Security in Computing, 6th Edition

Book description

The New State of the Art in Information Security: From Cloud to Crypto, AI-Driven Security to Post-Quantum Computing

Now extensively updated throughout, Security in Computing, Sixth Edition, is today's one-stop, primary text for everyone teaching, learning, and practicing information cybersecurity. It defines core principles associated with modern security policies, processes, and protection; illustrates them with up-to-date sidebars and examples; and shows how to apply them in practice. Modular and flexibly organized, it supports a wide array of courses, strengthens professionals' knowledge of foundational principles; and imparts a more expansive understanding of modern security.

This edition adds or expands coverage of artificial intelligence and machine learning tools; app and browser security; security by design; securing cloud, IoT, and embedded systems; privacy-enhancing technologies; protecting vulnerable individuals and groups; strengthening security culture; cryptocurrencies and blockchain; offensive cyberwarfare; post-quantum computing; and more. It contains many new diagrams, exercises, sidebars, and examples, and is mapped to two leading frameworks: the US NIST National Initiative for Cybersecurity Education (NICE) and the UK Cyber Body of Knowledge (CyBOK).

  • Core security concepts: Assets, threats, vulnerabilities, controls, confidentiality, integrity, availability, attackers, and attack types

  • The security practitioner's toolbox: Identification, authentication, access control, and encryption

  • Areas of practice: Securing programs, userinternet interaction, operating systems, networks, data, databases, and cloud computing

  • Cross-cutting disciplines: Privacy, management, law, and ethics

  • Using cryptography: Solve real problems, and explore its formal and mathematical underpinnings

  • Emerging topics and risks: AI and adaptive cybersecurity, blockchains and cryptocurrencies, computer-assisted offensive warfare, and quantum computing

.

Table of contents

  1. Cover Page
  2. About This eBook
  3. Halftitle Page
  4. Title Page
  5. Copyright Page
  6. Pearson’s Commitment to Diversity, Equity, and Inclusion
  7. Contents
  8. Foreword
    1. Citations
  9. Preface
    1. Why Read This Book?
    2. Uses and Users of this Book
    3. Organization of This Book
    4. How to Read This Book
    5. What Is New in This Edition
  10. Acknowledgments
  11. About the Authors
  12. 1. Introduction
    1. 1.1 What Is Computer Security?
    2. 1.2 Threats
    3. 1.3 Harm
    4. 1.4 Vulnerabilities
    5. 1.5 Controls
    6. 1.6 Conclusion
    7. 1.7 What’s Next?
    8. 1.8 Exercises
  13. 2. Toolbox: Authentication, Access Control, and Cryptography
    1. 2.1 Authentication
    2. 2.2 Access Control
    3. 2.3 Cryptography
    4. 2.4 Conclusion
    5. 2.5 Exercises
  14. 3. Programs and Programming
    1. 3.1 Unintentional (Nonmalicious) Programming Oversights
    2. 3.2 Malicious Code—Malware
    3. 3.3 Countermeasures
    4. 3.4 Conclusion
    5. 3.5 Exercises
  15. 4. The Internet—User Side
    1. 4.1 Browser Attacks
    2. 4.2 Attacks Targeting Users
    3. 4.3 Obtaining User or Website Data
    4. 4.4 Mobile Apps
    5. 4.5 Email and Message Attacks
    6. 4.6 Conclusion
    7. 4.7 Exercises
  16. 5. Operating Systems
    1. 5.1 Security in Operating Systems
    2. 5.2 Security in the Design of Operating Systems
    3. 5.3 Rootkits
    4. 5.4 Conclusion
    5. 5.5 Exercises
  17. 6. Networks
    1. 6.1 Network Concepts
    2. Part I—War on Networks: Network Security Attacks
    3. 6.2 Threats to Network Communications
    4. 6.3 Wireless Network Security
    5. 6.4 Denial of Service
    6. 6.5 Distributed Denial of Service
    7. Part II—Strategic Defenses: Security Countermeasures
    8. 6.6 Cryptography in Network Security
    9. 6.7 Firewalls
    10. 6.8 Intrusion Detection and Prevention Systems
    11. 6.9 Network Management
    12. 6.10 Conclusion
    13. 6.11 Exercises
  18. 7. Data and Databases
    1. 7.1 Introduction to Databases
    2. 7.2 Security Requirements of Databases
    3. 7.3 Reliability and Integrity
    4. 7.4 Database Disclosure
    5. 7.5 Data Mining and Big Data
    6. 7.6 Conclusion
    7. 7.7 Exercises
  19. 8. New Territory
    1. 8.1 Introduction
    2. 8.2 Cloud Architectures and Their Security
    3. 8.3 IoT and Embedded Devices
    4. 8.4 Cloud, IoT, and Embedded Devices—The Smart Home
    5. 8.5 Smart Cities, IoT, Embedded Devices, and Cloud
    6. 8.6 Cloud, IoT, and Critical Services
    7. 8.7 Conclusion
    8. 8.8 Exercises
  20. 9. Privacy
    1. 9.1 Privacy Concepts
    2. 9.2 Privacy Principles and Policies
    3. 9.3 Authentication and Privacy
    4. 9.4 Data Mining
    5. 9.5 Privacy on the Internet
    6. 9.6 Email and Message Security
    7. 9.7 Privacy Impacts of Newer Technologies
    8. 9.8 Conclusion
    9. 9.9 Exercises
  21. 10. Management and Incidents
    1. 10.1 Security Planning
    2. 10.2 Business Continuity Planning
    3. 10.3 Handling Incidents
    4. 10.4 Risk Analysis
    5. 10.5 Physical Threats to Systems
    6. 10.6 New Frontiers in Security Management
    7. 10.7 Conclusion
    8. 10.8 Exercises
  22. 11. Legal Issues and Ethics
    1. 11.1 Protecting Programs and Data
    2. 11.2 Information and the Law
    3. 11.3 Rights of Employees and Employers
    4. 11.4 Redress for Software Failures
    5. 11.5 Computer Crime
    6. 11.6 Ethical Issues in Computer Security
    7. 11.7 An Ethical Dive into Artificial Intelligence
    8. 11.8 Incident Analyses with Ethics
    9. 11.9 Conclusion
    10. 11.10 Exercises
  23. 12. Details of Cryptography
    1. 12.1 Cryptology
    2. 12.2 Symmetric Encryption Algorithms
    3. 12.3 Asymmetric Encryption
    4. 12.4 Message Digests
    5. 12.5 Digital Signatures
    6. 12.6 Quantum Key Distribution
    7. 12.7 Conclusion
  24. 13. Emerging Topics
    1. 13.1 AI and Cybersecurity
    2. 13.2 Blockchains and Cryptocurrencies
    3. 13.3 Offensive Cyber and Cyberwarfare
    4. 13.4 Quantum Computing and Computer Security
    5. 13.5 Conclusion
  25. Bibliography
  26. Index
  27. Code Snippets

Product information

  • Title: Security in Computing, 6th Edition
  • Author(s): Charles Pfleeger, Shari Lawrence Pfleeger, Lizzie Coles-Kemp
  • Release date: August 2023
  • Publisher(s): Addison-Wesley Professional
  • ISBN: 9780137891375