Articoli correlati a An Information Security Handbook
Sinossi
A comprehensive guide to computer security issues explains what security is, examines the security problems of an IT system, offers guidelines for reducing security risks, describes how to select the appropriate security countermeasure, and discusses ways to procure an information system with security implications. Original. (Intermediate)
Le informazioni nella sezione "Riassunto" possono far riferimento a edizioni diverse di questo titolo.
Contenuti
1. Introduction.- 1.1 Why a Book about Information Security?.- 1.2 Some Conventions.- 1.3 Risks.- 1.4 Information Sensitivity.- 1.5 Information Importance.- 1.6 Countermeasures.- 1.7 Information Warfare.- 1.8 Management.- 1.9 Summary.- 2. Technology and Security.- 2.1 Privilege and Machine Modes.- 2.2 System Configuration.- 2.3 Physical Aspects of Discs and Tapes.- 2.3.1 Hard Discs.- 2.3.2 CD-ROMs.- 2.3.3 Floppy Discs.- 2.3.4 Magnetic Tapes.- 2.4 Files and Access Control.- 2.4.1 File Access Controls.- 2.5 RAID Storage.- 2.6 Summary.- 3. Physical Security.- 3.1 The Security Domains.- 3.1.1 The Global Security Environment.- 3.1.2 The Local Security Environment.- 3.1.3 The Electronic Security Environment.- 3.2 Security Aspects of Layout.- 3.3 Summary.- 4. Personnel Security.- 4.1 Assessing Personnel Trustworthiness.- 4.2 Example and Leadership.- 4.3 Awareness.- 4.4 IT Staff.- 4.5 New Recruits and Leavers.- 4.6 General.- 4.6 Summary.- 5. Communications Security.- 5.1 Encryption and Cryptanalysis.- 5.1.1 Crypto Administration.- 5.1.2 Encryption Weaknesses.- 5.2 Authentication Dialogues.- 5.2.1 Crypto Signatures.- 5.2.2 Summary.- 5.3 The Kerberos Authentication Dialogue.- 5.4 Hacking.- 5.5 Unix and the TCP/IP Family of Protocols.- 5.6 Firewalls and Gateways.- 5.6.1 One Way Filters and Related Systems.- 5.6.1.1 Communications Software Security Problems.- 5.6.1.2 Summary.- 6. Unix Security.- 6.1 The Security Problems of Unix.- 6.2 Unix File Permissions.- 6.3 Executing as the Superuser.- 6.4 Password Security.- 6.4.1 Selecting Passwords.- 6.4.2 Password Policies.- 6.4.3 Checking Password Security.- 6.4.4 Password Ageing.- 6.4.5 Guest Accounts.- 6.4.6 Accounts Without Passwords.- 6.4.7 Group Accounts and Groups.- 6.5 Improving Unix Network Security.- 6.5.1 Trusted Hosts.- 6.5.2 The rxxx Utilities.- 6.5.3 The finger Utility.- 6.5.4 The telnet Utility.- 6.5.5 The ftp Utility.- 6.5.6 The tftp Utility.- 6.5.7 The http Utility.- 6.5.8 The nf s Utility.- 6.5.9 E-mail.- 6.5.10 The X Windows System.- 6.5.11 Windows NT.- 7. Internet Security.- 7.1 External Hazards.- 7.2 ISP Services.- 7.3 After an Attack.- 7.4 Summary.- 8. Radiation Security.- 8.1 Equipment Layout.- 8.2 Maintenance.- 8.3 Summary.- 9. Procedural Security.- 9.1 System Integrity.- 9.2 Magnetic Media.- 9.3 Denial of System Benefits to a Competitor.- 9.4 Disposal of Documents.- 9.4.1 Paper Documents.- 9.4.2 Magnetic Documents.- 9.5 Weeding and Downgrading.- 9.6 When It Starts to Go Wrong.- 9.7 Summary.- 10. Software Security.- 10.1 Secure Computer Systems.- 10.2 Software Evaluation.- 10.3 Software Security Models.- 10.4 Other Software Security Issues.- 11. Some Notes on Static Analysis.- 11.1 Introduction.- 11.1.1 Static Analysis.- 11.1.2 A Simple Example.- 11.2 Control Flow Analysis.- 11.3 Data Flow Analysis.- 11.4 Information Flow Analysis.- 11.5 Semantic Analysis.- 11.6 The Use of Static Analysis.