Skip To Page Navigation|Skip To Page Content

Addison-Wesley / Prentice Hall

Business

My Instructor Resource Center : Log in or request access

Security in Computing, 3/E
Charles P. Pfleeger
Shari Lawrence Pfleeger

ISBN-10: 0130355488
ISBN-13: 9780130355485

Publisher: Prentice Hall
Copyright: 2003
Format: Cloth; 746 pp
Published: 12/02/2002

This item has been replaced by Security in Computing, 4/E.

Request a printed exam copy

Email this page to a colleague
Prepare for the First Day of Class
Learn about customization options

Appropriate for beginning to intermediate courses in computer security.

This sweeping revision of the classic computer security book provides an authoritative overview of computer security for every type of system, from traditional centralized systems to distributed networks and the Internet. The Third Edition has been updated to reflect the state-of-the-art in networking; cryptography; program and operating system security; administration; legal, privacy, and ethical issues, and much more. It combines core computer science concepts related to operating systems, networks, data bases, and programming, with accessible discussions of the use of cryptography and protocols. The book describes each important area from a developer's or user's point of view, lays out the security vulnerabilities and threats, and follows countermeasures to address them. Their book's layered approach is ideal for instructors who wish to customize courses based on their unique requirements. They also provide extensive pedagogical resources–including overviews, end-of-chapter reviews, lists of key terms, and updated exercises and references.

The authors are recognized experts in their fields. Lead author Dr. Charles P. Pfleeger, CISSP, is currently Master Security Architect for Cable & Wireless, one of the world's leading providers of Internet and secure infrastructure services. Co-author Dr. Shari Lawrence Pfleeger is a Senior Researcher at RAND Corporation, a not-for-profit company providing strategy and decision-making support in the public interest. They are the authors of more than a dozen previous books on computer security, software engineering, software measurement, software quality, and programming.

Supplements including a solutions manual, PowerPoints and a companion website are available. In the "Resources" box above, please click on "Instructor."

The much-anticipated revision of Pfleeger's best-selling introduction to security in computing!

° Covers latest network threats–including denial of service, buffer overflow -- explaining the symptom and the cure!

° Adopts a comprehensive approach -- shows the relationships among applications, operating systems, database management systems, and networks in terms of threats and controls

° Covers privacy and ethical issues, often omitted from security books

Completely revised network coverage—Covers new attacks on networks, including denial of service, distributed denial of service, and malicious mobile code. Also describes countermeasures such as intrusion detection systems, one-time authentication, firewalls, and virtual private networks.
- Introduces students to the breadth of network issues and helps them to understand the nature of threats and countermeasures in order to address new threats.

Privacy-related security issues—Contains entirely new section on privacy threats, controls, and related issues.
- Gives students insight into the implications of computer security for individual privacy-one of today's most important and controversial political issues.

Thoroughly reorganized and updated cryptography coverage—Separates the concepts of cryptography as a protection tool from its underlying design. Includes state-of-the-art discussions of digital signatures, certificates, public key infrastructures, and leading-edge quantum cryptography.
- Helps students know how to use cryptographic technologies to protect their data, as well as breakthrough technologies likely to be used widely in the coming years. Also introduces students to the mathematical and theoretical sources upon which cryptographic algorithms are based.

Extensive new coverage of program security—Describes in detail buffer overflows, unchecked accesses, and malicious code, such as viruses, worms, and Trojan horses. Introduces controls on programs, such as development practices and constrained execution environments.
- Gives programming students practical information for building more secure software systems.

—Thoroughly revamped coverage of protection in both general-purpose and trusted operating systems—Covers security functions in operating systems, design principles for high assurance trusted systems, and standards and techniques for independent evaluation.
- Helps students design and build more secure operating systems and assess and compare security of existing ones.

Foreword.

Preface to the Third Edition.

1. Is There a Security Problem in Computing?

What Does “Secure” Mean? Attacks. The Meaning of Computer Security. Computer Criminals. Methods of Defense. What's Next. Summary. Terms and Concepts. Where the Field Is Headed. To Learn More. Exercises.

2. Elementary Cryptography.

Terminology and Background. Substitution Ciphers. Transposition (Permutations). Making “Good” Encryption Algorithms. The Data Encryption Standard (DES). The AES Encryption Algorithm. Public Key Encryption. The Uses of Encryption. Summary of Encryption. Terms and Concepts. Where the Field Is Headed. To Learn More. Exercises.

3. Program Security.

Secure Programs. Nonmalicious Program Errors. Viruses and Other Malicious Code. Targeted Malicious Code. Controls Against Program Threats. Summary of Program Threats and Controls. Terms and Concepts. Where the Field Is Headed. To Learn More. Exercises.

4. Protection in General-Purpose Operating Systems.

Protected Objects and Methods of Protection. Memory and Address Protection. Control of Access to General Objects. File Protection Mechanisms. User Authentication. Summary of Security for Users. Terms and Concepts. Where the Field Is Headed. To Learn More. Exercises.

5.Designing Trusted Operating Systems.

What Is a Trusted System? Security Policies. Models of Security. Trusted Operating System Design. Assurance in Trusted Operating Systems. Implementation Examples. Summary of Security in Operating Systems. Terms and Concepts. Where the Field Is Headed. To Learn More. Exercises.

