Preface


About This Book

This book is about computer securitywhat it is, where it came from, where it's going, and why we should care about it. It introduces the many different areas of security in clear and simple terms: access controls, worms and viruses, cryptography, firewalls, network and web security, biometric devices, and more. If you're at all interested in computer security or if computer security is a part of your job (whether you want it to be or not!), you should find this book useful. I've tried to give you the big picture and quite a few helpful details.

This book is not a technical reference. I've tried to pull together the basics about many different areas of computer security and put that information together comprehensively. If you need particularly technical information about a specific area of computer security (for example, making your specific system or operating system more secure, securing your web site, or configuring a router or firewall), you should refer to other, more specialized books.

Summary of Contents

This book is divided into 10 chapters and 3 appendixes.

Part I, Security for Today

This section presents a brief overview of what computer security is, where it came from, and where it's going.


Chapter 1, Introduction

This chapter introduces computer security: what it is and why it's important. It summarizes the threats to computers and the information stored on them, and it introduces the different types of computer security.


Chapter 2, Some Security History

This chapter briefly describes the history of computer security: where it came from, and what government mandates, laws, and standards address it.

Part II, Computer Security

This section discusses computer security methods of protecting information stored in a computer system, primarily by controlling access to that information.


Chapter 3, Computer System Security and Access Controls

This chapter introduces computer system security and describes how that security controls access to systems and data.


Chapter 4, Viruses and Other Wildlife

This chapter explores viruses, worms, Trojans, and other types of malicious code.


Chapter 5, Establishing and Maintaining a Security Policy

This chapter describes the administrative procedures that improve security within an organization. It also introduces business continuity and disaster recovery as part of security.


Chapter 6, Web Attacks and Internet Vulnerabilities

This chapter introduces the perils that can attack your system or network while it is connected to the Internet.

Part III, Communications Security

This section discusses communications security methods of protecting information while it's being transmitted over communications lines and network backbones.


Chapter 7, Encryption

This chapter explains what encryption is and how it protects data.


Chapter 8, Communications and Network Security

This chapter introduces network concepts and discusses some basic communications security issues.

Part IV, Other Types of Security

This section describes several additional types of security.


Chapter 9, Physical Security and Biometrics

This chapter introduces physical security and describes different types of biometric devices.


Chapter 10, Wireless Network Security

This chapter describes the workings of wireless networks and the security ramifications of this access medium.

Part V, Appendixes

This section provides a number of quick references to computer security requirements and programs.


Appendix A, OSI Model

This appendix describes the seven layers of OSI and how each relates to security.


Appendix B, TEMPEST

This appendix describes what TEMPEST is and why it's important.


Appendix C, The Orange Book, FIPS PUBS, and the Common Criteria

This appendix provides a summary of legacy Orange Book requirements, the Federal Information Processing Publications (FIPS PUBS), and the Common Criteria, which is the international successor to the Orange Book.

Using Code Examples

This book is here to help you get your job done. In general, you may use the code in this book in your programs and documentation. You do not need to contact O'Reilly for permission unless you're reproducing a significant portion of the code. For example, writing a program that uses several chunks of code from this book does not require permission. Selling or distributing a CD-ROM of examples from O'Reilly books does require permission. Answering a question by citing this book and quoting example code does not require permission. Incorporating a significant amount of example code from this book into your product's documentation does require permission.

We appreciate, but do not require, attribution. An attribution usually includes the title, author, publisher, and ISBN. For example: Computer Security Basics, Second Edition, by Rick Lehtinen, Deborah Russell, and G.T. Gangemi Sr. Copyright 2006 O'Reilly Media, Inc., 0-596-00669-1.

Comments and Questions

Please address comments and questions concerning this book to the publisher:

O'Reilly Media, Inc.

1005 Gravenstein Highway North

Sebastopol, CA 95472

800-998-9938 (in the United States or Canada)

707-829-0515 (international or local)

707-829-0104 (fax)

We have a web page for this book that lists errata, examples, and any additional information. You can access this page at:

http://www.oreilly.com/catalog/csb2

To comment or ask technical questions about this book, send email to:

bookquestions@oreilly.com

For more information about our books, conferences, Resource Centers, and the O'Reilly Network, see our web site at:

http://www.oreilly.com

Safari® Enabled

When you see a Safari® Enabled icon on the cover of your favorite technology book, that means the book is available online through the O'Reilly Network Safari Bookshelf.

Safari offers a solution that's better than e-books. It's a virtual library that lets you easily search thousands of top tech books, cut and paste code samples, download chapters, and find quick answers when you need the most accurate, current information. Try it for free at http://safari.oreilly.com.

Acknowledgments

Any author of a second edition is incredibly indebted to the authors of the first. Deborah Russell, you were great to work with from start to finish. The text authored by you and G.T. Gangemi Sr. gave me an excellent starting point. Let's do it again some day. And to my buds at Cisco's Network Academy and to Gwen, my CISSP coach, who put me up to thiswarm thanks, I owe you.

Thanks to Kathy, Jana, Jon, Kyle and a few cats who did not see enough of me during this book's production, and Louise who said I shouldn't undertake it, but was kind of proud once it got done.

Many people from O'Reilly helped to produce this second edition: Deborah Russell for seeing the value in the project and Tatiana Apandi for keeping me at it and cheering me on when it conflicted with my day job. Thanks to my technical reviewers: Mark Lucking, Simon Biles, and especially Mary Dageforde for all her help. Many thanks!

Some of the chapters in the first edition were based on an internal document that Deborah Russell prepared for Wang Laboratories. Thanks to a lot of other people who contributed to the first edition of this book: Dennis K. Branstad, James Burrows, Daniel Faigin, Perry Flinn, Simson Garfinkel, Irene Gilbert, Nick Hammond, Stuart W. Katzke, F. Lynn McNulty, Paul Mei, Andrew Odlyzko, Victor Oppenheimer, Tim O'Reilly, Robert Rosenthal, Bradley Ross, Len Schneider, Miles Smid, Gene Spafford, Bob Tinkelman, Gene Troy, and Mitch Wright.




Computer Security Basics
Computer Security Basics
ISBN: 0596006691
EAN: 2147483647
Year: 2004
Pages: 121

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net