- 11.7 Summary.- 12. Computer Viruses.- 12.1 Introduction.- 12.2 Viruses.- 12.2.1 Mechanisms.- 12.2.2 WORD Viruses.- 12.3 Virus Examples.- 12.3.1 The “Brain” virus.- 12.3.2 The “Lehigh” Virus.- 12.3.3 The “Jerusalem” Virus.- 12.3.4 The “CHRISTMA EXEC”.- 12.3.5 The “Love Letter” Worm.- 12.3.6 The “Nimda” Worm.- 12.4 Dealing with Viruses.- 12.4.1 Anti-Viral Software.- 12.4.2 Anti-Viral Precautions.- 12.4.3 Virus Decontamination.- 12.5 Java & Active-X.- 12.6 The “Millennium Bug”.- 12.7 Summary.- 13. The UK Data Protection Acts.- 13.1 Definitions.- 13.2 The Data Protection Principles.- 13.2.1 The First Principle.- 13.2.2 The Second Principle.- 13.2.3 The Third Principle.- 13.2.4 The Fourth Principle.- 13.2.5 The Fifth Principle.- 13.2.6 The Sixth Principle.- 13.2.7 The Seventh Principle.- 13.2.8 The Eighth Principle.- 13.3 Summary.- 14. System Administration and Security.- 14.1 The Procurement of Secure Information Systems.- 14.1.1 The Requirement.- 14.1.2 The Outline Security Policy.- 14.1.3 Hardware Selection.- 14.1.4 Software Selection.- 14.1.5 Certified Software.- 14.1.6 Summary.- 14.2 System and Data Backups.- 14.3 Resource Tracking and Management.- 14.4 System Testing and Probing.- 14.5 Configuration Management.- 14.5.1 System Change Control.- 14.6 Database Maintenance.- 14.6.1 Database Monitoring and Culling.- 14.6.2 Legal Conformance.- 14.6.3 Database Integrity.- 14.7 User Account Management.- 14.8 Audit Trail Management.- 14.9 Summary.- 15. The Management of Security.- 15.1 The Security Management Problem.- 15.2 A Security Management Methodology.- 15.2.1 Knowledge of the Information System.- 15.2.2 Threat Assessment.- 15.2.3 Risk Estimation.- 15.2.4 Choice of Mechanisms.- 15.3 System Security Policies.- 15.4 Summary.- 16. Conclusions.- 16.1 A Definition of Information System Security.- 16.2 The Security Problems of an Information System.- 16.3 Tailpiece.- A. Unix Security Resources.- A.1 Configuration Checkers.- A.2 Network Activity Monitors.- A.3 Intrusion Checkers.- A.4 Change Detectors.- A.5 Password Checkers.- A.6 Firewall Packages.- A.7 Security Documentation.- A.8 Other Secure Software.- B. DoD Computer System Evaluation Criteria.- C. IT Security Evaluation Criteria (ITSEC).- D. An Example System Security Policy.- E. System Threats and Countermeasures.- E.1 Introduction.- E.2 Threats to the Level of Service.- E.2.1 Power Supplies.- E.2.2 Hardware Faults.- E.2.3 Software Crashes.- E.2.4 Operator Errors.- E.2.5 Computer Viruses.- E.2.6 Environmental Disasters.- E.3 Threats to the Information Base.- E.4 Threats Leading to Information Leakage.- E.5 Choice of Countermeasures.- E.6 Summary.- F. Example List of Security Countermeasures.- F.1 Access Control.- F.1.1 Communications.- F.1.2 Covert Channel Control.- F.1.3 Discretionary Access Control.- F.1.4 Mandatory Access Control.- F.1.5 Physical Access Control.- F.2 Accountability.- F.2.1 Transactions.- F.2.2 Configuration.- F.3 Accuracy.- F.3.1 Communications.- F.3.2 Storage.- F.4 Availability.- F.4.1 Communications.- F.4.2 Logical Denial.- F.4.3 Personnel.- F.4.4 Physical Denial.- F.4.5 Environmental Damage.- F.5 Data Exchange.- F.5.1 Communications Security.- F.5.2 Covert Channel.- F.5.3 Radiation Security.- F.5.4 Transmission Security.- F.5.5 Traffic Flow Security.- F.6 Authentication.- F.7 Audit.- F.8 Personnel.- G. Glossary of Information Security Terms.- H. References & Bibliography.
