There's a lot more consciousness of security today, but not a lot of understanding of what it means and how far it should go. No one loves security, but most people---managers, system administrators and users alike---are starting to feel that they'd better accept it, or at least try to understand it.
For example, most U.S. Government equipment acquisitions now require "Orange Book" (Trusted Computer System Evaluation Criteria) certification. A lot of people have a vague feeling that they ought to know about the Orange Book, but few make the effort to track it down and read it. Computer Security Basics contains a more readable introduction to the Orange Book---why it exists, what it contains, and what the different security levels are all about---than any other book or government publication.
This handbook describes complicated concepts such as trusted systems, encryption, and mandatory access control in simple terms. It tells you what you need to know to understand the basics of computer security, and it will help you persuade your employees to practice safe computing.
Introduction (basic computer security concepts, security breaches such as the Internet worm).
Computer security and requirements of the Orange Book.
Communications and network security.
Peripheral types of security (including biometric devices, physical controls, and TEMPEST).
Appendices: terms, sources, user groups, and other reference material.
Deborah Russell manages documentation consulting services for a joint venture of O'Reilly & Associates and Cambridge Computer Associates. In recent years, the focus of her consulting work has been computer security. Her consulting projects include work on the development of a secure UNIX kernel, several trusted operating systems, and a secure compartmented mode workstation. Ms. Russell has worked closely with a number of vendors during the "Orange Book" trusted system evaluation process. She has a degree from Harvard University.
Our look is the result of reader comments, our own experimentation, and feedback from distribution channels. Distinctive covers complement our distinctive approach to technical topics, breathing personality and life into potentially dry subjects. The image featured on the cover of Computer Security Basics is a key. Locks and keys were first developed by the Egyptians for use on doors. The Egyptian wooden door lock was opened using a long wooden implement with thin wooden pegs of varying lengths set in one end. When inserted and lifted, the pegs on this key would raise similar pegs within the lock. When all the pegs were raised past a certain point, the door would open.
Metal locks and keys were developed by the Romans using a design similar to that of the Egyptian door lock. Over time the Romans refined this lock technique and embellished both locks and keys; locks were camouflaged as animals, flowers, or birds, keys were highly decorated and frequently worn as pendants. Portable locks, otherwise known as padlocks, were invented by the early Chinese, Turkish, Indians, and Russians. In the late 16th century this was taken a step further with the invention of keyless locks, otherwise known as combination locks. Further refinement continued through the 20th century as greater precision in metal work allowed for closer parts tolerance and therefore greater security. UNIX and its attendant programs can be unruly beasts. Nutshell Handbooks(R) help you tame them.
Edie Freedman designed this cover and the entire bestiary that appears on other Nutshell Handbooks. The images ares are adapted from 19th-century engravings from the Dover Pictorial Archive.
The text of this book is set in Times Roman; headings are Helvetica; examples are Courier. Text was prepared using SortQuadUs sqtroff text formatter. Figures are produced with a Macintosh. Printing is done on a Tegra Varityper 5000.
Comments about O'Reilly Media Computer Security Basics:
Computer security is an important consideration for technology managers, as it is imperative to ensure the viability and integrity of an organisations data and technology infrastructure, and to allow for the provision of providing services to internal end users as well as external customers. Whilst awareness has increased over the years, computer security can still remain one of those subjects that can easily confuse.
This book provides a broad introduction to the many facets of computer security. Technology managers without any previous knowledge or understanding of computer security will find this book valuable in obtaining a basic grounding of security.