The Art of Computer and Information Security: From Apps and Networks to Cloud and Crypto Security in Computing, Sixth Edition, is today's essential text for anyone teaching, learning, and practicing cybersecurity. It defines core principles underlying modern security policies, processes, and protection; illustrates them with up-to-date examples; and shows how to apply them in practice. Modular and flexibly organized, this book supports a wide array of courses, strengthens professionals' knowledge of foundational principles, and imparts a more expansive understanding of modern security. This extensively updated edition adds or expands coverage of artificial intelligence and machine learning tools; app and browser security; security by design; securing cloud, IoT, and embedded systems; privacy-enhancing technologies; protecting vulnerable individuals and groups; strengthening security culture; cryptocurrencies and blockchain; cyberwarfare; post-quantum computing; and more. It contains many new diagrams, exercises, sidebars, and examples, and is suitable for use with two leading frameworks: the US NIST National Initiative for Cybersecurity Education (NICE) and the UK Cyber Security Body of Knowledge (CyBOK). Core security concepts: Assets, threats, vulnerabilities, controls, confidentiality, integrity, availability, attackers, and attack types The security practitioner's toolbox: Identification and authentication, access control, and cryptography Areas of practice: Securing programs, user–internet interaction, operating systems, networks, data, databases, and cloud computing Cross-cutting disciplines: Privacy, management, law, and ethics Using cryptography: Formal and mathematical underpinnings, and applications of cryptography Emerging topics and risks: AI and adaptive cybersecurity, blockchains and cryptocurrencies, cyberwarfare, and quantum computing Register your book for convenient access to downloads, updates, and/or corrections as they become available. See inside book for details.

""In this book, the authors adopt a refreshingly new approach to explaining the intricacies of the security and privacy challenge that is particularly well suited to today's cybersecurity challenges. Their use of the threat-vulnerability-countermeasure paradigm combined with extensive real-world examples throughout results in a very effective learning methodology.""--Charles C. Palmer, IBM Research The Modern Introduction to Computer Security: Understand Threats, Identify Their Causes, and Implement Effective Countermeasures "Analyzing Computer Security "is a fresh, modern, and relevant introduction to computer security. Organized around today's key attacks, vulnerabilities, and countermeasures, it helps you think critically and creatively about computer security--so you can prevent serious problems and mitigate the effects of those that still occur. In this new book, renowned security and software engineering experts Charles P. Pfleeger and Shari Lawrence Pfleeger--authors of the classic "Security in Computing"--teach security the way modern security professionals approach it: by identifying the people or things that may cause harm, uncovering weaknesses that can be exploited, and choosing and applying the right protections. With this approach, not only will you study cases of attacks that have occurred, but you will also learn to apply this methodology to new situations. The book covers "hot button" issues, such as authentication failures, network interception, and denial of service. You also gain new insight into broader themes, including risk analysis, usability, trust, privacy, ethics, and forensics. One step at a time, the book systematically helps you develop the problem-solving skills needed to protect any information infrastructure. Coverage includes

• Understanding threats, vulnerabilities, and countermeasures
• Knowing when security is useful, and when it's useless "security theater"
• Implementing effective identification and authentication systems
• Using modern cryptography and overcoming weaknesses in cryptographic systems
• Protecting against malicious code: viruses, Trojans, worms, rootkits, keyloggers, and more
• Understanding, preventing, and mitigating DOS and DDOS attacks
• Architecting more secure wired and wireless networks
• Building more secure application software and operating systems through more solid designs and layered protection
• Protecting identities and enforcing privacy
• Addressing computer threats in critical areas such as cloud computing, e-voting, cyberwarfare, and social media

The New State of the Art in Information Security: Now Covers Cloud Computing, the Internet of Things, and Cyberwarfare Students and IT and security professionals have long relied on Security in Computing as the definitive guide to computer security attacks and countermeasures. Now, the authors have thoroughly updated this classic to reflect today's newest technologies, attacks, standards, and trends. Security in Computing, Fifth Edition, offers complete, timely coverage of all aspects of computer security, including users, software, devices, operating systems, networks, and data. Reflecting rapidly evolving attacks, countermeasures, and computing environments, this new edition introduces best practices for authenticating users, preventing malicious code execution, using encryption, protecting privacy, implementing firewalls, detecting intrusions, and more. More than two hundred end-of-chapter exercises help the student to solidify lessons learned in each chapter. Combining breadth, depth, and exceptional clarity, this comprehensive guide builds carefully from simple to complex topics, so you always understand all you need to know before you move forward. You'll start by mastering the field's basic terms, principles, and concepts. Next, you'll apply these basics in diverse situations and environments, learning to "think like an attacker" and identify exploitable weaknesses. Then you will switch to defense, selecting the best available solutions and countermeasures. Finally, you'll go beyond technology to understand crucial management issues in protecting infrastructure and data. New coverage includes A full chapter on securing cloud environments and managing their unique risks Extensive new coverage of security issues associated with user-web interaction New risks and techniques for safeguarding the Internet of Things A new primer on threats to privacy and how to guard it An assessment of computers and cyberwarfare-recent attacks and emerging risks Security flaws and risks associated with electronic voting systems