TY  - BOOK
AU  - Gollmann Dieter
TI  - Computer Security
SN  - 978-81-265-5082-1
U1  - 005.8 23
PY  - 2011///
CY  - New Delhi.
PB  - John wiley & sons
N1  - CH AP T ER 1 – History of Computer Security 1
1.1 The Dawn of Computer Security 21.2 1970s – Mainframes 31.3 1980s – Personal Computers 41.3.1 An Early Worm 51.3.2 The Mad Hacker 61.4 1990s – Internet 61.5 2000s – The Web 81.6 Conclusions – The Beneﬁts of Hindsight 101.7 Exercises 11
CH AP T ER 2 – Managing Security 13
2.1 Attacks and Attackers 142.2 Security Management 152.2.1 Security Policies 162.2.2 Measuring Security 172.2.3 Standards 192.3 Risk and Threat Analysis 212.3.1 Assets 222.3.2 Threats 232.3.3 Vulnerabilities 242.3.4 Attacks 242.3.5 Common Vulnerability Scoring System 262.3.6 Quantitative and Qualitative Risk Analysis 262.3.7 Countermeasures – Risk Mitigation 282.4 Further Reading 292.5 Exercises 29
CH AP T ER 3 – Foundations of Computer Security 31
3.1 Deﬁnitions 323.1.1 Security 323.1.2 Computer Security 343.1.3 Conﬁdentiality 343.1.4 Integrity 353.1.5 Availability 363.1.6 Accountability 373.1.7 Non-repudiation 38
CH A PT ER 4 – Identiﬁcation and Authentication 49
4.1 Username and Password 504.2 Bootstrapping Password Protection 514.3 Guessing Passwords 524.4 Phishing, Spooﬁng, and Social Engineering 544.4.1 Password Caching 554.5 Protecting the Password File 564.6 Single Sign-on 584.7 Alternative Approaches 594.8 Further Reading 634.9 Exercises 63
CH A PT ER 5 – Access Control 65
5.1 Background 665.2 Authentication and Authorization 665.3 Access Operations 685.3.1 Access Modes 685.3.2 Access Rights of the Bell–LaPadula Model 685.3.3 Administrative Access Rights 705.4 Access Control Structures 715.4.1 Access Control Matrix 715.4.2 Capabilities 725.4.3 Access Control Lists 725.5 Ownership 735.6 Intermediate Controls 745.6.1 Groups and Negative Permissions 745.6.2 Privileges 755.6.3 Role-Based Access Control 765.6.4 Protection Ring
CH AP T ER 6 – Reference Monitors 
CH AP T ER 7 – Unix Security 
CH A PT ER 8 – Windows Security
CH AP T ER 9 – Database Security 
CH AP T ER 10 – Software Security
CH A PTER 11 – Bell–LaPadula Model 
CH A PT ER 12 – Security Models 
CH AP T ER 13 – Security Evaluation 
CH AP T ER 14 – Cryptography 
CH A PT ER 15 – Key Establishment 
CH A PT ER 16 – Communications Security 
CH AP T ER 17 – Network Security 
CH AP T ER 18 – Web Security 
CH A PT ER 19 – Mobility 
CH A PT ER 20 – New Access Control Paradigms

ER  -