Produktdetaljer
Om bidragsyterne
Bruce Schneier is the founder and CTO of Counterpane Internet Security, Inc., the recognized leader in network security services. The bestselling author of Beyond Fear: Thinking Sensibly About Security in an Uncertain World and Applied Cryptography, he is an internationally respected security expert.“…The security technologies available are described in a user-friendly way without going into depth...” (<i>Computer Bulletin</i>, January 2005) <p>“…peppered with lively anecdotes and aphorisms, making it a really accessible read...” (<i>The ISSG Magazine</i>, Autumn, 2004)</p> <p>“…fascinating read…peppered with lively anecdotes…” (<i>The ISSG Magazine</i>, October 2004)</p> <p>"...make yourself better informed. Read this book." (<i>CVu, The Journal of the ACCU</i>, Vol 16(3), June 2004)</p>
Internationally recognized computer security expert Bruce Schneier offers a practical, straightforward guide to achieving security throughout computer networks. Schneier uses his extensive field experience with his own clients to dispel the myths that often mislead IT managers as they try to build secure systems. This practical guide provides readers with a better understanding of why protecting information is harder in the digital world, what they need to know to protect digital information, how to assess business and corporate security needs, and much more.
* Walks the reader through the real choices they have now for digital security and how to pick and choose the right one to meet their business needs
* Explains what cryptography can and can't do in achieving digital security
Preface xi
1. Introduction 1
Part 1: The Landscape 11
2. Digital Threats 14
3. Attacks 23
4. Adversaries 42
5. Security Needs 59
Part 2: Technologies 83
6. Cryptography 85
7. Cryptography in Context 102
8. Computer Security 120
9. Identification and Authentication 135
10. Networked-computer Security 151
11. Network Security 176
12. Network Defenses 188
13. Software Reliability 202
14. Secure Hardware 212
15. Certificates and Credentials 225
16. Security Tricks 240
17. The Human Factor 255
Part 3: Strategies 271
18. Vulnerabilities and the Vulnerability Landscape 274
19. Threat Modeling and Risk Assessment 288
20. Security Policies and Countermeasures 307
21. Attack Trees 318
22. Product Testing and Verification 334
23. The Future of Products 353
24. Security Processes 367
25. Conclusion 389
Afterword 396
Resources 399
Acknowledgments 401
Index 403
The Economist
Viruses. Identity theft. Corporate espionage. National secrets compromised. Can anyone promise security in our digital world?
The man who introduced cryptography to the boardroom says no. But in this fascinating read, he shows us how to come closer by developing security measures in terms of context, tools, and strategy. Security is a process, not a product one that system administrators and corporate executives alike must understand to survive.
"This book is of value to anyone whose business depends on safe use of e-mail, the Web, or other networked communications. If thats not yet everybody, it soon will be."
Stephen H. Wildstrom, BusinessWeek
"Its not often that a truly outstanding book is written for both technical users and management. Fortunately, Secrets and Lies pulls off this feat rather well."
Dustin Puryear, Linux.com
"Schneier . . . peppers the book with lively anecdotes and aphorisms, making it unusually accessible."
Los Angeles Times