Security in Computing, Fifth Edition

**The New State of the Art in Information Security: Now Covers Cloud Computing, the Internet of Things, and Cyberwarfare** Students and IT and security professionals have long relied on __Security in Computing__ as the definitive guide to computer security attacks and countermeasures. Now, the authors have thoroughly updated this classic to reflect today’s newest technologies, attacks, standards, and trends. __**Security in Computing, Fifth Edition,**__ offers complete, timely coverage of all aspects of computer security, including users, software, devices, operating systems, networks, and data. Reflecting rapidly evolving attacks, countermeasures, and computing environments, this new edition introduces best practices for authenticating users, preventing malicious code execution, using encryption, protecting privacy, implementing firewalls, detecting intrusions, and more. More than two hundred end-of-chapter exercises help the student to solidify lessons learned in each chapter. Combining breadth, depth, and exceptional clarity, this comprehensive guide builds carefully from simple to complex topics, so you always understand all you need to know before you move forward. You’ll start by mastering the field’s basic terms, principles, and concepts. Next, you’ll apply these basics in diverse situations and environments, learning to ”think like an attacker” and identify exploitable weaknesses. Then you will switch to defense, selecting the best available solutions and countermeasures. Finally, you’ll go beyond technology to understand crucial management issues in protecting infrastructure and data. New coverage includes * A full chapter on securing cloud environments and managing their unique risks * Extensive new coverage of security issues associated with user—web interaction * New risks and techniques for safeguarding the Internet of Things * A new primer on threats to privacy and how to guard it * An assessment of computers and cyberwarfare–recent attacks and emerging risks * Security flaws and risks associated with electronic voting systems This book offers complete coverage of all aspects of computer security, including users, software, devices, operating systems, networks, law, and ethics. Reflecting rapidly evolving attacks, countermeasures, and computing environments, it introduces up-to-the-minute best practices for authenticating users, preventing malicious code execution, using encryption, protecting privacy, implementing firewalls, detecting intrusions, and more. Cryptography is critical to computer security; it is an essential tool that students and professionals must know, appreciate and understand. But as with most tools, the user does not need to be a maker: using a screwdriver successfully is entirely separate from knowing how to forge the metal from which it is made. This edition will separate the use of cryptography from its underlying mathematical principles. It will introduce cryptography early in the book to provide a solid background on types of algorithms, appropriate uses of these different types, and advanced concepts such as digital signatures and cryptographic hash codes. It will also address how cryptography can fail. However, it will cover these topics without revealing the internals of cryptography; closer to the end of the book it will delve into the internals of specific algorithms. In this way, readers who want to know the details can study those (and can even read the later chapter early, out of the normal sequence), but it will not unnecessarily burden readers who, like most users, will never get closer to cryptography than an encrypt() function. One strength of SiC4 has been its sidebars. Readers enjoy the brief examples of real life exploits. Fortunately, the news is full of stories of security failures, and it is important to connect these actual events to the strong pedagogy of the book. ACS, which was organized around attacks of different types, include many timely incident stories that we can pull into SiC5. Cloud computing and mobile code and computing are not covered extensively in SiC4. Cloud computing appears as a six page interlude in ACS, but in the few years since ACS was written, the use of cloud computing has expanded, as well as the security ramifications. We intend to devote an entire chapter to cloud computing. Similarly, mobile code and mobile computing have grown. These topics appeared briefly in SiC4 and ACS, but we plan to expand mobile computing into its own chapter, as well. The topic progression of SiC4 largely followed its predecessor editions, back to the first edition (1988). In 1988 networking was certainly neither as important nor pervasive as it has become. Trying to defer all coverage of network topics until Chapter 7, its position in SiC4 delays important content significantly and, perhaps more importantly, makes for a long and broad network security chapter. In 1988 readers had less direct contact with a network than now, and these readers had limited experience using a network prior to reading the book. Obviously readers in 2014 come with vastly more network exposure. This exposure is an asset: Readers now can appreciate a network-delivered attack even before they study network security. SiC5 will take advantage of readers' familiarity with networks, and present attacks delivered by a network-assisted attacker based on the primary source of vulnerability -- software, operating system, protocol, user error -- and not defer these topics to the networks chapter just because a network was involved in the attack. Finally, privacy has been an important topic in the book in early editions, and its importance and coverage have grown as well. The authors will again expand the coverage of privacy, expanding on topics such as web tracking and social networking. These additions cannot come without some pruning. Previously hot topics, such as trusted operating systems and multilevel databases, are being pared down. The authors will also reconsider topics such as economics and management which, although interesting and important, appeal to a relatively small target audience. - Publisher. The Definitive Guide to Building Firewalls with Linux As the security challenges facing Linux system and network administrators have grown, the security tools and techniques available to them have improved dramatically. In Linux ® Firewalls, Fourth Edition, long-time Linux security expert Steve Suehring has revamped his definitive Linux firewall guide to cover the important advances in Linux security. An indispensable working resource for every Linux administrator concerned with security, this guide presents comprehensive coverage of both iptables and nftables. Building on the solid networking and firewalling foundation in previous editions, it also adds coverage of modern tools and techniques for detecting exploits and intrusions, and much more. Distribution neutral throughout, this edition is fully updated for today's Linux kernels, and includes current code examples and support scripts for Red Hat/Fedora, Ubuntu, and Debian implementations. If you're a Linux professional, it will help you establish an understanding of security for any Linux system, and for networks of all sizes, from home to enterprise. Inside, you'll find just what you need to Install, configure, and update a Linux firewall running either iptables or nftables Migrate to nftables, or take advantage of the latest iptables enhancements Manage complex multiple firewall configurations Create, debug, and optimize firewall rules Use Samhain and other tools to protect filesystem integrity, monitor networks, and detect intrusions Harden systems against port scanning and other attacks Uncover exploits such as rootkits and backdoors with chkrootkit This book offers complete coverage of all aspects of computer security, including users, software, devices, operating systems, networks, law, and ethics. Reflecting rapidly evolving attacks, countermeasures, and computing environments, it introduces up-to-the-minute best practices for authenticating users, preventing malicious code execution, using encryption, protecting privacy, implementing firewalls, detecting intrusions, and more. The full text downloaded to your computer With eBooks you can: search for key concepts, words and phrases make highlights and notes as you study share your notes Introduction Toolbox : authentication, access control, and cryptography Programs and programming The Web : user side Operating systems Networks Databases Cloud computing Privacy Management and incidents Legal issues and ethics Details of cryptography Emerging topics