Carroll | Computer Security | E-Book | sack.de
E-Book

E-Book, Englisch, 462 Seiten, Web PDF

Carroll Computer Security


2. Auflage 2014
ISBN: 978-1-4831-0301-3
Verlag: Elsevier Science & Techn.
Format: PDF
 Kopierschutz: 1 - PDF Watermark

E-Book, Englisch, 462 Seiten, Web PDF

ISBN: 978-1-4831-0301-3
Verlag: Elsevier Science & Techn.
Format: PDF
 Kopierschutz: 1 - PDF Watermark

Computer Security, Second Edition aims to present different ideas and practices that promote the prevention of attacks on computer systems and data being compromised. The book is divided into five parts. Part I covers the important elements of computer security and case histories of computer-related crimes. Part II discusses the organizations and models for the protection of information. Part III talks about the physical security involved and access control involved in data protection. Part IV deals with the different measures employed to promote security in the communication between computers. Part V explains systems security, its access control, and integrity. The text is recommended for people involved in the promotion of computer security, especially programmers and IT practitioners, in institutions where computer-processed information is crucial and must be protected.

Carroll Computer Security jetzt bestellen!

Autoren/Hrsg.

Carroll, John M.

Weitere Infos & Material

1;Front Cover;1
2;Computer Security;4
3;Copyright Page;5
4;Table of Contents;8
5;Dedication;6
6;Acknowledgments;14
7;Introduction;16
8;PART I: The Threat to Computer Security;18
8.1;Chapter 1. Essentials of Computer Security;20
8.1.1;UNIQUE EDP SECURITY PROBLEMS;20
8.1.2;EDP SECURITY IN A NUTSHELL;24
8.2;Chapter 2. A Casebook of Computer Crime;32
8.2.1;CASE HISTORIES;32
8.2.2;CONCLUSION;53
9;PART II: Security Management Considerations;56
9.1;Chapter 3. Organizing for EDP Security;58
9.1.1;EDP SECURITY IN THE PUBLIC SECTOR;58
9.1.2;EDP SECURITY IN THE PRIVATE SECTOR;59
9.1.3;CORPORATE EDP SECURITY;62
9.1.4;DUTIES OF THE SECURITY COORDINATOR;64
9.1.5;PRINCIPLES OF SECURITY MANAGEMENT;67
9.2;Chapter 4. Protection of Information;70
9.2.1;CLASSIFICATION–THE GOVERNMENT MODEL;70
9.2.2;CLASSIFICATION–THE CORPORATE MODEL;74
9.2.3;SPECIAL PROBLEMS WITH EDP;75
9.2.4;MARKING CLASSIFIED MATTER;77
9.2.5;STORING CLASSIFIED MATTER;79
9.2.6;DESTROYING CLASSIFIED MATTER;80
9.2.7;RESIDUAL MEMORY IN MAGNETIC MEDIA;81
9.2.8;PROCEDURAL SAFEGUARDS FOR CLASSIFIED MATTER;83
9.2.9;CONCLUSION;86
9.3;Chapter 5. Screening and Management of Personnel;90
9.3.1;MANAGEMENT RESPONSIBILITY;92
9.3.2;RELATIONS WITH VENDORS;93
9.3.3;CATEGORIES OF SECURITY CLEARANCE;93
9.3.4;SECURITY SCREENING OF EMPLOYEES;94
9.3.5;PERSONNEL SECURITY POLICIES;98
9.3.6;CONCLUSION;101
10;PART III: Physical Security;104
10.1;Chapter 6. Physical Access Control;106
10.1.1;BASICS OF ACCESS CONTROL;106
10.1.2;AUTOMATIC ACCESS CONTROL;107
10.1.3;KEY ACCESS CONTROL;111
10.1.4;CONCENTRIC CONTROLLED PERIMETERS;111
10.1.5;OUTER PERIMETER ACCESS;112
10.1.6;BUILDING ACCESS CONTROL;113
10.1.7;CONTROL OF ACCESS TO RESTRICTED AREAS;114
10.1.8;MATERIAL CONTROL IN RESTRICTED AREAS;117
10.1.9;COMPUTER ROOM ACCESS CONTROL;118
10.2;Chapter 7. Physical Security;120
10.2.1;THE FORTRESS CONCEPT;120
10.2.2;OUTER PERIMETER DEFENSE;122
10.2.3;BUILDING PERIMETERS;123
10.2.4;RESTRICTED AREA PERIMETER;128
10.2.5;COMPUTER ROOM SECURITY;130
10.3;Chapter 8. Environmental Security;134
10.3.1;ELECTRICAL POWER;134
10.3.2;GROUNDING;137
10.3.3;INTERFERENCE SUPPRESSION;139
10.3.4;DUST CONTROL;140
10.3.5;ENVIRONMENTAL CONTROLS;141
10.4;Chapter 9. Disaster Control;146
10.4.1;LOCATING THE COMPUTER CENTER;146
10.4.2;PROTECTING THE COMPUTER CENTER;148
10.4.3;AUTOMATIC FIRE DETECTION;153
10.4.4;GENERAL FIRE-SAFETY PLANNING;155
10.4.5;DISASTER RECOVERY;158
11;PART IV: Communications Security;162
11.1;Chapter 10. Line Security;164
11.1.1;COMMUNICATIONS SECURITY SUBFIELDS;164
