Today, everyone recognizes the importance of safeguarding computer systems and networks from vulnerability, attack, and compromise. But computer security is neither an easy art nor a simple science: its methodologies and technologies require rigorous study, and a deep grounding in principles that can be applied even as technologies change. Moreover, practitioners must understand how to align concepts with real policies, and then actually implement those policies -- managing inevitable tradeoffs such as “How secure do our devices really need to be, and how much inconvenience can we accept?” In his extensively updated Computer Security: Art and Science, 2nd Edition, University of California at Davis Computer Security Laboratory co-director Matt Bishop offers a clear, rigorous, and thorough introduction to the entire modern field of computer security. Bishop covers access control; security, confidentiality, integrity, availability, and hybrid policies; policy composition; cryptography; authentication; identity management; information flow; assurance; formal methods; system evaluation; vulnerability analysis; auditing; intrusion detection, and many other topics. This edition adds four new chapters, including a brand-new chapter-length case study on the high-profile issue of electronic voting. Through this case study, Bishop demonstrates how principles, policies, procedures, and technology come together in a crucial real-world application.
Author: Matt Bishop