Product Description
Book by Hunter John M
Le informazioni nella sezione "Su questo libro" possono far riferimento a edizioni diverse di questo titolo.
Compra nuovo
Visualizza questo articolo
EUR 47,23
EUR 9,70 per la spedizione da Germania a Italia
Destinazione, tempi e costi
Risultati della ricerca per An Information Security Handbook
Foto dell'editore
An Information Security Handbook (Computer Communications and Networks)
Da: Phatpocket Limited, Waltham Abbey, HERTS, Regno Unito
Valutazione del venditore 5 su 5 stelle
Condizione: Good. Your purchase helps support Sri Lankan Children's Charity 'The Rainbow Centre'. Ex-library, so some stamps and wear, but in good overall condition. Our donations to The Rainbow Centre have helped provide an education and a safe haven to hundreds of children who live in appalling conditions. Codice articolo Z1-Y-023-00599
Quantità: 1 disponibili
Foto dell'editore
An Information Security Handbook.
Editore:
London Springer Verlag, 2001
ISBN 10: 1852331801
ISBN 13: 9781852331801
Antico o usato
Softcover
Da: CSG Onlinebuch GMBH, Darmstadt, Germania
Valutazione del venditore 5 su 5 stelle
Softcover. Condizione: Gut. Gebraucht - Gut Zustand: Gut, Mängelexemplar, XIV, 226 p. About this book: Aimed primarily at final year undergraduate courses and MSc courses on Information Systems, Management of Information Systems and Design of Information Systems, this textbook aims to provide answers to five questions; What is security? What are the security problems particular to an IT system? What can be done to reduce the security risks associated with such a system? In a given situation, what are the appropriate security countermeasures? How should one set about procuring an information system with security implications? It looks at the different goals organisations might have in employing security techniques (availability, integrity, confidentiality, exclusivity) and which technique is best suited to achieving each goal. With guidelines appropriate for the protection of both conventional commercial and military systems, An Information Security Handbook will be of interest to computer system managers and administrators in any commercial or government organisation. Written for final year undergraduates; postgraduates (MSc); computer system managers; system administrators. Codice articolo 17037
Quantità: 2 disponibili
Immagini fornite dal venditore
An Information Security Handbook
Print on DemandDa: moluna, Greven, Germania
Valutazione del venditore 5 su 5 stelle
Condizione: New. Dieser Artikel ist ein Print on Demand Artikel und wird nach Ihrer Bestellung fuer Sie gedruckt. Covers a more comprehensive range of subjects than other available texts (including management of security and personnel security)More up-to-date than other books, including implications which arose from the Y2K date changeThis book is geared at pos. Codice articolo 4289395
Quantità: Più di 20 disponibili
Immagini fornite dal venditore
An Information Security Handbook
Editore:
Springer London Mrz 2001, 2001
ISBN 10: 1852331801
ISBN 13: 9781852331801
Nuovo
Taschenbuch
Da: BuchWeltWeit Ludwig Meier e.K., Bergisch Gladbach, Germania
Valutazione del venditore 5 su 5 stelle
Taschenbuch. Condizione: Neu. This item is printed on demand - it takes 3-4 days longer - Neuware -Aimed primarily at final year undergraduate courses and MSc courses on Information Systems, Management of Information Systems and Design of Information Systems, this textbook aims to provide answers to five questions: What is security What are the security problems particular to an IT system What can be done to reduce the security risks associated with such a system In a given situation, what are the appropriate security countermeasures How should one set about procuring an information system with security implications It looks at the different goals organisations might have in employing security techniques (availability, integrity, confidentiality, exclusivity) and which technique is best suited to achieving each goal. With guidelines appropriate for the protection of both conventional commercial and military systems, 'An Information Security Handbook' will be of interest to computer system managers and administrators in any commercial or government organisation. 244 pp. Englisch. Codice articolo 9781852331801
