Introduction to Information Security
Syngress Media,U.S. (Verlag)
978-1-59749-969-9 (ISBN)
Most introductory texts provide a technology-based survey of methods and techniques that leaves the reader without a clear understanding of the interrelationships between methods and techniques. By providing a strategy-based introduction, the reader is given a clear understanding of how to provide overlapping defenses for critical information. This understanding provides a basis for engineering and risk-management decisions in the defense of information.
Information security is a rapidly growing field, with a projected need for thousands of professionals within the next decade in the government sector alone. It is also a field that has changed in the last decade from a largely theory-based discipline to an experience-based discipline. This shift in the field has left several of the classic texts with a strongly dated feel.
Dr. Timothy Shimeall is an Adjunct Professor of the Heinz College of Carnegie Mellon University, with teaching and research interests focused in the area of information survivability. He is an active instructor in information security management and information warfare, and has led a variety of survivability-related independent studies. Tim is also a senior member of the technical staff with the CERT Network Situational Awareness Group of Carnegie Mellon’s Software Engineering Institute, where he is responsible for overseeing and participating in the development of analysis methods in the area of network systems security and survivability. This work includes development of methods to identify trends in security incidents and in the development of software used by computer and network intruders. Of particular interest are incidents affecting defended systems and malicious software that are effective despite common defenses. Prior to his time at Carnegie Mellon, Tim was an Associate Professor at the Naval Postgraduate School in Monterey, CA. Jonathan Spring is a member of the technical staff with the CERT Network Situational Awareness Group of the Software Engineering Institute, Carnegie Mellon University. He began working at CERT in 2009. He also serves as an adjunct professor at the University of Pittsburgh’s School of Information Sciences. His current research topics include monitoring cloud computing and DNS traffic analysis. He holds a Master’s degree in information security and a Bachelor’s degree in philosophy from the University of Pittsburgh.
1. Introduction & Definitions
2. Strategies and Security
3. Deception Strategies: Network Organization
4. Deception Strategies: Defensive technologies
5. Frustration Strategies: Footprint Minimization
6. Frustration Strategies: Formal verification
7. Resistance Strategies: Authentication & Permissions
8. Resistance Strategies: Encryption
9. Resistance Strategies: Partitioning & Need-to-Know
10. Resistance Strategies: Change management
11. Recognition Strategies: Network Analysis
12. Recognition Strategies: Intrusion Detection and Prevention
13. Recognition Strategies: Host-based recognition & Forensics
14. Recognition Strategies: Integrity detection
15. Recovery of Security
16. Summary: Certifications and Conclusions
| Zusatzinfo | 20 illustrations; Illustrations |
|---|---|
| Verlagsort | Rockland, MA |
| Sprache | englisch |
| Maße | 191 x 235 mm |
| Gewicht | 770 g |
| Themenwelt | Informatik ► Netzwerke ► Sicherheit / Firewall |
| ISBN-10 | 1-59749-969-2 / 1597499692 |
| ISBN-13 | 978-1-59749-969-9 / 9781597499699 |
| Zustand | Neuware |
| Haben Sie eine Frage zum Produkt? |
aus dem Bereich
