The Virtual Bookcase for browsing and sharing reviews of books. New to this site? Read the welcome page first.

The Virtual Bookcase Home
Recent reviews
Collected book news
Welcome to this site
Add your own book

Book details of 'Security in Computing'

Cover of Security in Computing
TitleSecurity in Computing
Author(s)Charles P. Pfleeger, Shari Lawrence Pfleeger
PublishedDecember 2002
PublisherPrentice Hall PTR
Web links for this book
Search at
Wikipedia booksources
Shop for this book

Back to shelf Computer security info for Security in Computing

Score: score: 2.0 **---  Vote for this book

The Virtual Bookcase Reviews of 'Security in Computing':

Reviewer Rob Slade wrote:
This work is still obviously a textbook. The attempts to target it at a "professional" audience are possibly more convincing than in the first edition, but it still reads like a text, and includes material that is addressed at a scholastic, rather than experienced, audience. Even as a textbook it difficult to say that it succeeds. It addresses a broad range of computer security related topics, although there is a notable shortage of material dealing with formal security models, access concepts, operational procedures, physical security, and business continuity. The level of detail in the different areas varies greatly, but the shortcomings of the book could be addressed in the hands of a competent teacher. The ten chapters in the book are not divided into parts, but seem, in some cases, to come in chunks. The introductory chapter is an overview of basic concepts involved with system security. Unfortunately, not all of them are explained fully. The idea of controls, for example, is a vital one, but the full ranges and types of controls are not outlined. There are also some not-quite-standard additions to the lexicon, such as an attempt to divide threats into four classes: interception, interruption, modification, and fabrication. It is difficult to see why fabrication is added to the list, or why this provides a clearer view of threats than simply looking to the opposites of confidentiality, integrity, and availability. Cryptography starts in chapter two (and, oddly, ends in chapter ten). The early coverage steps through different types of simple encryption algorithms, followed up by cryptanalysis of the same. It strenuously avoids using any arithmetic, which makes discussions of key sizes and strengths a bit difficult, but throws in lots of symbolic logic, which seems to serve only to cloud the issue. Chapter three starts what might be seen as a section on secure systems development. This is an important, and often neglected, topic, and is generally covered reasonably well. However, the material is not always completely clear and rigorous. For example, it is implied that Thompson, rather than Cohen, was the first to investigate viruses. Leaving aside the fact that Cohen's work started a year before Thompson's lecture (only the date of Cohen's graduation is given), Thompson's thought experiment proposed only an extremely limited form of reproduction. Again, when discussing covert channels, both the terms "timing channel" and "storage channel" are used, but all the examples given relate only to timing channels. Operating system protections are supposed to be covered in chapter four, but the content is an odd amalgam of computer architecture and high level access control. In regard to designing trusted operating systems, chapter five starts with a very poor outline of formal models (the test is not clear, and, again, the addition of symbolic logic fails to assist in the tutorial), presents a fair review of operating system requirements, and then spends a lot of time going over various evaluation criteria, without presenting much content of any use. The outline of database security is disappointing: chapter six spends too much time on specific details, while almost ignoring major concepts such as aggregation. Chapter seven, the longest in the book, devotes excessive space to basic communications technologies, including two copies of the section on transmission methods. Administration, in chapter eight, provides the usual generic advice on planning, risk, and policies. Intellectual property, computer crime, and ethics are presented as problems with no solutions, in chapter nine. The closing chapter provides a whirlwind of the mathematics related to cryptography in an impressive, disorganized, and basically pointless display. This book could definitely use a wholesale reorganization and cleanup. The level and tone of the content varies tremendously from section to section, even within given chapters. While most computer security topics appear somewhere within the work, there is very little in the way of logical flow or links between subjects. Major areas seem to be thrown in with minor sections simply because they had to be put somewhere. In terms of textbooks, I do not know that there is much to choose between this volume and Bishop's "Computer Security: Art and Science" (see reviews), although Pfleeger and Pfleeger might have a slight edge. Certainly Gollman's "Computer Security" (see reviews) is superior to both. And, depending upon the course, Anderson's "Security Engineering" (see reviews) probably outranks them all. copyright Robert M. Slade, 1993
Add my review for Security in Computing
Search The Virtual Bookcase

Enter a title word, author name or ISBN.

The shelves in The Virtual Bookcase

Arts and architecture (25)
Biography (24)
Business and Management (120)
Cars and driving (53)
Cartoons (45)
Children's books (180)
Computer (475)
Computer history/fun (113)
Computer networks (382)
Computer programming (215)
Computer security (272)
Cook books (89)
Fantasy (154)
Fiction (446)
Health and body (71)
History (138)
Hobby (37)
Horror (65)
Humorous books (52)
Literature (57)
Operating systems (94)
Outdoor camping (162)
Outdoors (236)
Politics (85)
Privacy (61)
Psychology (55)
Religion (17)
Science (113)
Science Fiction (156)
Self-help books (56)
Technology (14)
Travel guides (308)
War and weapons (29)
World Wide Web (213)
Zen (5)
Other books (89)

The Virtual Bookcase is created and maintained by Koos van den Hout. Contact e-mail
Site credits
Copyright © 2000-2017 Koos van den Hout / The Virtual Bookcase Copyright and privacy statement