Quantità: 2 disponibili
Immagini fornite dal venditore
An Information Security Handbook
Editore:
Springer London, Springer London Mär 2001, 2001
ISBN 10: 1852331801
ISBN 13: 9781852331801
Nuovo
Taschenbuch
Da: buchversandmimpf2000, Emtmannsberg, BAYE, Germania
Valutazione del venditore 5 su 5 stelle
Taschenbuch. Condizione: Neu. Neuware -Aimed primarily at final year undergraduate courses and MSc courses on Information Systems, Management of Information Systems and Design of Information Systems, this textbook aims to provide answers to five questions;What is security What are the security problems particular to an IT system What can be done to reduce the security risks associated with such a system In a given situation, what are the appropriate security countermeasures How should one set about procuring an information system with security implications It looks at the different goals organisations might have in employing security techniques (availability, integrity, confidentiality, exclusivity) and which technique is best suited to achieving each goal. With guidelines appropriate for the protection of both conventional commercial and military systems, An Information Security Handbook will be of interest to computer system managers and administrators in any commercial or government organisation.Springer Verlag GmbH, Tiergartenstr. 17, 69121 Heidelberg 244 pp. Englisch. Codice articolo 9781852331801
Quantità: 2 disponibili
Foto dell'editore
An Information Security Handbook (Computer Communications and Networks)
Da: Midtown Scholar Bookstore, Harrisburg, PA, U.S.A.
Valutazione del venditore 5 su 5 stelle
Paperback. Condizione: Very Good. Very Good paperback with light shelfwear - NICE! Standard-sized. Codice articolo mon0000098744
Quantità: 1 disponibili
Foto dell'editore
An Information Security Handbook (Computer Communications and Networks)
Da: Ria Christie Collections, Uxbridge, Regno Unito
Valutazione del venditore 5 su 5 stelle
Condizione: New. In. Codice articolo ria9781852331801_new
Quantità: Più di 20 disponibili
Immagini fornite dal venditore
An Information Security Handbook
Editore:
Springer London, Springer London, 2001
ISBN 10: 1852331801
ISBN 13: 9781852331801
Nuovo
Taschenbuch
Da: AHA-BUCH GmbH, Einbeck, Germania
Valutazione del venditore 5 su 5 stelle
Taschenbuch. Condizione: Neu. Druck auf Anfrage Neuware - Printed after ordering - Aimed primarily at final year undergraduate courses and MSc courses on Information Systems, Management of Information Systems and Design of Information Systems, this textbook aims to provide answers to five questions;What is security What are the security problems particular to an IT system What can be done to reduce the security risks associated with such a system In a given situation, what are the appropriate security countermeasures How should one set about procuring an information system with security implications It looks at the different goals organisations might have in employing security techniques (availability, integrity, confidentiality, exclusivity) and which technique is best suited to achieving each goal. With guidelines appropriate for the protection of both conventional commercial and military systems, An Information Security Handbook will be of interest to computer system managers and administrators in any commercial or government organisation. Codice articolo 9781852331801
Quantità: 1 disponibili
Foto dell'editore
An Information Security Handbook
Editore:
Springer London Ltd, 2001
ISBN 10: 1852331801
ISBN 13: 9781852331801
Nuovo
Paperback / softback
Da: THE SAINT BOOKSTORE, Southport, Regno Unito
Valutazione del venditore 5 su 5 stelle
Paperback / softback. Condizione: New. This item is printed on demand. New copy - Usually dispatched within 5-9 working days 378. Codice articolo C9781852331801
Quantità: Più di 20 disponibili
Foto dell'editore
An Information Security Handbook (Computer Communications and Networks)
Da: Lucky's Textbooks, Dallas, TX, U.S.A.
Valutazione del venditore 5 su 5 stelle
Condizione: New. Codice articolo ABLIING23Mar2912160256501
Quantità: Più di 20 disponibili