Computer Security Basics, 2nd Edition

Computer Security: Art and Science

I: Security for Today
Chapter 1. Introduction
 Section 1.1. The New Insecurity
 Section 1.2. What Is Computer Security?
 Section 1.3. Threats to Security
 Section 1.4. Why Buy Security?
 Section 1.5. What's a User to Do?
 Section 1.6. Summary
Chapter 2. Some Security History
 Section 2.1. Information and Its Controls
 Section 2.2. Computer Security: Then and Now
 Section 2.3. Early Computer Security Efforts
 Section 2.4. Building Toward Standardization
 Section 2.5. Computer Security Mandates and Legislation
 Section 2.6. Summary

II: Computer Security
Chapter 3. Computer System Security and Access Controls
 Section 3.1. What Makes a System Secure?
 Section 3.2. System Access: Logging into Your System
 Section 3.3. Summary
Chapter 4. Viruses and Other Wildlife
 Section 4.1. Financial Effects of Malicious Programs
 Section 4.2. Viruses and Public Health
 Section 4.3. Viruses, Worms, and Trojans (Oh, My!)
 Section 4.4. Who Writes Viruses?
 Section 4.5. Remedies
 Section 4.6. The Virus Hype
 Section 4.7. An Ounce of Prevention
 Section 4.8. Summary
Chapter 5. Establishing and Maintaining a Security Policy
 Section 5.1. Administrative Security
 Section 5.2. Overall Planning and Administration
 Section 5.3. Day-to-Day Administration
 Section 5.4. Separation of Duties
 Section 5.5. Summary
Chapter 6. Web Attacks and Internet Vulnerabilities
 Section 6.1. About the Internet
 Section 6.2. What Are the Network Protocols?
 Section 6.3. The Fragile Web
 Section 6.4. Summary

III: Communications Security
Chapter 7. Encryption
 Section 7.1. Some History
 Section 7.2. What Is Encryption?
 Section 7.3. The Data Encryption Standard
 Section 7.4. Other Cryptographic Algorithms
 Section 7.5. Message Authentication
 Section 7.6. Government Cryptographic Programs
 Section 7.7. Cryptographic Export Restrictions
 Section 7.8. Summary
Chapter 8. Communications and Network Security
 Section 8.1. What Makes Communication Secure?
 Section 8.2. Modems
 Section 8.3. Networks
 Section 8.4. Network Security
 Section 8.5. Summary

IV: Other Types of Security
Chapter 9. Physical Security and Biometrics
 Section 9.1. Physical Security
 Section 9.2. Locks and Keys: Old and New
 Section 9.3. Biometrics
 Section 9.4. Gentle Reminder
 Section 9.5. Summary
Chapter 10. Wireless Network Security
 Section 10.1. How We Got Here
 Section 10.2. Today's Wireless Infrastructure
 Section 10.3. How Wireless Works
 Section 10.4. Playing the Fields
 Section 10.5. What Is This dB Stuff?
 Section 10.6. Why Does All This Matter?
 Section 10.7. Encouraging Diversity
 Section 10.8. Physical Layer Wireless Attacks
 Section 10.9. Summary

V: Appendixes OSI Model TEMPEST
 Section B.1. The Problem of Emanations
 Section B.2. The TEMPEST Program
 Section B.3. TEMPEST Standards
 Section B.4. Hard As You Try The Orange Book, FIPS PUBS, and the Common Criteria
 Section C.1. About the Orange Book
 Section C.2. Rating by the Book
 Section C.3. Summary of Orange Book Classes
 Section C.4. FIPS by the Numbers
 Section C.5. I Don't Want You Smelling My Fish Bibliography

This book is about computer securitywhat it is, where it came from, where it's going, and why we should care about it. It introduces the many different areas of security in clear and simple terms: access controls, worms and viruses, cryptography, firewalls, network and web security, biometric devices, and more. If you're at all interested in computer security or if computer security is a part of your job (whether you want it to be or not!), you should find this book useful. I've tried to give you the big picture and quite a few helpful details.

This book is not a technical reference. I've tried to pull together the basics about many different areas of computer security and put that information together comprehensively. If you need particularly technical information about a specific area of computer security (for example, making your specific system or operating system more secure, securing your web site, or configuring a router