Security in Computing, 4th Edition (Hardcover)

by Charles P. Pfleeger (Author), Shari Lawrence Pfleeger (Author)

Editorial Reviews

Product Description
The New State-of-the-Art in Information Security: Now Covers the Economics of Cyber Security and the Intersection of Privacy and Information Security

For years, IT and security professionals and students have turned to Security in Computing as the definitive guide to information about computer security attacks and countermeasures. In their new fourth edition, Charles P. Pfleeger and Shari Lawrence Pfleeger have thoroughly updated their classic guide to reflect today's newest technologies, standards, and trends.

The authors first introduce the core concepts and vocabulary of computer security, including attacks and controls. Next, the authors systematically identify and assess threats now facing programs, operating systems, database systems, and networks. For each threat, they offer best-practice responses.

Security in Computing, Fourth Edition, goes beyond technology, covering crucial management issues faced in protecting infrastructure and information. This edition contains an all-new chapter on the economics of cybersecurity, explaining ways to make a business case for security investments. Another new chapter addresses privacy--from data mining and identity theft, to RFID and e-voting.

New coverage also includes

• Programming mistakes that compromise security: man-in-the-middle, timing, and privilege escalation attacks
• Web application threats and vulnerabilities
• Networks of compromised systems: bots, botnets, and drones
• Rootkits--including the notorious Sony XCP
• Wi-Fi network security challenges, standards, and techniques
• New malicious code attacks, including false interfaces and keystroke loggers
• Improving code quality: software engineering, testing, and liability approaches
• Biometric authentication: capabilities and limitations
• Using the Advanced Encryption System (AES) more effectively
• Balancing dissemination with piracy control in music and other digital content
• Countering new cryptanalytic attacks against RSA, DES, and SHA
• Responding to the emergence of organized attacker groups pursuing profit

From the Publisher
A sweeping revision of the classic computer security text. This book provides end-to-end, detailed coverage of the state of the art in all aspects of computer security. Starting with a clear, in-depth review of cryptography, it also covers specific options for securing software and data against malicious code and intruders; the special challenges of securing networks and distributed systems; firewalls; ways to administer security on personal computers and UNIX systems; analyzing security risks and benefits; and the legal and ethical issues surrounding computer security. --This text refers to the Hardcover edition.

See all Editorial Reviews

Product Details

• Hardcover: 880 pages
• Publisher: Prentice Hall PTR; 4th edition (October 23, 2006)
• Language: English
• ISBN-10: 0132390779
• ISBN-13: 978-0132390774
• Product Dimensions: 9.4 x 7.1 x 1.9 inches
• Shipping Weight: 1.9 pounds (View shipping rates and policies)
• Average Customer Review: 3.6 out of 5 stars See all reviews (24 customer reviews)
• Amazon.com Sales Rank: #180,785 in Books (See Bestsellers in Books)

Customer Reviews

Most Helpful Customer Reviews

10 of 11 people found the following review helpful:

5.0 out of 5 stars Best textbook on the market, January 6, 2003

By	K. Tracy (Chicago, IL United States) - See all my reviews (REAL NAME)

This review is from: Security in Computing (3rd Edition) (Hardcover)

This book is still the best textbook on the market. Having reviewed (officially) many of the new competitors to this book, this book is still the best at providing an excellent overview to computing security, especially for computer scientists. While I agree with another reviewer that "Hacking Exposed" is another good book, it is not a textbook and does not provide the theoretical underpinnings that this book does. The old edition (2nd) was getting dated and I was glad to see most of the material that needed updating was. In particular, the networking section was updated and sufficient for my course in computer security. Other books tend to provide a more short-term view of security, than a textbook with solid concepts. This series of editions has done a lot to create a science of security, rather than just a collection of techniques.

7 of 7 people found the following review helpful:

5.0 out of 5 stars An outstanding text and reference in the INFOSEC Field, May 5, 2003

By	J Holleran (Maryland USA) - See all my reviews

This review is from: Security in Computing (3rd Edition) (Hardcover)

In 1989, I read the first edition of "Security in Computing" which was one of the best books in the information security field. Fourteen years later, I find the 2003 third edition even better. This is my primary textbook in a graduate course I teach. I also recommend this text to commercial students who are in my CISSP Common Body of Knowledge seminars. What I like best about this book is the index and the bibliography. Personally, I use this text as a reference to remind myself of the concise descriptions of some difficult security issues or protocols. I also recommend this book for managers to develop insights for interviewing potential candidates. The book, just like the field, is very broad and can assist you in understanding the big picture view in information security. It can help you focus on requirements in the development of a secure computing environment and develop some metrics as you define your security architecture. Having spent several decades in the information security field, I find this to be an excellent book for the classroom as well as the reference shelf of information security practitioner and manager in an enterprise environment.

J Holleran, CISSP
Retired Technical Director
National Computer Security Center

9 of 10 people found the following review helpful:

5.0 out of 5 stars An excellent text book and reference, May 29, 2003

By	Richard Steinberger (Palo Alto, CA USA) - See all my reviews (REAL NAME)

This review is from: Security in Computing (3rd Edition) (Hardcover)

Security in Computing (Third Edition) can serve as an upper division undergraduate or graduate level text book. But if you're not a student, and more pragmatic than theoretical, don't let that scare you off. Each chapter is clearly written, well organized, contains a summary, list of terms used, and a brief "To Learn More" section. The book is very up to date: It includes reasonably detailed discussions on the inner workings of AES and even an introduction to quantum cryptography. All the "old standards" are covered as well, including firewalls, viruses and malware, CIA, database security, policy development, network security, trusted operating systems, security law, cryptography and more.

All in all, this is the best general purpose computer security book available. It belongs on the bookshelf of every practicing professional. But you won't want to leave it there - take it down when you need to work in an unfamiliar area. It will help bring you up to speed and point you towards more specialized resources.

Minor caution: This is not a book for security beginners, and it helps to have some background in computer architecture, networks, databases and/or administration. But if you've got that, you won't find a better book. And if you don't this book provides enough ground work for quick studies to understand new security material.