Computer Security by Dieter Gollmann

By Dieter Gollmann

A thoroughly updated source on desktop security

Assuming no earlier adventure within the box of computing device defense, this must-have publication walks you thru the numerous crucial features of this enormous subject, from the most recent advances in software program and expertise to the newest info on internet functions safeguard. This new version comprises sections on home windows NT, CORBA, and Java and discusses cross-site scripting and JavaScript hacking in addition to SQL injection. Serving as a worthwhile creation, this self-study consultant is an excellent place to begin for analyzing the diversity of competing safety structures and what makes them diverse from one another.

  • Unravels the advanced subject of desktop protection and breaks it down in the sort of manner as to function a fantastic creation for newbies within the box of computing device security
  • Examines the rules of computing device safeguard and its uncomplicated principles
  • Addresses username and password, password security, unmarried sign-on, and more
  • Discusses working process integrity, security measures, and memory
  • Covers Unix defense, home windows safeguard, database defense, community safeguard, net defense, and software program security

Packed with in-depth insurance, this source spares no information by way of the serious subject of computing device security.

Show description

Read Online or Download Computer Security PDF

Similar security & encryption books

Black Hat Physical Device Security: Exploiting Hardware and Software

Black Hat, Inc. is the leading, around the world supplier of protection education, consulting, and meetings. during this publication the Black Hat specialists express readers the categories of assaults that may be performed to actual units reminiscent of movement detectors, video tracking and closed circuit structures, authentication platforms, thumbprint and voice print units, retina scans, and extra.

Handbook of Research on Secure Multimedia Distribution

New applied sciences and ideas are always being built inside of multimedia distribution. In such an ever-evolving surroundings, academidans, researchers, and pros of this self-discipline desire entry to the most up-tp-date information regarding the ideas, concerns, tendencies, and applied sciences during this rising box.

RFID+ Study Guide and Practice Exams

Content material: Acknowledgments, web page vAuthor, web page viiTechnical Editor, web page viiAuthor's Acknowledgments, web page viiiForeword, Pages xvii-xxviChapter 1 - RFID+ Physics, Math, and RFID: brain the space, Pages 1-20Chapter 2 - RFID+ The Physics of RFID, Pages 21-53Chapter three - RFID+ operating with RFID Tags, Pages 55-84Chapter four - RFID+ operating with Interrogation Zones, Pages 85-111Chapter five - RFID+ operating with laws and criteria, Pages 113-134Chapter 6 - RFID+ making a choice on the RFID approach layout, Pages 135-166Chapter 7 - RFID+ acting website research, Pages 167-187Chapter eight - RFID+ appearing install, Pages 189-217Chapter nine - RFID+ operating with RFID Peripherals, Pages 219-246Chapter 10 - RFID+ tracking and Troubleshooting RFID structures, Pages 247-270Glossary, Pages 271-279Appendix A - solutions to bankruptcy Self exams, Pages 281-293Appendix B - ultimate examination, Pages 295-316Bibliography and assets, web page 317Index, Pages 319-326

Additional info for Computer Security

Example text

Cover the basics of risk and threat analysis. 1 A T T A C K S A N D A T T A C K E R S When credit card payments over the Internet were first considered, it was thought essential that the traffic between customer and merchant should be protected. After all, the basic Internet protocols offer no confidentiality so parties located between customer and merchant could capture card numbers and use them later for fraudulent purchases. SSL was developed by Netscape to deal with this very problem in the mid 1990s.

The nodes in the tree are subgoals that must be achieved for the attack to succeed. Subgoals can be broken into further subgoals. There are AND nodes and OR nodes. To reach an AND node, all subgoals have to be achieved. To reach an OR node, it is enough if one subgoal is achieved. 3 gives a basic attack tree for the attack ‘get password’. A password can be obtained by guessing, or by tricking an operator to reveal it, or by spying on the user. Guessing could be on-line or off-line. For off-line guessing, the attacker needs the encrypted password and has to perform a dictionary attack.

Reproducibility – attacks that are easy to reproduce are more likely to be launched from the environment than attacks that only work in specific circumstances. • Exploitability – captures the effort, expertise, and resources required to launch an attack. 25 26 2 MANAGING SECURITY • Affected users – the number of assets affected contributes to the damage potential. • Discoverability – will the attack be detected? In the most damaging case, you will never know that your system has been compromised.

Download PDF sample

Rated 4.77 of 5 – based on 48 votes