Computer Security

Computer Security: Art and Science. Computer SecurityThe importance of computer security has increased dramatically during the past few years. Bishop provides a monumental reference for the theory and practice of computer security. This is a textbook intended for use at the advanced undergraduate and introductory graduate levels, non-University training courses, as well as reference and self-study for security professionals. Comprehensive in scope, this covers applied and practical elements, theory, and the reasons for the design of applications and security techniques. Bishop treats the management and engineering issues of computer. Excellent examples of ideas and mechanisms show how disparate techniques and principles are combined (or not) in widely-used systems. Features a distillation of a vast number of conference papers, dissertations and books that have appeared over the years, providing a valuable synthesis. This book is acclaimed for its scope, clear and lucid writing, and its combination of formal and theoretical aspects with real systems, technologies, techniques, and policies.

(NOTE: Each chapter, except chapter 29, concludes with a Summary, Research Issues, Further Reading, and Exercises.) Preface. Goals. Philosophy. Organization. Roadmap. Dependencies. Background. Undergraduate Level. Graduate Level. Practitioners. Special Acknowledgment. Acknowledgments. I. INTRODUCTION. 1. An Overview of Computer Security. The Basic Components. Confidentiality. Integrity. Availability. Threats. Policy and Mechanism. Goals of Security. Assumptions and Trust. Assurance. Specification. Design. Implementation. Operational Issues. Cost-Benefit Analysis. Risk Analysis. Laws and Customs. Human Issues. Organizational Problems. People Problems. Tying It All Together. II. FOUNDATIONS. 2. Access Control Matrix. Protection State. Access Control Matrix Model. Access Control by Boolean Expression Evaluation. Access Controlled by History. Protection State Transitions. Conditional Commands. Copying, Owning, and the Attenuation of Privilege. Copy Right. Own Right. Principle of Attenuation of Privilege. 3. Foundational Results. The General Question. Basic Results. The Take-Grant Protection Model. Sharing of Rights. Interpretation of the Model. Theft in the Take-Grant Protection Model. Conspiracy. Summary. Closing the Gap. Schematic Protection Model. Expressive Power and the Models. Brief Comparison of HRU and SPM. Extending SPM. Simulation and Expressiveness. Typed Access Matrix Model. III. POLICY. 4. Security Policies. Security Policies. Types of Security Policies. The Role of Trust. Types of Access Control. Policy Languages. High-Level Policy Languages. Low-Level Policy Languages. Example: Academic Computer Security Policy. General University Policy. Electronic Mail Policy. Security and Precision. 5. Confidentiality Policies. Goals of Confidentiality Policies. The Bell-LaPadula Model. Informal Description. Example: The Data General B2 UNIX System. Formal Model. Example Model Instantiation: Multics. Tranquility. The Controversy over the Bell-LaPadula Model. McLean's *-Property and the Basic Security Theorem. McLean's System Z and More Questions. Summary. 6. Integrity Policies. Goals. Biba Integrity Model. Low-Water-Mark Policy. Ring Policy. Biba's Model (Strict Integrity Policy). Lipner's Integrity Matrix Model. Lipner's Use of the Bell-LaPadula Model. Lipner's Full Model. Comparison with Biba. Clark-Wilson Integrity Model. The Model. Comparison with the Requirements. Comparison with Other Models. 7. Hybrid Policies. Chinese Wall Model. Informal Description. Formal Model. Bell-LaPadula and Chinese Wall Models. Clark-Wilson and Chinese Wall Models. Clinical Information Systems Security Policy. Bell-LaPadula and Clark-Wilson Models. Originator Controlled Access Control. Role-Based Access Control. 8. Noninterference and Policy Composition. The Problem. Composition of B

Forfattere:	Utgave: ukjent
Språk: Engelsk	Sidetall: 1136
ISBN: 9780201440997	Vekt: 2343 g
Forlag: Addison-Wesley	Innbinding: Innbundet
Utgitt: 2002	Veil. pris: 0 kr