11.1.2;DEFINITION OF TERMINAL;165
11.1.3;SECURITY OF COMMUNICATIONS CABLES;165
11.1.4;INTERIOR COMMUNICATIONS LINES;169
11.1.5;TELEPHONE INSTRUMENT SECURITY;170
11.1.6;ADDITIONAL LINE SECURITY CONSIDERATIONS;175
11.1.7;LOCAL AREA NETWORKS;176
11.1.8;SPACE RADIO INTERCEPTION;182
11.2;Chapter 11. Transmission Security;184
11.2.1;GENERAL CONSIDERATIONS;184
11.2.2;OPERATING PROCEDURES;185
11.2.3;SPEECH PRIVACY;190
11.2.4;ERROR-PROOF CODES;193
11.2.5;TRAFFIC ANALYSIS;196
11.3;Chapter 12. Cryptographic Security;198
11.3.1;INTRODUCTION TO CRYPTOLOGY;198
11.3.2;OVERVIEW OF CYPHERS;199
11.3.3;HOW CYPHERS WORK;201
11.3.4;HOW DES WORKS;205
11.3.5;NETWORK COMMUNICATIONS SECURITY;218
11.3.6;WEAKNESSES OF DES;218
11.3.7;WAYS TO USE DES;220
11.3.8;ASYMMETRICAL CYPHERS;223
11.3.9;CRYPTO PROCEDURES;225
11.3.10;CRYPTANALYSIS;227
11.3.11;SUMMARY;229
11.4;Chapter 13. Emission Security;230
11.4.1;EMISSION PROBLEMS;230
11.4.2;PROBABILITY OF INTERCEPTION;231
11.4.3;DEFENSE MECHANISMS;233
11.4.4;MEASURING ELECTROMAGNETIC EMANATION LEVELS;234
11.4.5;ADDITIONAL DEFENSES;238
11.4.6;DEFENSE AGAINST ACOUSTICAL EMANATIONS;243
11.5;Chapter 14. Technical Security;244
11.5.1;VICTIMIZATION OF EDP CENTERS;244
11.5.2;CATEGORIES OF TECHNICAL SURVEILLANCE;245
11.5.3;DEFENSES AGAINST TECHNICAL SURVEILLANCE;245
11.5.4;TYPES OF INTRUSION DEVICES;250
12;PART V: Systems Security;254
12.1;Chapter 15. Systems Identification;256
12.1.1;INTRODUCTION TO SYSTEMS SECURITY;256
12.1.2;GUIDELINES FOR A TRUSTED COMPUTING BASE;261
12.1.3;PERSONAL IDENTIFICATION;266
12.1.4;OTHER USER IDENTIFICATION SYSTEMS;273
12.1.5;IDENTIFYING SPECIFIED ASSETS;273
12.1.6;SYSTEM RELATIONSHIPS;275
12.1.7;PRIVACY CONSIDERATIONS;276
12.2;Chapter 16. Isolation in Computer Systems;278
12.2.1;DEFENSE STRATEGIES;278
12.2.2;PROCESSING MODES;279
12.2.3;TEMPORAL ISOLATION;281
12.2.4;SPATIAL ISOLATION;283
12.2.5;SYSTEM ARCHITECTURE;283
12.2.6;CRYPTOGRAPHIC ISOLATION;295
12.2.7;RESTRICTION OF PRIVILEGE;296
12.3;Chapter 17. Systems Access Control;298
12.3.1;BASIC PRINCIPLES OF ACCESS;298
12.3.2;AUTHENTICATION;301
12.3.3;SYSTEMS ACCESS;304
12.3.4;INTERNAL ACCESS;305
12.3.5;ACCESS PRIVILEGES;307
12.3.6;KEEPING HACKERS OUT;310
12.3.7;SYSTEM SECURITY ADD-ON PACKAGES;317
12.4;Chapter 18. Detection and Surveillance;322
12.4.1;THREAT MONITORING;322
12.4.2;TREND ANALYSIS;324
12.4.3;INVESTIGATION;330
12.4.4;AUDITING;332
12.4.5;COMPENSATORY ACTION;334
12.4.6;THE HUMAN FACTOR IN COMPUTER CRIME;335
12.5;Chapter 19. Systems Integrity;338
12.5.1;PROGRAM SECURITY;338
12.5.2;ERROR CONTROL;341
12.5.3;PRIVACY IN STATISTICAL DATA BASES;345
12.5.4;PROTECTION OF SECURITY FUNCTIONS;349
12.6;Chapter 20. Record Keeping and Security;352
12.6.1;LOGS;352
12.6.2;BACKUP FILES;354
12.6.3;RESTART AND RECOVERY;355
12.6.4;RECORD RETENTION;356
12.6.5;INVENTORIES AND LISTS;357
12.7;Chapter 21. Systems Reliability and Security;362
12.7.1;HARDWARE;362
12.7.2;SOFTWARE;364
12.7.3;CHANGES;365
12.7.4;SYSTEMS BACKUP;365
13;PART VI: Threat Evaluation;370
13.1;Chapter 22. Threat Evaluation;372
13.1.1;COST OF LOSS;374
13.1.2;TYPES OF LOSS;379
13.1.3;COMPUTER-PROGRAMMED THREAT EVALUATION SURVEY;387
13.1.4;CONCLUSION;394
14;Appendix: Sample Log Forms;396
15;Glossary;400
16;Selected Bibliography;448
17;Index;454

Ihre Fragen, Wünsche oder Anmerkungen
Vorname*
Nachname*
Ihre E-Mail-Adresse*
Kundennr.
Ihre Nachricht*
Lediglich mit * gekennzeichnete Felder sind Pflichtfelder.
Wenn Sie die im Kontaktformular eingegebenen Daten durch Klick auf den nachfolgenden Button übersenden, erklären Sie sich damit einverstanden, dass wir Ihr Angaben für die Beantwortung Ihrer Anfrage verwenden. Selbstverständlich werden Ihre Daten vertraulich behandelt und nicht an Dritte weitergegeben. Sie können der Verwendung Ihrer Daten jederzeit widersprechen. Das Datenhandling bei Sack Fachmedien erklären wir Ihnen in unserer Datenschutzerklärung.