書誌事項

Computer system and network security

Gregory B. White, Eric A. Fisch, Udo W. Pooch

(CRC Press computer engineering series)

CRC Press, c1996

大学図書館所蔵 件 / 15

この図書・雑誌をさがす

注記

Includes bibliographical references and index

内容説明・目次

内容説明

Computer System and Network Security provides the reader with a basic understanding of the issues involved in the security of computer systems and networks. Introductory in nature, this important new book covers all aspects related to the growing field of computer security. Such complete coverage in a single text has previously been unavailable, and college professors and students, as well as professionals responsible for system security, will find this unique book a valuable source of information, either as a textbook or as a general reference. Computer System and Network Security discusses existing and potential threats to computer systems and networks and outlines the basic actions that are generally taken to protect them. The first two chapters of the text introduce the reader to the field of computer security, covering fundamental issues and objectives. The next several chapters describe security models, authentication issues, access control, intrusion detection, and damage control. Later chapters address network and database security and systems/networks connected to wide-area networks and internetworks. Other topics include firewalls, cryptography, malicious software, and security standards. The book includes case studies with information about incidents involving computer security, illustrating the problems and potential damage that can be caused when security fails. This unique reference/textbook covers all aspects of computer and network security, filling an obvious gap in the existing literature.

目次

Computer Security Fundamentals Objectives of Computer Security Issues Involved in Computer Security Privacy and Ethics Risk Analysis Theory Possible Loss (L) Probability of Loss Occurrence (P) Burden of Preventing Loss (B) Applying the Risk Analysis Equation Risk Analysis in Computer Security Terminology Application Developing Secure Computer Systems External Security Measures Structure of a Computer System Secure Computer System Issues Security Models Specification and Verification Security Models Bell and LaPadula Clark-Wilson Goguen-Meseguer TCSEC Discretionary Access Requirements Mandatory Access Requirements User Authentication Authentication Objectives Authentication Methods Informational Keys Physical Keys Biometric Keys Access and Information Flow Controls File Passwords Capabilities Based Access Control Lists Protection Bits Controls for Mandatory Access Trojan Horses AUDITING and INTRUSION DETECTION Audit Trail Features Intrusion Detection Systems User Profiling Intruder Profiling Signature Analysis Action Based IDES MIDAS Haystack Network Intrusion Detection Network Attack Characteristics NSM DIDS NADIR CSM Monitoring and the Law Damage Control and Assessment Damage Control Inform the Authorities Backup System Data Remove the Intruder Contain and Monitor the Intruder Lock Stolen Accounts Require Additional Authentication Damage Assessment Attack Recovery Damage Prevention Network Security Network Fundamentals Network Security Issues Basic Network Security Objectives and Threats Security Services The Trusted Network Interpretation TNI Security Service AIS Interconnection Issues Distributed Systems Security Firewalls Simple Damage Limiting Approaches Network Firewalls Packet Filtering Gateways Circuit Level Gateways Application Level Gateways Firewall Costs and Effectiveness Database Security Database Management System Primer DBMS Vulnerabilities and Responses Inference Aggregation Data Integrity Trojan Horses Cryptography Substitution Ciphers Caesar Cipher ROT13 Substitution Cipher Variations Vigenere Ciphers One Time Pads Transposition Ciphers Encrypting Digital Communication DES IDEA Key Escrow Public Key Cryptography Digital Signatures Malicious Software Viruses Worms Trojan Horses Time Bombs Security Standards The Federal Criteria The Common Criteria The Trusted Computer System Evaluation Criteria The Information Technology Security Evaluation Criteria Case Study The Hannover Hackers An Evening With Berferd The Internet Worm Appendix: Information Warfare

「Nielsen BookData」 より

関連文献: 1件中  1-1を表示

詳細情報

ページトップへ