Welcome to Loot.co.za!
Sign in / Register |Wishlists & Gift Vouchers |Help | Advanced search
|
Your cart is empty |
|||
Books > Computing & IT > Applications of computing > Databases > Data security & data encryption
Assessing and Managing Security Risk in IT Systems: A Structured Methodology builds upon the original McCumber Cube model to offer proven processes that do not change, even as technology evolves. This book enables you to assess the security attributes of any information system and implement vastly improved security environments. Part I delivers an overview of information systems security, providing historical perspectives and explaining how to determine the value of information. This section offers the basic underpinnings of information security and concludes with an overview of the risk management process. Part II describes the McCumber Cube, providing the original paper from 1991 and detailing ways to accurately map information flow in computer and telecom systems. It also explains how to apply the methodology to individual system components and subsystems. Part III serves as a resource for analysts and security practitioners who want access to more detailed information on technical vulnerabilities and risk assessment analytics. McCumber details how information extracted from this resource can be applied to his assessment processes.
In the digital world, the need to protect communications increases every day. While traditional digital encryption methods are useful, there are many other options for hiding your information. "Information Hiding in Speech Signals for Secure Communication" provides a number of methods to hide secret speech information using a variety of digital speech coding standards. Professor Zhijun Wu has conducted years of research in the field of speech information hiding, and brings his state-of-the-art techniques to readers of this book, including a mathematical model for information hiding, the core concepts of secure speech communication, the ABS-based information hiding algorithm, and much more. This book shows how to implement a secure speech communication
system, including applications to various network security states.
Readers will find information hiding algorithms and techniques
(embedding and extracting) that are capable of withstanding the
advanced forms of attack. The book presents concepts and
applications for all of the most widely used speech coding
standards, including G.711, G.721, G.728, G.729 and GSM, along with
corresponding hiding and extraction algorithms. Readers will also
learn how to use a speech covert communication system over an IP
network as well as a speech secure communication system applied in
PSTN.
From the exciting history of its development in ancient times to the present day, Introduction to Cryptography with Mathematical Foundations and Computer Implementations provides a focused tour of the central concepts of cryptography. Rather than present an encyclopedic treatment of topics in cryptography, it delineates cryptographic concepts in chronological order, developing the mathematics as needed. Written in an engaging yet rigorous style, each chapter introduces important concepts with clear definitions and theorems. Numerous examples explain key points while figures and tables help illustrate more difficult or subtle concepts. Each chapter is punctuated with "Exercises for the Reader;" complete solutions for these are included in an appendix. Carefully crafted exercise sets are also provided at the end of each chapter, and detailed solutions to most odd-numbered exercises can be found in a designated appendix. The computer implementation section at the end of every chapter guides students through the process of writing their own programs. A supporting website provides an extensive set of sample programs as well as downloadable platform-independent applet pages for some core programs and algorithms. As the reliance on cryptography by business, government, and industry continues and new technologies for transferring data become available, cryptography plays a permanent, important role in day-to-day operations. This self-contained sophomore-level text traces the evolution of the field, from its origins through present-day cryptosystems, including public key cryptography and elliptic curve cryptography.
Developing solid, thorough infrastructure security assessments in diverse sectors Drawing on the collective experience of many experts, this definitive reference presents the best methods, techniques, and measurements to help security analysts conduct objective security assessments. It helps readers understand advanced security assessment concepts in today's high-risk world and identify, measure, and prioritize security risks. A comprehensive, practical guide, this resource: Describes a practical, proven approach that has been used in over 3,000 security assessments in thirty countries Features three primary sections: an introduction that helps analysts understand today's challenging environment; an overview of security assessment methodology broken down into five specific elements; and details on tailoring the methodology to specific industries Defines the purpose of the security assessment process, the behavioral and physical sciences brought into play, the techniques used, and measurement and evaluation tools and standards Presents an S3E comprehensive, system-integrated methodology supported by user-friendly, step-by-step guidance that is complemented by a series of S3E Security Assessment Methodology matrices Includes chapters dedicated to specific infrastructure sectors: water; energy; transportation; chemical industry and hazardous materials; agriculture and food; banking and finance; and telecommunications Provides worksheets that facilitate the cataloging and documenting of research data This book gives consultants, security practitioners, corporate security managers and directors, and others a reliable, hands-on "briefcase" reference to use in theoffice as well as in the field. It's also an ideal text for upper-level students in related courses.
