Группа авторов
Список книг автора Группа авторовSecurity Engineering
The world has changed radically since the first edition of this book was published in 2001. Spammers, virus writers, phishermen, money launderers, and spies now trade busily with each other in a lively online criminal economy and as they specialize, they get better. In this indispensable, fully updated guide, Ross Anderson reveals how to build systems that stay dependable whether faced with error or malice. Here?s straight talk on critical topics such as technical engineering basics, types of attack, specialized protection mechanisms, security psychology, policy, and more.
Information Security
Your expert guide to information security As businesses and consumers become more dependent on complex multinational information systems, the need to understand and devise sound information security systems has never been greater. This title takes a practical approach to information security by focusing on real-world examples. While not sidestepping the theory, the emphasis is on developing the skills and knowledge that security and information technology students and professionals need to face their challenges. The book is organized around four major themes: * Cryptography: classic cryptosystems, symmetric key cryptography, public key cryptography, hash functions, random numbers, information hiding, and cryptanalysis * Access control: authentication and authorization, password-based security, ACLs and capabilities, multilevel and multilateral security, covert channels and inference control, BLP and Biba's models, firewalls, and intrusion detection systems * Protocols: simple authentication protocols, session keys, perfect forward secrecy, timestamps, SSL, IPSec, Kerberos, and GSM * Software: flaws and malware, buffer overflows, viruses and worms, software reverse engineering, digital rights management, secure software development, and operating systems security Additional features include numerous figures and tables to illustrate and clarify complex topics, as well as problems-ranging from basic to challenging-to help readers apply their newly developed skills. A solutions manual and a set of classroom-tested PowerPoint(r) slides will assist instructors in their course development. Students and professors in information technology, computer science, and engineering, and professionals working in the field will find this reference most useful to solve their information security issues. An Instructor's Manual presenting detailed solutions to all the problems in the book is available from the Wiley editorial department. An Instructor Support FTP site is also available.
Internet Security
Knowledge of number theory and abstract algebra are pre-requisites for any engineer designing a secure internet-based system. However, most of the books currently available on the subject are aimed at practitioners who just want to know how the various tools available on the market work and what level of security they impart. These books traditionally deal with the science and mathematics only in so far as they are necessary to understand how the tools work. Internet Security differs by its assertion that cryptography is the single most important technology for securing the Internet. To quote one reviewer «if every one of your communication partners were using a secure system based on encryption, viruses, worms and hackers would have a very hard time». This scenario does not reflect the reality of the Internet world as it currently stands. However, with security issues becoming more and more important internationally, engineers of the future will be required to design tougher, safer systems. Internet Security: * Offers an in-depth introduction to the relevant cryptographic principles, algorithms protocols – the nuts and bolts of creating a secure network * Links cryptographic principles to the technologies in use on the Internet, eg. PGP, S/MIME, IPsec, SSL TLS, Firewalls and SET (protecting credit card transactions) * Provides state-of-the-art analysis of the latest IETF standards plus summaries and explanations of RFC documents * Authored by a recognised expert in security Internet Security is the definitive text for graduate students on security and cryptography courses, and researchers in security and cryptography areas. It will prove to be invaluable to professionals engaged in the long-term development of secure systems.
Innocent Code
This concise and practical book shows where code vulnerabilities lie-without delving into the specifics of each system architecture, programming or scripting language, or application-and how best to fix them Based on real-world situations taken from the author's experiences of tracking coding mistakes at major financial institutions Covers SQL injection attacks, cross-site scripting, data manipulation in order to bypass authorization, and other attacks that work because of missing pieces of code Shows developers how to change their mindset from Web site construction to Web site destruction in order to find dangerous code
Software Quality
The book presents a comprehensive discussion on software quality issues and software quality assurance (SQA) principles and practices, and lays special emphasis on implementing and managing SQA. Primarily designed to serve three audiences; universities and college students, vocational training participants, and software engineers and software development managers, the book may be applicable to all personnel engaged in a software projects Features: A broad view of SQA. The book delves into SQA issues, going beyond the classic boundaries of custom-made software development to also cover in-house software development, subcontractors, and readymade software. An up-to-date wide-range coverage of SQA and SQA related topics. Providing comprehensive coverage on multifarious SQA subjects, including topics, hardly explored till in SQA texts. A systematic presentation of the SQA function and its tasks: establishing the SQA processes, planning, coordinating, follow-up, review and evaluation of SQA processes. Focus on SQA implementation issues. Specialized chapter sections, examples, implementation tips, and topics for discussion. Pedagogical support: Each chapter includes a real-life mini case study, examples, a summary, selected bibliography, review questions and topics for discussion. The book is also supported by an Instructor’s Guide.
