Computer Security Art and Science

Today, everyone recognizes the importance of safeguarding computer systems and networks from vulnerability, attack, and compromise. But computer security is neither an easy art nor a simple science: its methodologies and technologies require rigorous study, and a deep grounding in principles that can be applied even as technologies change. Moreover, practitioners must understand how to align concepts with real policies, and then actually implement those policies -- managing inevitable tradeoffs such as “How secure do our devices really need to be, and how much inconvenience can we accept?”

In his extensively updated Computer Security: Art and Science, 2nd Edition, University of California at Davis Computer Security Laboratory co-director Matt Bishop offers a clear, rigorous, and thorough introduction to the entire modern field of computer security. Bishop covers access control; security, confidentiality, integrity, availability, and hybrid policies; policy composition; cryptography; authentication; identity management; information flow; assurance; formal methods; system evaluation; vulnerability analysis; auditing; intrusion detection, and many other topics.

This edition adds four new chapters, including a brand-new chapter-length case study on the high-profile issue of electronic voting. Through this case study, Bishop demonstrates how principles, policies, procedures, and technology come together in a crucial real-world application.

Matt Bishop is a professor in the Department of Computer Science at the University of California at Davis. His main research interest is the analysis of vulnerabilities in computer systems, including modeling them, building tools to detect vulnerabilities, and ameliorating or eliminating them. He works in the areas of network security, including the study of denial of service attacks and defenses, policy modeling, software assurance testing, resilience, and formal modeling of access control. He was co-chair of the Joint Task Force that developed the Cybersecurity Curricula 2017: Curriculum Guidelines for Post-Secondary Degree Programs in Cybersecurity, released in December 2017. He earned his Ph.D. in computer science from Purdue University in 1984.

1. An Overview of Computer Security
2. Access Control Matrix
3. Foundational Results
4. Security Policies
5. Confidentiality Policies
6. Integrity Policies
7: Availability Policies
8. Hybrid Policies
9. Noninterference and Policy Composition
10. Basic Cryptography
11. Cipher Techniques
12. Key Management
13. Authentication
14. Design Principles
15. Representing Identity
16. Access Control Mechanisms
17. Information Flow
18. Confinement Problem
19. Introduction to Assurance
20. Building Systems with Assurance
21. Formal Methods
22. Evaluating Systems
23. Malicious Logic
24. Vulnerability Analysis
25. Auditing
26. Intrusion Detection
27. Attack Analysis
28. Network Security
29. System Security
30. User Security
31. Program Security
32. Security Management
33. Electronic Voting
34. Lattices
35. Entropy and Uncertainty
36. Virtual Machines
37. Symbolic Logic
38. Example Academic Security Policy
Bibliography and Index

What is included with this book?

The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.

The Used, Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.

FREE SHIPPING

Amazon no longer offers textbook rentals. We do!

Computer Security Art and Science

Summary

Author Biography

Table of Contents

Supplemental Materials