaches, standards, and real-world examples.
In this fifth edition, the content of several chapters has been updated, and new chapters have been added, covering multi-factor authentication and authentication via mobile devices, mandatory access controls, social engineering and ransomware attacks, supply chain attacks and corporate email breaches, trusted computing systems, security awareness and training, the European Union’s General Data Protection Regulation (GDPR), the ChaCha20 stream cipher, and the Galois counter mode.
Additionally, updated lists of the most critical software errors and key security control mechanisms are provided.
The book also includes an extensive glossary, a list of common abbreviations, and references. At the end of each chapter, there are practice problems, review questions, and a list of key terms.
Contents:
- Cryptographic tools
- User authentication
- Access control
- Database and data center security
- Malware
- Denial-of-Service attacks
- Intrusion detection
- Firewalls and intrusion prevention systems
- Buffer overflow
- Software security
- Operating system security
- Cloud security and Internet of Things security
- IT security management and risk assessment
- Security control mechanisms, plans, and procedures
- Physical security and infrastructure protection
- Human resources security
- Security management monitoring
- Legal and ethical considerations
- Symmetric encryption and message confidentiality
- Public key cryptography and message authentication
- Internet security protocols and standards
- Internet authentication applications
- Wireless network security