Security in Computing, 6th edition

Published by Addison-Wesley Professional (November 30, 2023) © 2024

  • Lizzie Coles-Kemp
  • Charles Pfleeger
  • Shari Lawrence Pfleeger
Products list
per month
-month term, pay monthly or pay
Buy nowOpens in a new tab
Instant access

eTextbook features

  • Instant access to eTextbook
  • Search, highlight, and notes
  • Create flashcards
Products list
$96.00

Price Reduced From: $120.00

  • A print text (hardcover or paperback)
Products list
$120.00
Coming soon

Access Details

  • Access courses online from any computer (PC or Mac) or tablet (Android or iOS)
  • Native app available for mobile use; use online, or download and work offline; data syncs automatically 
  • Purchase print or digital codes from your college bookstore, or printed access code cards here

Features

  • Interactive learning elements throughout, including exercises, quizzes, flashcards, and video tutorials

The New State of the Art in Information Security: From Cloud to Crypto, AI-Driven Security to Post-Quantum Computing

Now extensively updated throughout, Security in Computing, Sixth Edition, is today's one-stop, primary text for everyone teaching, learning, and practicing information cybersecurity. It defines core principles associated with modern security policies, processes, and protection; illustrates them with up-to-date sidebars and examples; and shows how to apply them in practice. Modular and flexibly organized, it supports a wide array of courses, strengthens professionals' knowledge of foundational principles; and imparts a more expansive understanding of modern security.

This edition adds or expands coverage of artificial intelligence and machine learning tools; app and browser security; security by design; securing cloud, IoT, and embedded systems; privacy-enhancing technologies; protecting vulnerable individuals and groups; strengthening security culture; cryptocurrencies and blockchain; offensive cyberwarfare; post-quantum computing; and more. It contains many new diagrams, exercises, sidebars, and examples, and is mapped to two leading frameworks: the US NIST National Initiative for Cybersecurity Education (NICE) and the UK Cyber Body of Knowledge (CyBOK).

  • Core security concepts: Assets, threats, vulnerabilities, controls, confidentiality, integrity, availability, attackers, and attack types
  • The security practitioner's toolbox: Identification, authentication, access control, and encryption
  • Areas of practice: Securing programs, user–internet interaction, operating systems, networks, data, databases, and cloud computing
  • Cross-cutting disciplines: Privacy, management, law, and ethics
  • Using cryptography: Solve real problems, and explore its formal and mathematical underpinnings
  • Emerging topics and risks: AI and adaptive cybersecurity, blockchains and cryptocurrencies, computer-assisted offensive warfare, and quantum computing

Foreword xix
Preface xxv
Acknowledgments xxxi
About the Authors xxxiii

Chapter 1: Introduction 1
1.1 What Is Computer Security? 3
1.2 Threats 6
1.3 Harm 24
1.4 Vulnerabilities 30
1.5 Controls 30
1.6 Conclusion 33
1.7 What's Next? 34
1.8 Exercises 36

Chapter 2: Toolbox: Authentication, Access Control, and Cryptography 38
2.1 Authentication 40
2.2 Access Control 78
2.3 Cryptography 93
2.4 Conclusion 137
2.5 Exercises 138

Chapter 3: Programs and Programming 141
3.1 Unintentional (Nonmalicious) Programming Oversights 143
3.2 Malicious Code--Malware 178
3.3 Countermeasures 211
3.4 Conclusion 245
3.5 Exercises 245

Chapter 4: The Internet--User Side 248
4.1 Browser Attacks 251
4.2 Attacks Targeting Users 265
4.3 Obtaining User or Website Data 280
4.4 Mobile Apps 289
4.5 Email and Message Attacks 310
4.6 Conclusion 320
4.7 Exercises 321

Chapter 5: Operating Systems 323
5.1 Security in Operating Systems 323
5.2 Security in the Design of Operating Systems 351
5.3 Rootkits 371
5.4 Conclusion 382
5.5 Exercises 382

Chapter 6: Networks 385
6.1 Network Concepts 386
Part I--War on Networks: Network Security Attacks 399
6.2 Threats to Network Communications 400
6.3 Wireless Network Security 421
6.4 Denial of Service 443
6.5 Distributed Denial of Service 468
Part II--Strategic Defenses: Security Countermeasures 479
6.6 Cryptography in Network Security 479
6.7 Firewalls 497
6.8 Intrusion Detection and Prevention Systems 522
6.9 Network Management 536
6.10 Conclusion 545
6.11 Exercises 545

Chapter 7: Data and Databases 549
7.1 Introduction to Databases 550
7.2 Security Requirements of Databases 555
7.3 Reliability and Integrity 561
7.4 Database Disclosure 566
7.5 Data Mining and Big Data 585
7.6 Conclusion 599
7.7 Exercises 599

Chapter 8: New Territory 601
8.1 Introduction 601
8.2 Cloud Architectures and Their Security 605
8.3 IoT and Embedded Devices 627
8.4 Cloud, IoT, and Embedded Devices--The Smart Home 638
8.5 Smart Cities, IoT, Embedded Devices, and Cloud 643
8.6 Cloud, IoT, and Critical Services 648
8.7 Conclusion 657
8.8 Exercises 658

Chapter 9: Privacy 659
9.1 Privacy Concepts 660
9.2 Privacy Principles and Policies 671
9.3 Authentication and Privacy 688
9.4 Data Mining 694
9.5 Privacy on the Internet 698
9.6 Email and Message Security 713
9.7 Privacy Impacts of Newer Technologies 717
9.8 Conclusion 724
9.9 Exercises 725

Chapter 10: Management and Incidents 727
10.1 Security Planning 727
10.2 Business Continuity Planning 738
10.3 Handling Incidents 742
10.4 Risk Analysis 749
10.5 Physical Threats to Systems 767
10.6 New Frontiers in Security Management 776
10.7 Conclusion 778
10.8 Exercises 779

Chapter 11: Legal Issues and Ethics 781
11.1 Protecting Programs and Data 783
11.2 Information and the Law 800
11.3 Rights of Employees and Employers 805
11.4 Redress for Software Failures 808
11.5 Computer Crime 814
11.6 Ethical Issues in Computer Security 822
11.7 An Ethical Dive into Artificial Intelligence 828
11.8 Incident Analyses with Ethics 830
11.9 Conclusion 846
11.10 Exercises 847

Chapter 12: Details of Cryptography 850
12.1 Cryptology 851
12.2 Symmetric Encryption Algorithms 863
12.3 Asymmetric Encryption 877
12.4 Message Digests 883
12.5 Digital Signatures 888
12.6 Quantum Key Distribution 889
12.7 Conclusion 894

Chapter 13: Emerging Topics 895
13.1 AI and Cybersecurity 896
13.2 Blockchains and Cryptocurrencies 908
13.3 Offensive Cyber and Cyberwarfare 924
13.4 Quantum Computing and Computer Security 936
13.5 Conclusion 937

Bibliography 939
Index 963

Need help? Get in touch