In recent years, the need for education in computer security and related topics has grown dramatically – and is essential for anyone in the fields of Computer Science or Computer Engineering. This is the only book available that provides integrated, comprehensive, up-to-date coverage of the broad range of topics in this subject.

  Comprehensive treatment of user authentication and access control. Unified approach to intrusion detection and firewalls, giving readers a solid understanding of the threats and countermeasures. More detailed coverage of software security than other books. Exploration of management issues. Systematic, comprehensive discussion of malicious software and denial of service attacks. Coverage of Linux and Windows Vista. Up-to-date coverage of database security. Thorough overview of cryptography, authentication, and digital signatures. Coverage of Internet security. For system engineers, programmers, system managers, network managers, product marketing personnel, system support specialists; a solid, up-to-date reference or tutorial for self-study.

About The Author

William Stallings has made a unique contribution to understanding the broad sweep of technical developments in computer networking and computer architecture. He has authored 17 titles, and counting revised editions, a total of 41 books on various aspects of these subjects. In over 20 years in the field, he has been a technical contributor, technical manager, and an executive with several high-technology firms. Currently he is an independent consultant whose clients have included computer and networking manufacturers and customers, software development firms, and leading-edge government research institutions.

He is a member of the editorial board of Cryptologia, a scholarly journal devoted to all aspects of cryptology. He is a frequent lecturer and author of numerous technical papers. His books include Data and Computer Communications, Eighth Edition (Prentice Hall, 2007), which has become the standard in the field.  Dr. Stallings holds a PhD from M.I.T. in Computer Science and a B.S. from Notre Dame in electrical engineering.

Customer Reviews & Comments
The author of this book also wrote the widely used text "Cryptography and Network Security". I like that book well enough, but you have to use outside resources to understand what's going on in that book, and I would say that is even more true for this textbook. That is because the author is basically taking subjects discussed in the Cryptography and Network Security book and adding topics like management issues and security of specific operating systems - without getting specific enough that you could actually solve too many problems. To me the best parts of the book are the appendices. The information on number theory is quite good, as are the suggestions for projects and labs. Unfortunately, this book does not contain sufficient information to perform those projects and labs. The contents make a good starting point for the study of computer security, but if you are an instructor be prepared to use lots of supplemental material or your students are going to be left high and dry. Currently the table of contents is not shown, so I include it next. This book is just under 900 pages long, so its 24 chapters are covering their subject matter in under 40 pages each, which does not give much room for detail. Chapter 1 Overview PART ONE COMPUTER SECURITY TECHNOLOGY AND PRINCIPLES Chapter 2 Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Chapter 5 Database Security Chapter 6 Intrusion Detection Appendix 6A:The Base-Rate Fallacy Chapter 7 Malicious Software Chapter 8 Denial of Service Chapter 9 Firewalls and Intrusion Prevention Systems Chapter 10 Trusted Computing and Multilevel Security PART TWO SOFTWARE SECURITY Chapter 11 Buffer Overflow Chapter 12 Other Software Security Issues PART THREE MANAGEMENT ISSUES Chapter 13 Physical and Infrastructure Security Chapter 14 Human Factors Appendix 14A: Security Awareness Standard of Good Practice Appendix 14B: Security Policy Standard of Good Practice Chapter 15 Security Auditing Chapter 16 IT Security Management and Risk Assessment Chapter 17 IT Security Controls, Plans and Procedures Chapter 18 Legal and Ethical Aspects Appendix 18A: Information Privacy Standard of Good Practice PART FOUR CRYPTOGRAPHIC ALGORITHMS Chapter 19 Symmetric Encryption and Message Confidentiality Chapter 20 Public-Key Cryptography and Message Authentication PART FIVE INTERNET SECURITY Chapter 21 Internet Security Protocols and Standards Chapter 22 Internet Authentication Applications PART SIX OPERATING SYSTEM SECURITY Chapter 23 Linux Security Chapter 24 Windows Security APPENDICES Appendix A Some Aspects of Number Theory A.1 Prime and Relatively Prime Numbers A.2 Modular Arithmetic A.3 Fermat's and Euler's Theorems Appendix B Random and Pseudorandom Number Generation B.1 The Use of Random Numbers B.2 Pseudorandom Number Generators (PRNGs) B.3 True Random Number Generators Appendix C Projects for Teaching Computer Security C.1 Research Projects C.2 Programming Projects C.3 Laboratory Exercises C.4 Writing Assignments C.5 Reading/Report Assignments ONLINE APPENDICES Appendix D Standards and Standard-Setting Organizations Appendix E TCP/IP Protocol Architecture Appendix F Glossary Comment | Permalink | (Report this)