|
|
|
|
|
Visit CRC Press Online!
|
Leading Publishers of Essential Information for the
Professional and Technical Communities Worldwide!
CRC Press.
|
|
|
For Best Results
|
Use the latest version of the Adobe Acrobat Reader. Click on the icon below to download it for FREE.
|
|
|
|
New Books
|
|
|
|
|
How to Achieve 27001 Certification: An Example of Applied Compliance Management
Added 4/4/2008
Sigurjon Thor Arnason, Keith Willett
The security criteria of the International Standards Organization (ISO) provides an excellent foundation for identifying and addressing business risks through a disciplined security management process. Using security standards ISO 17799 and ISO 27001 as a basis, How to Achieve 27001 Certification: An Example of Applied Compliance Management helps an organization align its security and organizational goals so it can generate effective security, compliance, and management programs.
The authors offer insight from their own experiences, providing questions and answers to determine an organization's information security strengths and weaknesses with respect to the standard. They also present step-by-step information to help an organization plan an implementation, as well as prepare for certification and audit.
Security is no longer a luxury for an organization, it is a legislative mandate. A formal methodology that helps an organization define and execute an ISMS is essential in order to perform and prove due diligence in upholding stakeholder interests and legislative compliance. Providing a good starting point for novices, as well as finely tuned nuances for seasoned security professionals, this book is an invaluable resource for anyone involved with meeting an organization's security, certification, and compliance needs.
|
Security in Distributed, Grid, Mobile, and Pervasive Computing
Added 4/8/2008
Yang Xiao
Despite recent dramatic advances in computer security regarding the proliferation of services and applications, security threats are still major impediments in the deployment of these services. Paying serious attention to these issues, Security in Distributed, Grid, Mobile, and Pervasive Computing focuses on the increasing demand to guarantee privacy, integrity, and availability of resources in networks and distributed systems.
A rich and useful presentation of strategies for security issues, the book covers each computing area in separate sections. It first reviews security issues and challenges in content distribution networks, describes key agreement protocols based on the Diffie-Hellman key exchange and key management protocols for complex distributed systems like the Internet, and discusses securing design patterns for distributed systems. The next section focuses on security in mobile computing and wireless networks, covering wireless authentication methods, secure data aggregation, and anonymous routing protocol. After a section on grid computing security, the book presents an overview of security solutions for pervasive healthcare systems and surveys wireless sensor network security.
With more and more vital information stored on computers, security professionals need to know how to combat threats and complications. Offering strategies to tackle these issues, this book provides essential security information for researchers, practitioners, educators, and graduate students in the field.
|
Resource, Mobility, and Security Management in Wireless Networks and Mobile Communications
Added 4/8/2008
Yan Zhang, Honglin Hu, Masayuki Fujise
Organized into three parts, Resource, Mobility, and Security Management in Wireless Networks and Mobile Communications examines the inherent constraint of limited bandwidth and unreliable time-varying physical link in the wireless system, discusses the demand to realize the service continuity in the single-hop or multi-hop wireless networks, and explores trusted communication in mobile computing scenarios.
Focusing on the background, technique survey, protocol design, and analytical methods, the book discusses standards in 802.11x/3G/4G, HotSpot Wireless, Bluetooth sensor networks, and access control in wireless Ad Hoc networks. Other topics include call admission control (CAC), routing, multicast, medium access control (MAC), scheduling, bandwidth adaptation, handoff management, location management, network mobility, secure routing, key management, authentication, security, privacy, and performance simulation and analysis.
This book is a comprehensive source of information on basic concepts, major issues, design approaches, future research directions, and the interaction between these components. With its broad coverage allowing for easy cross reference, the book also provides detailed techniques for eliminating bandwidth insufficiency, increasing location management performance, and decreasing the associated authentication traffic.
