Information Security : Principles and Practice

Information Security : Principles and Practice
| 2005-10-26 00:00:00 | | 0 | Information Security


Your expert guide to information security

As businesses and consumers become more dependent on complex multinational information systems, the need to understand and devise sound information security systems has never been greater. This title takes a practical approach to information security by focusing on real-world examples. While not sidestepping the theory, the emphasis is on developing the skills and knowledge that security and information technology students and professionals need to face their challenges. The book is organized around four major themes:
* Cryptography: classic cryptosystems, symmetric key cryptography, public key cryptography, hash functions, random numbers, information hiding, and cryptanalysis
* Access control: authentication and authorization, password-based security, ACLs and capabilities, multilevel and multilateral security, covert channels and inference control, BLP and Biba's models, firewalls, and intrusion detection systems
* Protocols: simple authentication protocols, session keys, perfect forward secrecy, timestamps, SSL, IPSec, Kerberos, and GSM
* Software: flaws and malware, buffer overflows, viruses and worms, software reverse engineering, digital rights management, secure software development, and operating systems security

Additional features include numerous figures and tables to illustrate and clarify complex topics, as well as problems-ranging from basic to challenging-to help readers apply their newly developed skills. A solutions manual and a set of classroom-tested PowerPoint(r) slides will assist instructors in their course development. Students and professors in information technology, computer science, and engineering, and professionals working in the field will find this reference most useful to solve their information security issues.

An Instructor's Manual presenting detailed solutions to all the problems in the book is available from the Wiley editorial department.

An Instructor Support FTP site is also available.

User review
An Excellent Companion to Bishops Book
While Matt Bishop's book (Computer Security, Art and Science) is considered the standard by many professors, I think students will find that Mark Stamp's book provides much more practical utility. Here's what Stamp has that Bishop doesn't:


1.) More readable writing style.


2.) Non-essential theory and rigor removed.


3.) Some less traditional but interesting topics (ex: CAPTCHAs, DRM).


A few things that Bishop has that Stamp doesn't:


1.) Broader range of topics covered.


2.) Classic proofs and theory that Stamp omits for succinctness.


Let's be clear though. One text is not better than the other-- the authors simply have different aims. I suggest that a student use Stamp's book to ease into Information Security, and then to go Bishop when more information is required. For example, in my introductory course to Information Assurance, I used Stamp's book to answer 90% of all questions quickly and completely and Bishop's book to tackle the remaining 10%. If I ever get into the theory side of IA, I'll probably have to use Bishop more, but Stamp works great in most situations.

User review
Cryptography
Great buy.


But i must warn you, its very advanced!


I used this as my text, in a graduate class, It was very helpful because my professor was able to explain the `hard stuff` to me.


But its good, it sets the 'motion' for research on topics discussed in the book.




User review
Good, Readable Primer on Information Security
This is a very readable primer on information security that address a number of topics including symmetric key crypto, public key crypto, hash functions, cryptanalysis, authentication, authorization, software anomalies, software insecurity, malware, and operating systems. I recommend this book.

User review
A very well written book!
If I had to have only one book on information security, this would be the book!


Without trying to be encyclopedic, Professor Stamp gives a panoramic view of four key areas in information security: cryptography, access control, protocols, and software. Within each of these four parts, relevant and diverse topics are discussed and studied. The breadth and depth of coverage is appropriate for both the general reader as well as for the expert.


Topics in the book include: symmetric key crypto, public key crypto, hash functions, cryptanalysis, authentication, authorization, authentication protocols, real-world security protocols, software flaws and malware, insecurity in software, operating systems and security.


The book reads well and does not have the `dry flavor`, so often found in other books of this type. I recommend this book, without reservation!

User review
Excellent security text
Dr. Stamp touches many of the widely used and implemented security algorithms and techniques in today's industry. His clear and concise diagrams, examples, and thought provoking questions allow the reader to get a clear overview of the workings (positive and negative) of security technology. Mark Stamp has gathered all relevant information from a wide range of sources to produce an essential guide for information security. totally sweet