Security In Computing 6th Edition

By (author) Pfleeger, Charles; By (author) Pfleeger, Shari Lawrence; By (author) Coles-Kemp Lizzie
Description:

The Art of Computer and Information Security: From Apps and Networks to Cloud and Crypto

Security in Computing, Sixth Edition, is today''s essential text for anyone teaching, learning, and practicing cybersecurity. It defines core principles underlying modern security policies, processes, and protection; illustrates them with up-to-date examples; and shows how to apply them in practice. Modular and flexibly organized, this book supports a wide array of courses, strengthens professionals'' knowledge of foundational principles, and imparts a more expansive understanding of modern security.

This extensively updated edition adds or expands coverage of artificial intelligence and machine learning tools; app and browser security; security by design; securing cloud, IoT, and embedded systems; privacy-enhancing technologies; protecting vulnerable individuals and groups; strengthening security culture; cryptocurrencies and blockchain; cyberwarfare; post-quantum computing; and more. It contains many new diagrams, exercises, sidebars, and examples, and is suitable for use with two leading frameworks: the US NIST National Initiative for Cybersecurity Education (NICE) and the UK Cyber Security Body of Knowledge (CyBOK).

• Core security concepts: Assets, threats, vulnerabilities, controls, confidentiality, integrity, availability, attackers, and attack types
• The security practitioner''s toolbox: Identification and authentication, access control, and cryptography
• Areas of practice: Securing programs, user–internet interaction, operating systems, networks, data, databases, and cloud computing
• Cross-cutting disciplines: Privacy, management, law, and ethics
• Using cryptography: Formal and mathematical underpinnings, and applications of cryptography
• Emerging topics and risks: AI and adaptive cybersecurity, blockchains and cryptocurrencies, cyberwarfare, and quantum computing

Register your book for convenient access to downloads, updates, and/or corrections as they become available. See inside book for details.

Table of contents:

Foreword xix
Preface xxv
Acknowledgments xxxi
About the Authors xxxiii

Chapter 1: Introduction 1
1.1 What Is Computer Security? 3
1.2 Threats 6
1.3 Harm 24
1.4 Vulnerabilities 30
1.5 Controls 30
1.6 Conclusion 33
1.7 What''s Next? 34
1.8 Exercises 36

Chapter 2: Toolbox: Authentication, Access Control, and Cryptography 38
2.1 Authentication 40
2.2 Access Control 78
2.3 Cryptography 93
2.4 Conclusion 137
2.5 Exercises 138

Chapter 3: Programs and Programming 141
3.1 Unintentional (Nonmalicious) Programming Oversights 143
3.2 Malicious Code--Malware 178
3.3 Countermeasures 211
3.4 Conclusion 245
3.5 Exercises 245

Chapter 4: The Internet--User Side 248
4.1 Browser Attacks 251
4.2 Attacks Targeting Users 265
4.3 Obtaining User or Website Data 280
4.4 Mobile Apps 289
4.5 Email and Message Attacks 310
4.6 Conclusion 320
4.7 Exercises 321

Chapter 5: Operating Systems 323
5.1 Security in Operating Systems 323
5.2 Security in the Design of Operating Systems 351
5.3 Rootkits 371
5.4 Conclusion 382
5.5 Exercises 382

Chapter 6: Networks 385
6.1 Network Concepts 386
Part I--War on Networks: Network Security Attacks 399
6.2 Threats to Network Communications 400
6.3 Wireless Network Security 421
6.4 Denial of Service 443
6.5 Distributed Denial of Service 468
Part II--Strategi