Computer security and the internet : tools and jewels

Computer security and the internet : tools and jewels / Paul C. van Oorschot.

This book provides a concise yet comprehensive overview of computer and Internet security, suitable for a one-term introductory course for junior/senior undergrad or first-year graduate students. It is also suitable for self-study by anyone seeking a solid footing in security - including software de...

Full description

Saved in:
Bibliographic Details
Main Author: Van Oorschot, Paul C.
Format: eBook
Language:English
Published: Cham : Springer, 2020.
Series:Information security and cryptography.
Subjects:
Computer security.
Internet > Security measures.
Computer security
Internet > Security measures
Seguretat informàtica.
Ordinadors > Disseny i funcionament.
Online Access:Click for online access

MARC

LEADER 00000cam a2200000 a 4500
001 on1150183669
003 OCoLC
005 20240623213015.0
006 m o d
007 cr un|---aucuu
008 200411s2020 sz o 001 0 eng d
040 |a EBLCP  |b eng  |e pn  |c EBLCP  |d GW5XE  |d EBLCP  |d LQU  |d YDX  |d OCLCF  |d DKU  |d UKAHL  |d VT2  |d DCT  |d N$T  |d OCLCO  |d SFB  |d OCLCO  |d OCLCQ  |d OCLCO  |d OCLCQ  |d AUD  |d OCLCQ  |d OCLCO  |d OCLCQ  |d OCLCL 
019 |a 1152537342  |a 1153073638  |a 1153160738  |a 1153946476  |a 1154468582  |a 1155213265  |a 1162707214  |a 1163620679  |a 1164677761  |a 1175706661  |a 1181901764  |a 1182534653  |a 1183411557  |a 1184036967  |a 1203980626 
020 |a 9783030336493  |q (electronic bk.) 
020 |a 3030336492  |q (electronic bk.) 
020 |a 9783030336509  |q (print) 
020 |a 3030336506 
020 |z 9783030336486 
020 |z 3030336484 
024 7 |a 10.1007/978-3-030-33649-3  |2 doi 
024 8 |a 10.1007/978-3-030-33 
035 |a (OCoLC)1150183669  |z (OCoLC)1152537342  |z (OCoLC)1153073638  |z (OCoLC)1153160738  |z (OCoLC)1153946476  |z (OCoLC)1154468582  |z (OCoLC)1155213265  |z (OCoLC)1162707214  |z (OCoLC)1163620679  |z (OCoLC)1164677761  |z (OCoLC)1175706661  |z (OCoLC)1181901764  |z (OCoLC)1182534653  |z (OCoLC)1183411557  |z (OCoLC)1184036967  |z (OCoLC)1203980626 
037 |b Springer 
050 4 |a QA76.9.A25 
072 7 |a UR  |2 bicssc 
072 7 |a COM053000  |2 bisacsh 
072 7 |a UR  |2 thema 
072 7 |a UTN  |2 thema 
049 |a HCDD 
100 1 |a Van Oorschot, Paul C. 
245 1 0 |a Computer security and the internet :  |b tools and jewels /  |c Paul C. van Oorschot. 
260 |a Cham :  |b Springer,  |c 2020. 
300 |a 1 online resource (381 pages) 
336 |a text  |b txt  |2 rdacontent 
337 |a computer  |b c  |2 rdamedia 
338 |a online resource  |b cr  |2 rdacarrier 
347 |a text file 
347 |b PDF 
490 1 |a Information Security and Cryptography Ser. 
588 0 |a Print version record. 
505 0 |a Intro -- Contents in Brief -- Table of Contents -- Foreword -- Preface -- Why this book, approach and target audience -- Selection of topics -- Framework and systematization -- Length, prioritization and optional sections -- Order of chapters, and relationships between them -- Cryptography vs. security course -- Helpful background -- Trendy topics vs. foundational concepts -- Acknowledgements -- Typesetting Conventions -- Chapter 1: Basic Concepts and Principles -- 1.1 Fundamental goals of computer security -- 1.2 Computer security policies and attacks 
505 8 |a 1.3 Risk, risk assessment, and modeling expected losses -- 1.4 Adversary modeling and security analysis -- 1.5 Threat modeling: diagrams, trees, lists and STRIDE -- 1.5.1 Diagram-driven threat modeling -- 1.5.2 Attack trees for threat modeling -- 1.5.3 Other threat modeling approaches: checklists and STRIDE -- 1.6 Model-reality gaps and real-world outcomes -- 1.6.1 Threat modeling and model-reality gaps -- 1.6.2 Tying security policy back to real outcomes and security analysis -- 1.7! esign principles for computer security -- 1.8! hy computer security is hard 
505 8 |a 1.9! nd notes and further reading -- References -- Chapter 2: Cryptographic Building Blocks -- 2.1 Encryption and decryption (generic concepts) -- 2.2 Symmetric-key encryption and decryption -- 2.3 Public-key encryption and decryption -- 2.4 Digital signatures and verification using public keys -- 2.5 Cryptographic hash functions -- 2.6 Message authentication (data origin authentication) -- 2.7! uthenticated encryption and further modes of operation -- 2.8! ertificates, elliptic curves, and equivalent keylengths -- 2.9! nd notes and further reading -- References 
