Information security handbook
著者
書誌事項
Information security handbook
Macmillan Publishers , Stockton Press, 1991
大学図書館所蔵 全11件
  青森
  岩手
  宮城
  秋田
  山形
  福島
  茨城
  栃木
  群馬
  埼玉
  千葉
  東京
  神奈川
  新潟
  富山
  石川
  福井
  山梨
  長野
  岐阜
  静岡
  愛知
  三重
  滋賀
  京都
  大阪
  兵庫
  奈良
  和歌山
  鳥取
  島根
  岡山
  広島
  山口
  徳島
  香川
  愛媛
  高知
  福岡
  佐賀
  長崎
  熊本
  大分
  宮崎
  鹿児島
  沖縄
  韓国
  中国
  タイ
  イギリス
  ドイツ
  スイス
  フランス
  ベルギー
  オランダ
  スウェーデン
  ノルウェー
  アメリカ
注記
Includes index
内容説明・目次
内容説明
Automation of clerical processes makes information systems more vulnerable, because they no longer require the prudent manual checks and balances which were once an unspoken part of the job. When combined with the pressures of cost of implementation and timescale, this has meant that few, if any, security controls have been built into these systems. This book examines modern systems of information security and how, in the modern office environment, security systems have often been overlooked. The authors argue that it is often the case that security deficits are not detected until a breach of security occurs. This means that security systems are not implemented until a breach of security occures. Information sources have consequently become more attractive for criminal and terrorist groups who are then in a position to demand high rewards for minimal effort. A single compromised password can lead to fraud involving electronic funds transfer (EFT), or to exposure of corporate secrets through industrial espionage.
This book is designed to help managers to become acquainted with the risks involved and to help them to minimize the chance of an unwanted incident and reduce the effect of any damage. The first chapter provides the foundation upon which subsequent sections are built, but the authors do not expect the work to be read in sequence, from cover to cover, as a novel. Hence a question and answer format has been adopted.
目次
- Security management and policy
- risk management
- contingency planning and damage avoidance
- information security and the law
- monitoring and audit control
- access control
- security of stored data and programs
- communications security
- formal models of secure systems.
「Nielsen BookData」 より