Secrets and Lies: Digital Security in a Networked WorldJohn Wiley & Sons, 23. mar. 2015 - 448 síður This anniversary edition which has stood the test of time as a runaway best-seller provides a practical, straight-forward guide to achieving security throughout computer networks. No theory, no math, no fiction of what should be working but isn't, just the facts. Known as the master of cryptography, Schneier uses his extensive field experience with his own clients to dispel the myths that often mislead IT managers as they try to build secure systems. A much-touted section: Schneier's tutorial on just what cryptography (a subset of computer security) can and cannot do for them, has received far-reaching praise from both the technical and business community. Praise for Secrets and Lies "This is a business issue, not a technical one, and executives can no longer leave such decisions to techies. That's why Secrets and Lies belongs in every manager's library."-Business Week "Startlingly lively....a jewel box of little surprises you can actually use."-Fortune "Secrets is a comprehensive, well-written work on a topic few business leaders can afford to neglect."-Business 2.0 "Instead of talking algorithms to geeky programmers, [Schneier] offers a primer in practical computer security aimed at those shopping, communicating or doing business online-almost everyone, in other words."-The Economist "Schneier...peppers the book with lively anecdotes and aphorisms, making it unusually accessible."-Los Angeles Times With a new and compelling Introduction by the author, this premium edition will become a keepsake for security enthusiasts of every stripe. |
Efni
INTRODUCTION | 1 |
THE LANDSCAPE 11 | 14 |
ATTACKS | 23 |
ADVERSARIES | 42 |
SECURITY NEEDS | 59 |
TECHNOLOGIES | 83 |
CRYPTOGRAPHY IN CONTEXT | 102 |
COMPUTER SECURITY | 120 |
CERTIFICATES AND CREDENTIALS | 225 |
SECURITY TRICKS | 240 |
THE HUMAN FACTOR | 255 |
VULNERABILITIES AND THE VULNERABILITY | 274 |
THREAT MODELING AND RISK | 288 |
SECURITY POLICIES | 307 |
ATTACK TREES | 318 |
PRODUCT TESTING AND VERIFICATION | 334 |
IDENTIFICATION AND AUTHENTICATION | 135 |
NETWORKEDrCOMPUTER SECURITY | 151 |
NETWORK SECURITY | 176 |
NETWORK DEFENSES | 188 |
SOFTWARE RELIABILITY | 202 |
SECURE HARDWARE | 212 |
THE FUTURE OF PRODUCTS | 353 |
SECURITY PROCESSES | 367 |
CONCLUSION | 389 |
AFTERWORD | 396 |
403 | |