Features:
· Offers competitive, self-contained information on resource, mobility, and security management in wireless networks
· Explains the interaction and coupling among the most important components in wireless networks
· Examines background, applications, and standard protocols
· Addresses challenges and solutions in key management of wireless sensor networks
· Covers how to provide effective and efficient authentication and key agreements for cellular access security
|
Digital Privacy: Theory, Technologies, and Practices
Added 4/8/2008
Alessandro Acquisti, Stefanos Gritzalis, Costos Lambrinoudakis, Sabrina Vimercati
While traveling the data highway through the global village, most people, if they think about it at all, consider privacy a non-forfeitable right. They expect to have control over the ways in which their personal information is obtained, distributed, shared, and used by any other entity. According to recent surveys, privacy, and anonymity are the fundamental issues of concern for most Internet users, ranked higher than ease-of-use, spam, cost, and security. Digital Privacy: Theory, Techniques, and Practices covers state-of-the-art technologies, best practices, and research results, as well as legal, regulatory, and ethical issues. Editors Alessandro Acquisti, Stefanos Gritzalis, Costas Lambrinoudakis, and Sabrina De Capitani di Vimercati, established researchers whose work enjoys worldwide recognition, draw on contributions from experts in academia, industry, and government to delineate theoretical, technical, and practical aspects of digital privacy. They provide an up-to-date, integrated approach to privacy issues that spells out what digital privacy is and covers the threats, rights, and provisions of the legal framework in terms of technical counter measures for the protection of an individual’s privacy. The work includes coverage of protocols, mechanisms, applications, architectures, systems, and experimental studies. Even though the utilization of personal information can improve customer services, increase revenues, and lower business costs, it can be easily misused and lead to violations of privacy. Important legal, regulatory, and ethical issues have emerged, prompting the need for an urgent and consistent response by electronic societies. Currently there is no book available that combines such a wide range of privacy topics with such a stellar cast of contributors. Filling that void, Digital Privacy: Theory, Techniques, and Practices gives you the foundation for building effective and legal privacy protocols into your business processes.
|
Cyber Forensics: A Field Manual for Collecting, Examining, and Preserving Evidence of Computer Crimes, Second Edition
Added 4/8/2008
Albert Marcella, Jr., Doug Menendez
Designed as an introduction and overview to the field, Cyber Forensics: A Field Manual for Collecting, Examining, and Preserving Evidence of Computer Crimes, Second Edition integrates theory and practice to present the policies, procedures, methodologies, and legal ramifications and implications of a cyber forensic investigation. The authors guide you step-by-step through the basics of investigation and introduce the tools and procedures required to legally seize and forensically evaluate a suspect machine.
Updating and expanding information on concealment techniques, new technologies, hardware, software, and relevant new legislation, this second edition delineates the scope and goals of cyber forensics to reveal and track legal and illegal activity. Beginning with an introduction and definition of cyber forensics, chapters explain the rules of evidence and chain of custody in maintaining legally valid electronic evidence. They describe how to begin an investigation and employ investigative methodology, as well as establish standard operating procedures for the field and cyber forensic laboratory. The authors provide an in depth examination of the manipulation of technology to conceal illegal activities and the use of cyber forensics to uncover them. They discuss topics and issues such as conducting a cyber forensic investigation within both the local and federal legal framework, and evaluating the current data security and integrity exposure of multifunctional devices.
Cyber Forensics includes details and tips on taking control of a suspect computer or PDA and its "operating" environment, mitigating potential exposures and risks to chain of custody, and establishing and following a flowchart for the seizure of electronic evidence. An extensive list of appendices include websites, organizations, pertinent legislation, further readings, best practice recommendations, more information on hardware and software, and a recap of the federal rules of civil procedure.
|
Managing Global Supply Chains: Compliance, Security, and Dealing with Terrorism
Added 4/8/2008
Thomas Cook
September 11, 2001 had a profound impact upon individuals, institutions, and governments, but also upon the world of global trade. Years later, the reverberations of this deliberate and focused act of terrorism are manifest in much more stringent logistics, documentary requirements, and regulations. A single source on compliance and security, written from a supply chain manager’s perspective, Managing Global Supply Chains sorts out all the issues and frames a comprehensive strategy for supply chain executives in the post 9/11 world.
|
Data-driven Block Ciphers for Fast Telecommunication Systems
Added 4/8/2008
Nikolai Moldovyan, Alexander Moldovyan
The Most Progressive and Complete Guide to DDO-Based Ciphers Developers have long recognized that ciphers based on Permutation Networks (PNs) and Controlled Substitution-Permutation Networks (CSPNs) allow for the implementation of a variety of Data Driven Operations (DDOs). These DDOs can provide fast encryption without incurring excessive hardware costs in modern telecommunication networks. However, until now, with a few exceptions, most DDO-based ciphers have been poorly represented in available literature and have continued to remain known to only a small number of encryption experts. In Data-Driven Block Ciphers for Fast Telecommunication Systems, Nikolai Moldovyan and Alexander Moldovyan, major innovators and holders of several dozen international patents in encryption technology, provide the background and detail the applications needed to investigate new properties of PNs especially relevant to the improvement of modern wireless systems.Furthermore, they propose a universal architecture involving controlled bit permutation instruction that will permit the performance of both data-driven permutations and an arbitrary prescribed fixed permutation in a single cycle. Immediately improved efficiency for current and future fast telecommunication systems and mobile networks Because of its simplicity and efficient use of current hardware, the embedding of this architecture is a highly attractive option for CPU manufacturers.By detailing all the relevant information into a single volume for the first time, the authors of this book make that option more feasible than ever before.
|
|