This book covers the discrete mathematics as it has been established after its emergence since the middle of the last century and its elementary applications to cryptography. It can be used by any individual studying discrete mathematics, finite mathematics, and similar subjects. Any necessary prerequisites are explained and illustrated in the book. As a background of cryptography, the textbook gives an introduction into number theory, coding theory, information theory, that obviously have discrete nature. Designed in a "self-teaching" format, the book includes about 600 problems (with and without solutions) and numerous, practical examples of cryptography. FEATURES Designed in a "self-teaching" format, the book includes about 600 problems (with and without solutions) and numerous examples of cryptography Provides an introduction into number theory, game theory, coding theory, and information theory as background for the coverage of cryptography Covers cryptography topics such as CRT, affine ciphers, hashing functions, substitution ciphers, unbreakable ciphers, Discrete Logarithm Problem (DLP), and more
Would your company be prepared in the event of:
Databases are the nerve center of our economy. Every piece of your
personal information is stored there-medical records, bank
accounts, employment history, pensions, car registrations, even
your children's grades and what groceries you buy. Database attacks
are potentially crippling-and relentless.
There is no such thing as "perfect security" when it comes to
keeping all systems intact and functioning properly. Good
penetration (pen) testing creates a balance that allows a system to
be secure while simultaneously being fully functional. With this
book, you'll learn how to become an effective penetrator (i.e., a
white hat or ethical hacker) in order to circumvent the security
features of a Web application so that those features can be
accurately evaluated and adequate security precautions can be put
in place.
"The state, that must eradicate all feelings of insecurity, even potential ones, has been caught in a spiral of exception, suspicion and oppression that may lead to a complete disappearance of liberties." Mireille Delmas Marty, Libertes et surete dans un monde dangereux, 2010 This book will examine the security/freedom duo in space and time with regards to electronic communications and technologies used in social control. It will follow a diachronic path from the relative balance between philosophy and human rights, very dear to Western civilization (at the end of the 20th Century), to the current situation, where there seems to be less freedom in terms of security to the point that some scholars have wondered whether privacy should be redefined in this era. The actors involved (the Western states, digital firms, human rights organizations etc.) have seen their roles impact the legal and political science fields.
Once the privilege of a secret few, cryptography is now taught at universities around the world. Introduction to Cryptography with Open-Source Software illustrates algorithms and cryptosystems using examples and the open-source computer algebra system of Sage. The author, a noted educator in the field, provides a highly practical learning experience by progressing at a gentle pace, keeping mathematics at a manageable level, and including numerous end-of-chapter exercises. Focusing on the cryptosystems themselves rather than the means of breaking them, the book first explores when and how the methods of modern cryptography can be used and misused. It then presents number theory and the algorithms and methods that make up the basis of cryptography today. After a brief review of "classical" cryptography, the book introduces information theory and examines the public-key cryptosystems of RSA and Rabin s cryptosystem. Other public-key systems studied include the El Gamal cryptosystem, systems based on knapsack problems, and algorithms for creating digital signature schemes. The second half of the text moves on to consider bit-oriented secret-key, or symmetric, systems suitable for encrypting large amounts of data. The author describes block ciphers (including the Data Encryption Standard), cryptographic hash functions, finite fields, the Advanced Encryption Standard, cryptosystems based on elliptical curves, random number generation, and stream ciphers. The book concludes with a look at examples and applications of modern cryptographic systems, such as multi-party computation, zero-knowledge proofs, oblivious transfer, and voting protocols.
Cryptography, the science of encoding and decoding information, allows people to do online banking, online trading, and make online purchases, without worrying that their personal information is being compromised. The dramatic increase of information transmitted electronically has led to an increased reliance on cryptography. This book discusses the theories and concepts behind modern cryptography and demonstrates how to develop and implement cryptographic algorithms using C++ programming language. Written for programmers and engineers, Practical Cryptography explains how you can use cryptography to maintain the privacy of computer data. It describes dozens of cryptography algorithms, gives practical advice on how to implement them into cryptographic software, and shows how they can be used to solve security problems. Covering the latest developments in practical cryptographic techniques, this book shows you how to build security into your computer applications, networks, and storage. Suitable for undergraduate and postgraduate students in cryptography, network security, and other security-related courses, this book will also help anyone involved in computer and network security who wants to learn the nuts and bolts of practical cryptography.
