Название: Security in Computing, 6th Edition (Rough Cuts)Автор: Charles Pfleeger, Shari Lawrence Pfleeger, Lizzie Coles-Kemp
Издательство: Addison-Wesley/Pearson
Год: 2023
Страниц: 960
Язык: английский
Формат: epub
Размер: 10.17 MB
The New State of the Art in Information Security: From Cloud to Crypto, AI-Driven Security to Post-Quantum Computing.
Now extensively updated throughout, Security in Computing, Sixth Edition, is today's one-stop, primary text for everyone teaching, learning, and practicing information cybersecurity. It defines core principles associated with modern security policies, processes, and protection; illustrates them with up-to-date sidebars and examples; and shows how to apply them in practice. Modular and flexibly organized, it supports a wide array of courses, strengthens professionals' knowledge of foundational principles; and imparts a more expansive understanding of modern security.
This edition adds or expands coverage of artificial intelligence and machine learning tools; app and browser security; security by design; securing cloud, IoT, and embedded systems; privacy-enhancing technologies; protecting vulnerable individuals and groups; strengthening security culture; cryptocurrencies and blockchain; offensive cyberwarfare; post-quantum computing; and more. It contains many new diagrams, exercises, sidebars, and examples, and is mapped to two leading frameworks: the US NIST National Initiative for Cybersecurity Education (NICE) and the UK Cyber Body of Knowledge (CyBOK).
Because programmers make mistakes of many kinds, we can never be sure all programs are without flaws. We know of many practices that can be used during software development to lead to high assurance of correctness. This chapter surveys programs and programming: errors programmers make and vulnerabilities attackers exploit. These failings can have serious consequences, as reported almost daily in the news. However, there are techniques to mitigate these shortcomings. In this section we presented several characteristics of good, secure software. Of course, a programmer can write secure code that has none of these characteristics, and faulty software can exhibit all of them. These qualities are not magic; they cannot turn bad code into good. Rather, they are properties that many examples of good code reflect and practices that good code developers use; the properties are not a cause of good code but are paradigms that tend to go along with it. Following these principles affects the mindset of a designer or developer, encouraging a focus on quality and security; this attention is ultimately good for the resulting product and for its users.
Core security concepts: Assets, threats, vulnerabilities, controls, confidentiality, integrity, availability, attackers, and attack types
The security practitioner's toolbox: Identification, authentication, access control, and encryption
Areas of practice: Securing programs, userinternet interaction, operating systems, networks, data, databases, and cloud computing
Cross-cutting disciplines: Privacy, management, law, and ethics
Using cryptography: Solve real problems, and explore its formal and mathematical underpinnings
Emerging topics and risks: AI and adaptive cybersecurity, blockchains and cryptocurrencies, computer-assisted offensive warfare, and quantum computing
Table of Contents:
Foreword
Preface
Acknowledgments
About the Author
1. Introduction
2. Toolbox: Authentication, Access Control, and Cryptography
3. Programs and Programming
4. The Internet-User Side
5. Operating Systems
6. Networks
7. Data and Databases
8. New Territory
9. Privacy
10. Management and Incidents
11. Legal Issues and Ethics
12. Details of Cryptography
13. Emerging Topics
Bibliography
Скачать Security in Computing, 6th Edition (Rough Cuts)