This sweeping revision of the classic computer security book provides an authoritative overview of computer security for every type of system, from traditional centralized systems to distributed networks and the Internet. The Third Edition has been updated to reflect the state-of-the-art in networking; cryptography; program and operating system security; administration; legal, privacy, and ethical issues, and much more. It combines core computer science concepts related to operating systems, networks, data bases, and programming, with accessible discussions of the use of cryptography and protocols. The book describes each important area from a developer's or user's point of view, lays out the security vulnerabilities and threats, and follows countermeasures to address them. Their book's layered approach is ideal for instructors who wish to customize courses based on their unique requirements. They also provide extensive pedagogical resources–including overviews, end-of-chapter reviews, lists of key terms, and updated exercises and references.

The authors are recognized experts in their fields. Lead author Dr. Charles P. Pfleeger, CISSP, is currently Master Security Architect for Cable & Wireless, one of the world's leading providers of Internet and secure infrastructure services. Co-author Dr. Shari Lawrence Pfleeger is a Senior Researcher at RAND Corporation, a not-for-profit company providing strategy and decision-making support in the public interest. They are the authors of more than a dozen previous books on computer security, software engineering, software measurement, software quality, and programming.

Supplements including a solutions manual, PowerPoints and a companion website are available.  In the "Resources" box above, please click on "Instructor."

The much-anticipated revision of Pfleeger's best-selling introduction to security in computing!

° Covers latest network threats–including denial of service, buffer overflow -- explaining the symptom and the cure!

° Adopts a comprehensive approach -- shows the relationships among applications, operating systems, database management systems, and networks in terms of threats and controls

° Covers privacy and ethical issues, often omitted from security books

• Completely revised network coverage—Covers new attacks on networks, including denial of service, distributed denial of service, and malicious mobile code. Also describes countermeasures such as intrusion detection systems, one-time authentication, firewalls, and virtual private networks.

  • Introduces students to the breadth of network issues and helps them to understand the nature of threats and countermeasures in order to address new threats.

• Privacy-related security issues—Contains entirely new section on privacy threats, controls, and related issues.

  • Gives students insight into the implications of computer security for individual privacy-one of today's most important and controversial political issues.

• Thoroughly reorganized and updated cryptography coverage—Separates the concepts of cryptography as a protection tool from its underlying design. Includes state-of-the-art discussions of digital signatures, certificates, public key infrastructures, and leading-edge quantum cryptography.

  • Helps students know how to use cryptographic technologies to protect their data, as well as breakthrough technologies likely to be used widely in the coming years. Also introduces students to the mathematical and theoretical sources upon which cryptographic algorithms are based.

• Extensive new coverage of program security—Describes in detail buffer overflows, unchecked accesses, and malicious code, such as viruses, worms, and Trojan horses. Introduces controls on programs, such as development practices and constrained execution environments.

  • Gives programming students practical information for building more secure software systems.

• —Thoroughly revamped coverage of protection in both general-purpose and trusted operating systems—Covers security functions in operating systems, design principles for high assurance trusted systems, and standards and techniques for independent evaluation.

  • Helps students design and build more secure operating systems and assess and compare security of existing ones.

Foreword.


Preface to the Third Edition.


1. Is There a Security Problem in Computing?

Corporate, Computer and Network Security  [CAREER TITLES]   (MIS)
Network Security  [PTG: PRENTICE HALL PROFESSIONAL]   (Computer Science)

CHARLES P. PFLEEGER is a Master Security Architect for Cable & Wireless, the world's premier web hosting and Internet solutions provider. He regularly advises clients on secure design and implementation of network applications and architectures.

SHARI LAWRENCE PFLEEGER, senior researcher for RAND, is author of eight books on software engineering, measurement, and quality, including Software Engineering: Theory and Practice, Second Edition (Prentice Hall). She was named by The Journal of Systems and Software as one of the world's top software engineering researchers.

Foreword by Willis H. Ware.

The classic guide to information security—fully updated for the latest attacks and countermeasures

Security in Computing, Third Edition systematically demonstrates how to control failures of confidentiality, integrity, and availability in applications, databases, operating systems, and networks alike.

This sweeping revision of the field's classic guide to computer security reflects today's entirely new generation of network- and Internet-based threats and vulnerabilities, and offers practical guidance for responding to them.

• Updated to cover wireless security, intrusion detection, AES, DRM, biometrics, honeypots, online privacy, and more
• Security in Internet-based, distributed, desktop and traditional centralized applications
• New attacks, including scripted vulnerability probing, denial of service, and buffer overflows—with symptoms and cures
• Clear, accessible introduction to cryptography—without sophisticated math
• Up-to-the-minute explanations of digital signatures, certificates, and leading-edge quantum cryptography
• Thoroughly revamped coverage of software engineering practices designed to enhance program security
• Expanded coverage of risk management, contingency planning, and security policies
• Detailed presentation of protection in general-purpose and trusted operating systems
• Extensive pedagogical resources: end-of-chapter reviews and exercises, lists of key terms, and authoritative references

Exceptionally clear and easy to understand, the book covers not only technical issues, but also law, privacy, ethics, and the physical and administrative aspects of security.

The companion website (http://www.phptr.com/pfleeger/) contains additional information, book updates, and instructor's resources.

Companion Website, 3/E
NONE
©2003  |  Prentice Hall  |  On-line Supplement  |  Live
ISBN-10: 0131423339  |  ISBN-13: 9780131423336
This online resource is available at no cost.
More Info

Solution Manual, 3/E
Pfleeger & Pfleeger
©2003  |  Prentice Hall  |  Paper  |  Instock
ISBN-10: 0131019899  |  ISBN-13: 9780131019898
More Info

Back to top

Pearson Higher Education offers special pricing when you choose to package your text with other student resources. If you're interested in creating a cost-saving package for your students contact your Pearson Higher Education representative.