Ubiquitous computing (ubicomp) is about networked microprocessors embedded in everyday objects: not just cellphones and home appliances but also books, bookshelves, bus stops and bathtubs. This future is closer than you might imagine. The insecurity of networked PCs is notorious. If we deployed ubicomp systems as vulnerable as PCs, the risks for society would be catastrophic. How can we do better, and what are the new problems? In a very accessible style, this book provides a coherent framework to make sense of the many issues at stake. Features include:
Offering a structured approach to handling and recovering from a
catastrophic data loss, this book will help both technical and
non-technical professionals put effective processes in place to
secure their business-critical information and provide a roadmap of
the appropriate recovery and notification steps when calamity
strikes.
Digital audio, video, images, and documents are flying through
cyberspace to their respective owners. Unfortunately, along the
way, individuals may choose to intervene and take this content for
themselves. Digital watermarking and steganography technology
greatly reduces the instances of this by limiting or eliminating
the ability of third parties to decipher the content that he has
taken. The many techiniques of digital watermarking (embedding a
code) and steganography (hiding information) continue to evolve as
applications that necessitate them do the same. The authors of this
second edition provide an update on the framework for applying
these techniques that they provided researchers and professionals
in the first well-received edition. Steganography and steganalysis
(the art of detecting hidden information) have been added to a
robust treatment of digital watermarking, as many in each field
research and deal with the other. New material includes
watermarking with side information, QIM, and dirty-paper codes. The
revision and inclusion of new material by these influential authors
has created a must-own book for anyone in this profession.
This book is designed for the professional system administrators
who need to securely deploy Microsoft Vista in their networks.
Readers will not only learn about the new security features of
Vista, but they will learn how to safely integrate Vista with their
existing wired and wireless network infrastructure and safely
deploy with their existing applications and databases. The book
begins with a discussion of Microsoft's Trustworthy Computing
Initiative and Vista's development cycle, which was like none other
in Microsoft's history. Expert authors will separate the hype from
the reality of Vista s preparedness to withstand the 24 x 7 attacks
it will face from malicious attackers as the world s #1 desktop
operating system. The book has a companion CD which contains
hundreds of working scripts and utilities to help administrators
secure their environments.
Designed as an introduction and overview to the field, Cyber Forensics: A Field Manual for Collecting, Examining, and Preserving Evidence of Computer Crimes, Second Edition integrates theory and practice to present the policies, procedures, methodologies, and legal ramifications and implications of a cyber forensic investigation. The authors guide you step-by-step through the basics of investigation and introduce the tools and procedures required to legally seize and forensically evaluate a suspect machine. Updating and expanding information on concealment techniques, new technologies, hardware, software, and relevant new legislation, this second edition delineates the scope and goals of cyber forensics to reveal and track legal and illegal activity. Beginning with an introduction and definition of cyber forensics, chapters explain the rules of evidence and chain of custody in maintaining legally valid electronic evidence. They describe how to begin an investigation and employ investigative methodology, as well as establish standard operating procedures for the field and cyber forensic laboratory. The authors provide an in depth examination of the manipulation of technology to conceal illegal activities and the use of cyber forensics to uncover them. They discuss topics and issues such as conducting a cyber forensic investigation within both the local and federal legal framework, and evaluating the current data security and integrity exposure of multifunctional devices. Cyber Forensics includes details and tips on taking control of a suspect computer or PDA and its "operating" environment, mitigating potential exposures and risks to chain of custody, and establishing and following a flowchart for the seizure of electronic evidence. An extensive list of appendices include websites, organizations, pertinent legislation, further readings, best practice recommendations, more information on hardware and software, and a recap of the federal rules of civil procedure.