Domain Architectures
Domain Architectures is a comprehensive catalog of the domain architectures essential to software developers using object-oriented technology and UML to solve real-life problems. Providing a unique top-down view of systems, the book also provides quick access to landmarks and references to domain architectures. The ability to describe applications, in terms of the properties they share, offers software designers a vast new landscape for implementing software reuse. The ideal professional's handbook. Helps readers reduce trial and error and increase productivity by reusing tried and trusted ideas Models are described and documented using UML (incorporating UML 2.0) models and meta models
Professional C++
Get up to date quickly on the new changes coming with C++17 Professional C++ is the advanced manual for C++ programming. Designed to help experienced developers get more out of the latest release, this book skims over the basics and dives right in to exploiting the full capabilities of C++17. Each feature is explained by example, each including actual code snippets that you can plug into your own applications. Case studies include extensive, working code that has been tested on Windows and Linux, and the author's expert tips, tricks, and workarounds can dramatically enhance your workflow. Even many experienced developers have never fully explored the boundaries of the language's capabilities; this book reveals the advanced features you never knew about, and drills down to show you how to turn these features into real-world solutions. The C++17 release includes changes that impact the way you work with C++; this new fourth edition covers them all, including nested namespaces, structured bindings, string_view, template argument deduction for constructors, parallel algorithms, generalized sum algorithms, Boyer-Moore string searching, string conversion primitives, a filesystem API, clamping values, optional values, the variant type, the any type, and more. Clear explanations and professional-level depth make this book an invaluable resource for any professional needing to get up to date quickly. Maximize C++ capabilities with effective design solutions Master little-known elements and learn what to avoid Adopt new workarounds and testing/debugging best practices Utilize real-world program segments in your own applications C++ is notoriously complex, and whether you use it for gaming or business, maximizing its functionality means keeping up to date with the latest changes. Whether these changes enhance your work or make it harder depends on how well-versed you are in the newest C++ features. Professional C++ gets you up to date quickly, and provides the answers you need for everyday solutions.
Agile Documentation
Software documentation forms the basis for all communication relating to a software project. To be truly effective and usable, it should be based on what needs to be known. Agile Documentation provides sound advice on how to produce lean and lightweight software documentation. It will be welcomed by all project team members who want to cut out the fat from this time consuming task. Guidance given in pattern form, easily digested and cross-referenced, provides solutions to common problems. Straightforward advice will help you to judge: What details should be left in and what left out When communication face-to-face would be better than paper or online How to adapt the documentation process to the requirements of individual projects and build in change How to organise documents and make them easily accessible When to use diagrams rather than text How to choose the right tools and techniques How documentation impacts the customer Better than offering pat answers or prescriptions, this book will help you to understand the elements and processes that can be found repeatedly in good project documentation and which can be shaped and designed to address your individual circumstance. The author uses real-world examples and utilises agile principles to provide an accessible, practical pattern-based guide which shows how to produce necessary and high quality documentation.
Ethernet Networks
Ethernet Networks, Fourth Edition, provides everything you need to know to plan, implement, manage and upgrade Ethernet networks. * Improve your skills in employing Ethernet hubs, switches, and routers. * Learn how to set up and operate a wireless Local Area Network (LAN). * Discover how to extend a wired Ethernet via wireless LANs. * Understand cabling standards and the role of NEXT (Near End Crosstalk), FEXT (Far End Crosstalk) and other transmission parameters. * Profit from Gilbert Held's tips and tricks on enhancing security … and much more. This indispensable resource features up-to-date coverage of: * Wireless Ethernet (IEEE802.11 standards) * 10Gbps Ethernet * Firewalls in both a wired and wireless environment * The operation of new versions of Windows(r) on Ethernet LANs * The use of LAN switches at and above layer 2 in the ISO reference model * Copper and fiber optic cable to transport high speed Ethernet Network planners, administrators, and system engineers working with Ethernet networks will find Ethernet Networks, Fourth Edition, an invaluable tool for implementing, updating, and managing their networks.
The Writing Revolution
In a world of rapid technological advancements, it can be easy to forget that writing is the original Information Technology, created to transcend the limitations of human memory and to defy time and space. The Writing Revolution picks apart the development of this communication tool to show how it has conquered the world. Explores how writing has liberated the world, making possible everything from complex bureaucracy, literature, and science, to instruction manuals and love letters Draws on an engaging range of examples, from the first cuneiform clay tablet, Egyptian hieroglyphs, and Japanese syllabaries, to the printing press and the text messaging Weaves together ideas from a number of fields, including history, cultural studies and archaeology, as well as linguistics and literature, to create an interdisciplinary volume Traces the origins of each of the world’s major written traditions, along with their applications, adaptations, and cultural influences