505 8 |a Chapter 3: User Authentication-Passwords, Biometrics and Alternatives -- 3.1 Password authentication -- 3.2 Password-guessing strategies and defenses -- 3.3 Account recovery and secret questions -- 3.4 One-time password generators and hardware tokens -- 3.5 Biometric authentication -- 3.6! assword managers and graphical passwords -- 3.7! APTCHAs (humans-in-the-loop) vs. automated attacks -- 3.8! ntropy, passwords, and partial-guessing metrics -- 3.9! nd notes and further reading -- References -- Chapter 4: Authentication Protocols and Key Establishment 
505 8 |a 4.1 Entity authentication and key establishment (context) -- 4.2 Authentication protocols: concepts and mistakes -- 4.3 Establishing shared keys by public agreement (DH) -- 4.4 Key authentication properties and goals -- 4.5 Password-authenticated key exchange: EKE and SPEKE -- 4.6! eak secrets and forward search in authentication -- 4.7! ingle sign-on (SSO) and federated identity systems -- 4.8! yclic groups and subgroup attacks on Diffie-Hellman -- 4.9! nd notes and further reading -- References -- Chapter 5: Operating System Security and Access Control 
500 |a 5.1 Memory protection, supervisor mode, and accountability 
500 |a Includes index. 
520 |a This book provides a concise yet comprehensive overview of computer and Internet security, suitable for a one-term introductory course for junior/senior undergrad or first-year graduate students. It is also suitable for self-study by anyone seeking a solid footing in security - including software developers and computing professionals, technical managers and government staff. An overriding focus is on brevity, without sacrificing breadth of core topics or technical detail within them. The aim is to enable a broad understanding in roughly 350 pages. Further prioritization is supported by designating as optional selected content within this. Fundamental academic concepts are reinforced by specifics and examples, and related to applied problems and real-world incidents. The first chapter provides a gentle overview and 20 design principles for security. The ten chapters that follow provide a framework for understanding computer and Internet security. They regularly refer back to the principles, with supporting examples. These principles are the conceptual counterparts of security-related error patterns that have been recurring in software and system designs for over 50 years. The book is "elementary" in that it assumes no background in security, but unlike "soft" high-level texts it does not avoid low-level details, instead it selectively dives into fine points for exemplary topics to concretely illustrate concepts and principles. The book is rigorous in the sense of being technically sound, but avoids both mathematical proofs and lengthy source-code examples that typically make books inaccessible to general audiences. Knowledge of elementary operating system and networking concepts is helpful, but review sections summarize the essential background. For graduate students, inline exercises and supplemental references provided in per-chapter endnotes provide a bridge to further topics and a springboard to the research literature; for those in industry and govern ment, pointers are provided to helpful surveys and relevant standards, e.g., documents from the Internet Engineering Task Force (IETF), and the U.S. National Institute of Standards and Technology 
650 0 |a Computer security. 
650 0 |a Internet  |x Security measures. 
650 7 |a Computer security  |2 fast 
650 7 |a Internet  |x Security measures  |2 fast 
650 7 |a Seguretat informàtica.  |2 lemac 
650 7 |a Ordinadors  |x Disseny i funcionament.  |2 lemac 
758 |i has work:  |a Computer security and the internet (Text)  |1 https://id.oclc.org/worldcat/entity/E39PCFXk3cWXJTpT8KJyc7qcGd  |4 https://id.oclc.org/worldcat/ontology/hasWork 
776 0 8 |i Print version:  |a Van Oorschot, Paul C.  |t Computer Security and the Internet : Tools and Jewels.  |d Cham : Springer International Publishing AG, ©2020  |z 9783030336486 
830 0 |a Information security and cryptography. 
856 4 0 |u https://holycross.idm.oclc.org/login?auth=cas&url=https://link.springer.com/10.1007/978-3-030-33649-3  |y Click for online access 
903 |a SPRING-COMP2020 
994 |a 92  |b HCD 

Similar Items