Information Security : Principles and Practice [Hardcover]

Mark Stamp (Author)

Book Description

ISBN-10: 0471738484 | ISBN-13: 978-0471738480 | Publication Date: October 28, 2005 | Edition: 1

Your expert guide to information security

As businesses and consumers become more dependent on complex multinational information systems, the need to understand and devise sound information security systems has never been greater. This title takes a practical approach to information security by focusing on real-world examples. While not sidestepping the theory, the emphasis is on developing the skills and knowledge that security and information technology students and professionals need to face their challenges. The book is organized around four major themes:
* Cryptography: classic cryptosystems, symmetric key cryptography, public key cryptography, hash functions, random numbers, information hiding, and cryptanalysis
* Access control: authentication and authorization, password-based security, ACLs and capabilities, multilevel and multilateral security, covert channels and inference control, BLP and Biba's models, firewalls, and intrusion detection systems
* Protocols: simple authentication protocols, session keys, perfect forward secrecy, timestamps, SSL, IPSec, Kerberos, and GSM
* Software: flaws and malware, buffer overflows, viruses and worms, software reverse engineering, digital rights management, secure software development, and operating systems security

Additional features include numerous figures and tables to illustrate and clarify complex topics, as well as problems-ranging from basic to challenging-to help readers apply their newly developed skills. A solutions manual and a set of classroom-tested PowerPoint(r) slides will assist instructors in their course development. Students and professors in information technology, computer science, and engineering, and professionals working in the field will find this reference most useful to solve their information security issues.

An Instructor's Manual presenting detailed solutions to all the problems in the book is available from the Wiley editorial department.

An Instructor Support FTP site is also available.

Editorial Reviews

Review

"…presents information security concepts and practices insightfully in an easily comprehensible style…Although primarily intended as a college course resource, this book will appeal also to many security professionals. Highly recommended." (CHOICE, April 2006)

"The book is well suited for beginners, and contains enough introductory material on a variety of topics." (Computing Reviews.com, January 9, 2006)

From the Back Cover

Your expert guide to information security

As businesses and consumers become more dependent on complex multinational information systems, the need to understand and devise sound information security systems has never been greater. This title takes a practical approach to information security by focusing on real-world examples. While not sidestepping the theory, the emphasis is on developing the skills and knowledge that security and information technology students and professionals need to face their challenges. The book is organized around four major themes:

• Cryptography: classic cryptosystems, symmetric key cryptography, public key cryptography, hash functions, random numbers, information hiding, and cryptanalysis
• Access control: authentication and authorization, password-based security, ACLs and capabilities, multilevel and multilateral security, covert channels and inference control, BLP and Biba's models, firewalls, and intrusion detection systems
• Protocols: simple authentication protocols, session keys, perfect forward secrecy, timestamps, SSL, IPSec, Kerberos, and GSM
• Software: flaws and malware, buffer overflows, viruses and worms, software reverse engineering, digital rights management, secure software development, and operating systems security

Additional features include numerous figures and tables to illustrate and clarify complex topics, as well as problems—ranging from basic to challenging—to help readers apply their newly developed skills. A solutions manual and a set of classroom-tested PowerPoint® slides will assist instructors in their course development. Students and professors in information technology, computer science, and engineering, and professionals working in the field will find this reference most useful to solve their information security issues.

See all Editorial Reviews

Product Details

• Hardcover: 416 pages
• Publisher: Wiley-Interscience; 1 edition (October 28, 2005)
• Language: English
• ISBN-10: 0471738484
• ISBN-13: 978-0471738480
• Product Dimensions: 9.3 x 6.3 x 1 inches
• Shipping Weight: 1.5 pounds (View shipping rates and policies)
• Average Customer Review: 4.6 out of 5 stars  See all reviews (12 customer reviews)
• Amazon Best Sellers Rank: #805,140 in Books (See Top 100 in Books)

More About the Author

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

Most Helpful Customer Reviews

6 of 7 people found the following review helpful:

5.0 out of 5 stars Excellent coverage and clarity, November 3, 2005

By 

David Blockus - See all my reviews
(REAL NAME)   

This review is from: Information Security : Principles and Practice (Hardcover)

This text is an excellent introduction to the popular, important subjects of computer and network security, and is the best such text that I have yet seen. Professor Stamp offers clarity of presentation and a fluid, conversational style. There is an nice balance between comprehensive coverage and detailed analysis. Overall, I really like the structural organization, selection of topics, breadth of coverage, and level of difficulty. No special prerequisites are required to comprehend the basic ideas. However, readers with technical backgrounds will find a lot of material to challenge them. There are an abundance of illustrative figures, nice examples within the body of the text, and a wealth of good problems at the end of each chapter. The author provides excellent references for further study. Appendices delve into details concerning mathematical underpinnings and networking details.

The book is divided into four main parts: cryptography, access control, protocols, and software. The cryptography section introduces fascinating historical vignettes, then explores details of modern block and stream ciphers. The author includes an excellent chapter on cryptanalysis. He provides specific examples, using mathematics and Boolean logic. The access control section explains issues of policy and implementation, regarding authentication and authorization. The protocols section discusses specific mechanisms for secure exchange of confidential information. The final section describes management of software flaws and related security issues.

5 of 6 people found the following review helpful:

5.0 out of 5 stars Excellent security text, January 1, 2006

By 

Daniel Yerelian (California USA) - See all my reviews
(REAL NAME)   

This review is from: Information Security : Principles and Practice (Hardcover)

Dr. Stamp touches many of the widely used and implemented security algorithms and techniques in today's industry. His clear and concise diagrams, examples, and thought provoking questions allow the reader to get a clear overview of the workings (positive and negative) of security technology. Mark Stamp has gathered all relevant information from a wide range of sources to produce an essential guide for information security. totally sweet

2 of 2 people found the following review helpful:

5.0 out of 5 stars Better than most text boks., November 14, 2010

By 

R. Sweet "RS" (Seattle, NY) - See all my reviews
(REAL NAME)   

Amazon Verified Purchase

This review is from: Information Security : Principles and Practice (Hardcover)

I needed this book for a class on E-commerce and Computer security. It's actually pretty decent. I feel like the majority of my text books required for classes are useless, but this one is good. I actually was able to learn from reading it.