Prepare for test success with this all-in-one CASP+ Certification Kit! The kit includes: CASP+ Study Guide: Exam CAS-004, Fourth Edition, builds on the popular Sybex Study Guide approach, providing 100% coverage of the CASP+ Exam CAS-004 objectives. The book contains clear and concise information on crucial security topics. It includes practical examples and insights drawn from real-world experience, as well as exam highlights and end-of-chapter review questions. The comprehensive study resource provides authoritative coverage of key exam topics, including: Security Architecture Security Operations Security Engineering and Cryptography Governance, Risk, and Compliance Because the exam focuses on practical applications of key security concepts, the book includes an appendix of additional hands-on labs. CASP+ Practice Tests: Exam CAS-004, Second Edition, provides hundreds of domain-by domain questions, covering the CASP+ objectives, PLUS two additional practice exams, for a total of 1,000 practice test questions. You'll also get one year of FREE access after activation to the Sybex interactive learning environment and online test bank. Let this book help you gain the confidence you need for taking the CASP+ Exam CAS-004 and prepare you for test success.
Mission critical real-time systems often function in environments that cannot be modelled with static approaches. Because of their (externally-driven) wide dynamic range of system operation, the number of data elements to be processed in an arbitrary period is unknown at the time of system engineering (other than an extremely pessimistic worst case sense). While it may be possible to determine a theoretical upper bound on the number of data items, the construction and maintenance of system components to handle worst-case conditions can be prohibitively costly. To accommodate such dynamic mission critical real-time systems, it is useful to design computing systems that allow reconfiguration and reallocation of resources by sharing a pool of distributed computational resources. Unfortunately, the problem of continuously providing critical system functions in such dynamic real-time environments is exacerbated when one considers attack vulnerability. The Internet has made mission critical real-time computer systems subject to an ever-changing array of attacks for which current defence mechanisms are insufficient. In order to combat intruders in this new environment, new techniques must be developed that enable decision makers to detect unusual behaviour in their systems, correlate anomalies into higher-level attacker goals, plan appropriate response actions, and execute their plans. This special book presents current work in this general area of real-time system security.
If you think Bitcoin is just an alternative currency for geeks, it's time to think again. Grokking Bitcoin opens up this powerful distributed ledger system, exploring the technology that enables applications both for Bitcoin-based financial transactions and using the blockchain for registering physical property ownership. With this fully illustrated, easy-to-read guide, you'll finally understand how Bitcoin works, how you can use it, and why you can trust the blockchain. Grokking Bitcoin explains why Bitcoin’s supporters trust it so deeply, and why you can too. This approachable book will introduce you to Bitcoin’s groundbreaking technology, which is the key to this world-changing system. This illustrated, easy-to-read guide prepares you for a new way of thinking with easy-to-follow diagrams and exercises. You’ll discover how Bitcoin mining works, how to accept Bitcoin, how to participate in the Bitcoin network, and how to set up a digital wallet.
Die Blockchain-Technologie verspricht, den Finanzmarkt, die Versicherungsbranche, das Supply-Chain-Management und andere Branchen zu revolutionieren. Aber Sie mA1/4ssen kein Tech-Nerd sein, um die Blockchain zu verstehen. Dieses Buch erklArt die Grundlagen und wichtige Anwendungen wie KryptowAhrungen und Smart Contracts. Reale Beispiele machen deutlich, wie Blockchains funktionieren und wo ihr Mehrwert liegt. Erstellen Sie eine eigene Blockchain, schauen Sie sich die wichtigsten Blockchain-Anbieter an, erkennen Sie das Disruptionspotenzial fA1/4r eingesessene Industrien und vieles mehr.
This book presents state-of-the-art methodologies and a comprehensive introduction to the recognition and representation of species and individual animals based on their physiological and phenotypic appearances, biometric characteristics, and morphological image patterns. It provides in-depth coverage of this emerging area, with an emphasis on the design and analysis techniques used in visual animal biometrics-based recognition systems. The book offers a comprehensive introduction to visual animal biometrics, addressing a range of recent advances and practices like sensing, feature extraction, feature selection and representation, matching, indexing of feature sets, and animal biometrics-based multimodal systems. It provides authoritative information on all the major concepts, as well as highly specific topics, e.g. the identification of cattle based on their muzzle point image pattern and face images to prevent false insurance claims, or the monitoring and registration of animals based on their biometric features. As such, the book provides a sound platform for understanding the Visual Animal Biometrics paradigm, a vital catalyst for researchers in the field, and a valuable guide for professionals. In addition, it can help both private and public organizations adapt and enhance their classical animal recognition systems.
