Engineering Information Security covers all aspects of information security using a systematic engineering approach and focuses on the viewpoint of how to control access to information. * Includes a discussion about protecting storage of private keys, SCADA, Cloud, Sensor, and Ad Hoc networks * Covers internal operations security processes of monitors, review exceptions, and plan remediation * Over 15 new sections * Instructor resources such as lecture slides, assignments, quizzes, and a set of questions organized as a final exam If you are an instructor and adopted this book for your course, please email firstname.lastname@example.org to get access to the additional instructor materials for this book.Klappentext:
This book considers the complete security lifecycle of products and services starting with requirements and policy development and progressing through deployment, operations, and decommissioning.
Engineering Information Security covers all aspects of information security using a systematic engineering approach and focuses on the viewpoint of how to control access to information. Unlike other books that focus on security mechanisms, threats, and vulnerabilities, this book presents a methodology for addressing security concerns in any organization. The methodology is based on a set of concepts that are designed to methodically examine, analyse, and document objectives, and the functional and performance capabilities that need to exist to achieve the stated goals.
This book begins by considering the importance of information security. Legal, technical, competitive, criminal, and consumer forces and influences that are rapidly changing our information dependent society are also discussed. Concepts of systems engineering are explored, as well as the value they provide to new products and services along with the maintenance and evolution to existing products and services. A discussion of security services follow along with what technical and procedural controls instantiate these services. Network protocols are examined focusing on exploitable vulnerabilities. An in-depth discussion of computer security capabilities is provided followed by consideration of modern networking security controls. The book concludes by discussing operations security as part of information security governance.
This new edition includes:
„Über diesen Titel“ kann sich auf eine andere Ausgabe dieses Titels beziehen.