Computer Security: Art and Science. Computer SecurityThe importance of computer security has increased dramatically
during the past few years. Bishop provides a monumental reference for the theory and practice
Les mer... of computer security. This is
a textbook intended for use at the advanced undergraduate and introductory graduate levels, non-University training courses,
as well as reference and self-study for security professionals. Comprehensive in scope, this covers applied and practical
elements, theory, and the reasons for the design of applications and security techniques. Bishop treats the management and
engineering issues of computer. Excellent examples of ideas and mechanisms show how disparate techniques and principles are
combined (or not) in widely-used systems. Features a distillation of a vast number of conference papers, dissertations and
books that have appeared over the years, providing a valuable synthesis. This book is acclaimed for its scope, clear and lucid
writing, and its combination of formal and theoretical aspects with real systems, technologies, techniques, and policies.
(NOTE: Each chapter, except chapter 29, concludes with a Summary, Research Issues, Further Reading, and Exercises.) Preface.
Goals. Philosophy. Organization. Roadmap. Dependencies. Background. Undergraduate Level. Graduate Level. Practitioners.
Special Acknowledgment. Acknowledgments. I. INTRODUCTION. 1. An Overview of Computer Security. The Basic Components.
Confidentiality. Integrity. Availability. Threats. Policy and Mechanism. Goals of Security. Assumptions and Trust.
Assurance. Specification. Design. Implementation. Operational Issues. Cost-Benefit Analysis. Risk Analysis. Laws and
Customs. Human Issues. Organizational Problems. People Problems. Tying It All Together. II. FOUNDATIONS. 2. Access Control
Matrix. Protection State. Access Control Matrix Model. Access Control by Boolean Expression Evaluation. Access Controlled
by History. Protection State Transitions. Conditional Commands. Copying, Owning, and the Attenuation of Privilege. Copy
Right. Own Right. Principle of Attenuation of Privilege. 3. Foundational Results. The General Question. Basic Results.
The Take-Grant Protection Model. Sharing of Rights. Interpretation of the Model. Theft in the Take-Grant Protection Model.
Conspiracy. Summary. Closing the Gap. Schematic Protection Model. Expressive Power and the Models. Brief Comparison of
HRU and SPM. Extending SPM. Simulation and Expressiveness. Typed Access Matrix Model. III. POLICY. 4. Security Policies.
Security Policies. Types of Security Policies. The Role of Trust. Types of Access Control. Policy Languages. High-Level
Policy Languages. Low-Level Policy Languages. Example: Academic Computer Security Policy. General University Policy. Electronic
Mail Policy. Security and Precision. 5. Confidentiality Policies. Goals of Confidentiality Policies. The Bell-LaPadula
Model. Informal Description. Example: The Data General B2 UNIX System. Formal Model. Example Model Instantiation: Multics.
Tranquility. The Controversy over the Bell-LaPadula Model. McLean's *-Property and the Basic Security Theorem. McLean's
System Z and More Questions. Summary. 6. Integrity Policies. Goals. Biba Integrity Model. Low-Water-Mark Policy. Ring
Policy. Biba's Model (Strict Integrity Policy). Lipner's Integrity Matrix Model. Lipner's Use of the Bell-LaPadula Model.
Lipner's Full Model. Comparison with Biba. Clark-Wilson Integrity Model. The Model. Comparison with the Requirements.
Comparison with Other Models. 7. Hybrid Policies. Chinese Wall Model. Informal Description. Formal Model. Bell-LaPadula
and Chinese Wall Models. Clark-Wilson and Chinese Wall Models. Clinical Information Systems Security Policy. Bell-LaPadula
and Clark-Wilson Models. Originator Controlled Access Control. Role-Based Access Control. 8. Noninterference and Policy
Composition. The Problem. Composition of B
Forfattere: |
Utgave: ukjent |
Språk: Engelsk |
Sidetall: 1136 |
ISBN: 9780201440997 |
Vekt: 2343 g |
Forlag: Addison-Wesley |
Innbinding: Innbundet |
Utgitt: 2002 |
Veil. pris: 0 kr |