The humanities and social sciences are interested in the cybersecurity object since its emergence in the security debates, at the beginning of the 2000s. This scientific production is thus still relatively young, but diversified, mobilizing at the same time political science, international relations, sociology, law, information science, security studies, surveillance studies, strategic studies, polemology. There is, however, no actual cybersecurity studies. After two decades of scientific production on this subject, we thought it essential to take stock of the research methods that could be mobilized, imagined and invented by the researchers. The research methodology on the subject "cybersecurity" has, paradoxically, been the subject of relatively few publications to date. This dimension is essential. It is the initial phase by which any researcher, seasoned or young doctoral student, must pass, to define his subject of study, delimit the contours, ask the research questions, and choose the methods of treatment. It is this methodological dimension that our book proposes to treat. The questions the authors were asked to answer were: how can cybersecurity be defined? What disciplines in the humanities and social sciences are studying, and how, cybersecurity? What is the place of pluralism or interdisciplinarity? How are the research topics chosen, the questions defined? How, concretely, to study cybersecurity: tools, methods, theories, organization of research, research fields, data ...? How are discipline-specific theories useful for understanding and studying cybersecurity? Has cybersecurity had an impact on scientific theories?
Presents primary hardware-based computer security approaches in an easy-to-read toolbox format Protecting valuable personal information against theft is a mission-critical component of today's electronic business community. In an effort to combat this serious and growing problem, the Intelligence and Defense communities have successfully employed the use of hardware-based security devices. This book provides a road map of the hardware-based security devices that can defeat--and prevent--attacks by hackers. Beginning with an overview of the basic elements of computer security, the book covers: Cryptography Key generation and distribution The qualities of security solutions Secure co-processors Secure bootstrap loading Secure memory management and trusted execution technology Trusted Platform Module (TPM) Field Programmable Gate Arrays (FPGAs) Hardware-based authentification Biometrics Tokens Location technologies Hardware-Based Computer Security Techniques to Defeat Hackers includes a chapter devoted entirely to showing readers how they can implement the strategies and technologies discussed. Finally, it concludes with two examples of security systems put into practice. The information and critical analysis techniques provided in this user-friendly book are invaluable for a range of professionals, including IT personnel, computer engineers, computer security specialists, electrical engineers, software engineers, and industry analysts.
Cryptography, in particular public-key cryptography, has emerged in the last 20 years as an important discipline that is not only the subject of an enormous amount of research, but provides the foundation for information security in many applications. Standards are emerging to meet the demands for cryptographic protection in most areas of data communications. Public-key cryptographic techniques are now in widespread use, especially in the financial services industry, in the public sector, and by individuals for their personal privacy, such as in electronic mail. This Handbook will serve as a valuable reference for the novice as well as for the expert who needs a wider scope of coverage within the area of cryptography. It is a necessary and timely guide for professionals who practice the art of cryptography.
Praise for "Sarbanes-Oxley Guide for Finance and Information Technology Professionals" "Effective SOX programs enlist the entire organization to build
and monitor a compliant control environment. However, even the best
SOX programs are inefficient at best, ineffective at worst, if
there is a lack of informed, competent finance and IT personnel to
support the effort. This book provides these important
professionals a needed resource for and road map toward
successfully implementing their SOX initiative." "As a former CFO and CIO, I found this book to be an excellent
synopsis of SOX, with impressive implementation summaries and
checklists." "An excellent introduction to the Sarbanes-Oxley Act from the
perspective of the financial and IT professionals that are on the
front lines of establishing compliance in their organizations. The
author walks through many areas by asking 'what can go wrong' types
of questions, and then outlines actions that should be taken as
well as the consequences of noncompliance. This is a good book to
add to one's professional library " "Mr. Anand has compiled a solid overview of the control systems
needed for not only accounting systems, but also the information
technologies that support those systems. Among the Sarbanes books
on the market, his coverage of both topics is unique." "An excellent overview of the compliance process. A must-read
for anyone who needs to get up to speed quickly with
Sarbanes-Oxley." |
You may like...
Data-driven Block Ciphers for Fast…
Nikolai Moldovyan, Alexander A. Moldovyan
Paperback
R1,761
Discovery Miles 17 610
|