6. Database Security.

Introduction to Databases. Security Requirements. Reliability and Integrity. Sensitive Data. Inference. Multilevel Databases. Proposals for Multilevel Security. Summary of Database Security. Terms and Concepts. Where the Field Is Headed. To Learn More. Exercises.

7. Security in Networks.

Network Concepts. Threats in Networks. Network Security Controls. Firewalls. Intrusion Detection Systems. Secure E-Mail. Summary of Network Security. Terms and Concepts. Where the Field Is Headed. To Learn More. Exercises.

8. Administering Security.

Security Planning. Risk Analysis. Organizational Security Policies. Physical Security. Summary. Terms and Concepts. To Learn More. Exercises.

9. Legal, Privacy, and Ethical Issues in Computer Security.

Protecting Programs and Data. Information and the Law. Rights of Employees and Employers. Software Failures. Computer Crime. Privacy. Ethical Issues in Computer Security. Case Studies of Ethics. Case I: Use of Computer Services. Case II: Privacy Rights. Case III: Denial of Service. Case IV: Ownership of Programs. Case V: Proprietary Resources. Case VI: Fraud. Case VII: Accuracy of Information. Case VIII: Ethics of Hacking or Cracking. Codes of Ethics. Conclusion of Computer Ethics. Terms and Concepts. To Learn More. Exercises.

10. Cryptography Explained.

Mathematics for Cryptography. Symmetric Encryption. Public Key Encryption Systems. Quantum Cryptography. Summary of Encryption. Terms and Concepts. Where the Field Is Headed. To Learn More. Exercises.

Bibliography.

Index.

Corporate, Computer and Network Security [CAREER TITLES] (MIS)

Instructor's Manual, 4/E
Pfleeger & Pfleeger
©2007 | Prentice Hall | Paper; 96 pp | Instock
ISBN-10: 0132342596 | ISBN-13: 9780132342599
Security in Computing, 4/E
Pfleeger & Pfleeger
©2007 | Prentice Hall | Cloth; 880 pp | Instock
ISBN-10: 0132390779 | ISBN-13: 9780132390774
Buy from myPearsonStore

View a Sample Chapter PDF:/samplechapter/0130355488.pdf

CHARLES P. PFLEEGER is a Master Security Architect for Cable & Wireless, the world's premier web hosting and Internet solutions provider. He regularly advises clients on secure design and implementation of network applications and architectures.

SHARI LAWRENCE PFLEEGER, senior researcher for RAND, is author of eight books on software engineering, measurement, and quality, including Software Engineering: Theory and Practice, Second Edition (Prentice Hall). She was named by The Journal of Systems and Software as one of the world's top software engineering researchers.

Foreword by Willis H. Ware.

The classic guide to information security—fully updated for the latest attacks and countermeasures

Security in Computing, Third Edition systematically demonstrates how to control failures of confidentiality, integrity, and availability in applications, databases, operating systems, and networks alike.

This sweeping revision of the field's classic guide to computer security reflects today's entirely new generation of network- and Internet-based threats and vulnerabilities, and offers practical guidance for responding to them.

Updated to cover wireless security, intrusion detection, AES, DRM, biometrics, honeypots, online privacy, and more
Security in Internet-based, distributed, desktop and traditional centralized applications
New attacks, including scripted vulnerability probing, denial of service, and buffer overflows—with symptoms and cures
Clear, accessible introduction to cryptography—without sophisticated math
Up-to-the-minute explanations of digital signatures, certificates, and leading-edge quantum cryptography
Thoroughly revamped coverage of software engineering practices designed to enhance program security
Expanded coverage of risk management, contingency planning, and security policies
Detailed presentation of protection in general-purpose and trusted operating systems
Extensive pedagogical resources: end-of-chapter reviews and exercises, lists of key terms, and authoritative references

Exceptionally clear and easy to understand, the book covers not only technical issues, but also law, privacy, ethics, and the physical and administrative aspects of security.

The companion website (http://www.phptr.com/pfleeger/) contains additional information, book updates, and instructor's resources.

Companion Website, 3/E
NONE
©2003 | Prentice Hall | On-line Supplement | Instock
ISBN-10: 0131423339 | ISBN-13: 9780131423336

Solution Manual, 3/E
Pfleeger & Pfleeger
©2003 | Prentice Hall | Paper | Instock
ISBN-10: 0131019899 | ISBN-13: 9780131019898

Companion Website, 3/E
NONE
©2003 | Prentice Hall | On-line Supplement | Instock
ISBN-10: 0131423339 | ISBN-13: 9780131423336

Interwrite Personal Response System
EduCue, Addison-Wesley & Benjamin Cummings
©2004 | Prentice Hall | Electronic Supplement | Instock
ISBN-10: 0321267354 | ISBN-13: 9780321267351

Companion Website, 3/E
NONE
©2003 | Prentice Hall | On-line Supplement | Instock
ISBN-10: 0131423339 | ISBN-13: 9780131423336

Pearson Higher Education offers special pricing when you choose to package your text with other student resources. If you're interested in creating a cost-saving package for your students contact your Pearson Higher Education representative.