PREFACE: When the
first edition of this book was published in 1989, viruses and other forms of
malicious code were fairly uncommon, the Internet was used largely by just
computing professionals, a Clipper was a sailing ship, and computer crime was
seldom a headline topic in daily newspapers. In that era most people were
unconcerned about–even unaware of–how serious is the threat to security in the
use of computers. The use of computers has spread at a rate completely
unexpected back then. Now you can bank by computer, order and pay for
merchandise, and even commit to contracts by computer. And the uses of
computers in business have similarly increased both in volume and in richness.
Alas, the security threats to computing have also increased significantly. Why
Read This Book? Are your data and programs at risk? If you answer “yes” to any
of the following questions, you have a potential security risk. Have you
acquired any new programs within the last year? Do you use your computer to
communicate electronically with other computers? Do you ever receive programs
or data from other people? Is there any significant program or data item of
which you do not have a second copy? Relax; you are not alone. Most computer
users have a security risk. Being at risk does not mean you should stop using
computers. It does mean you should learn more about the risk you face, and how
to control that risk. Users and managers of large mainframe computing systems
of the 1960s and l970s developed computer security techniques that were
reasonably effective against thethreatsof that era. However, two factors have
made those security procedures outdated: Personal computer use. Vast numbers of
people have become dedicated users of personal computing systems, both for
business and pleasure. We try to make applications “user friendly” so that
computers can be used by people who know nothing of hardware or programming,
just as people who can drive a car do not need to know how to design an engine.
Users may not be especially conscious of the security threats involved in
computer use; even users who are aware may not know what to do to reduce their
risk. Networked remote-access systems. Machines are being linked in large
numbers. The Internet and its cousin, the World-Wide Web, seem to double every
year in number of users. A user of a mainframe computer may not realize that
access to the same machine is allowed to people throughout the world from an
almost uncountable number of computing systems. Every computing professional
must understand the threats and the countermeasures currently available in
computing. This book addresses that need. This book is designed for the student
or professional in computing. Beginning at a level appropriate for an
experienced computer user, this book describes the security pitfalls inherent
in many important computing tasks today. Then, the book explores the controls
that can check these weaknesses. The book also points out where existing
controls are inadequate and serious consideration must be given to the risk present
in the computing situation. Uses of This Book The chapters of this book
progress in an orderly manner. After an introduction, the topic of encryption,
the process of disguising something written to conceal its meaning, is
presented as the first tool in computer security. The book continues through
the different kinds of computing applications, their weaknesses, and their
controls. The applications areas include: general programs operating systems
data base management systems remote access computing multicomputer networks
These sections begin with a definition of the topic, continue with a
description of the relationship of security to the topic, and conclude with a
statement of the current state of the art of computer security research related
to the topic. The book concludes with an examination of risk analysis and
planning for computer security, and a study of the relationship of law and
ethics to computer security. Background required to appreciate the book is an
understanding of programming and computer systems. Someone who is a senior or
graduate student in computer science or a professional who has been in the
field for a few years would have the appropriate level of understanding.
Although some facility with mathematics is useful, all necessary mathematical
background is developed in the book. Similarly, the necessary material on
design of software systems, operating systems, data bases, or networks is given
in the relevant chapters. One need not have a detailed knowledge of these areas
before reading this book. The book is designed to be a textbook for a one- or
two-semester course in computer security. The book functions equally well as a
reference for a computer professional. The introduction and the chapters on
encryption are fundamental to the understanding of the rest of the book. After
studying those pieces, however, the reader can study any of the later chapters
in any order. Furthermore, many chapters follow the format of introduction,
then security aspects of the topic, then current work in the area. Someone who
is interested more in background than in current work can stop in the middle of
one chapter and go on to the next. This book has been used in classes
throughout the world. Roughly half of the book can be covered in a semester.
Therefore, an instructor can design a one-semester course that considers some
of the topics of greater interest. What Does This Book Contain? This is the
revised edition of Security in Computing. It is based largely on the previous
version, with many updates to cover newer topics in computer security. Among
the salient additions to the new edition are these items: Viruses, worms,
Trojan horses, and other malicious code. Complete new section (first half of
Chapter 5) including sources of these kinds of code, how they are written, how
they can be detected and/or prevented, and several actual examples. Firewalls.
Complete new section (end of Chapter 9) describing what they do, how they work,
how they are constructed, and what degree of protection they provide. Private
e-mail. Complete new section (middle of Chapter 9) explaining exposures in
e-mail, kind of protection available, PEM and PGP, key management, and
certificates. Clipper, Capstone, Tessera, Mosaic, and key escrow. Several
sections, in Chapter 3 as an encryption technology, and Chapter 4 as a key
management protocol, and in Chapter 11 as a privacy and ethics issue. Trusted
system evaluation. Extensive addition (in Chapter 7) including criteria from
the United States, Europe, Canada, and the soon-to-be-released Common Criteria.
Program development processes, including ISO 9000 and the SEI CMM. A major
section in Chapter 5 gives comparisons between these methodologies. Guidance
for administering PC, Unix, and networked environments. In addition to these
major changes, there are numerous small changes, ranging from wording changes
to subtle notational changes for pedagogic reasons, to replacement, deletion,
rearrangement, and expansion of sections. The focus of the book remains the
same, however. This is still a book covering the complete subject of computer
security. The target audience is college students (advanced undergraduates or
graduate students) and professionals. A reader is expected to bring a
background in general computing technology; some knowledge of programming,
operating systems, and networking is expected, although advanced knowledge in
those areas is not necessary. Mathematics is used as appropriate, although a
student can ignore most of the mathematical foundation if he or she chooses.
Acknowledgments Many people have contributed to the content and structure of
this book. The following friends and colleagues have supplied thoughts, advice,
challenges, criticism, and suggestions that have influenced my writing of this
book: Lance Hoffman, Marv Schaefer, Dave Balenson, Terry Benzel, Curt Barker,
Debbie Cooper, and Staffan Persson. Two people from outside the computer
security community were very encouraging: Gene Davenport and Bruce Barnes. I
apologize if I have forgotten to mention someone else; the oversight is
accidental. Lance Hoffman deserves special mention. He used a preliminary copy
of the book in a course at George Washington University. Not only did he
provide me with suggestions of his own, but his students also supplied
invaluable comments from the student perspective on sections that did and did
not communicate effectively. I want to thank them for their constructive
criticisms. Finally, if someone alleges to have written a book alone, distrust
the person immediately. While an author is working 16-hour days on the writing
of the book, someone else needs to see to all the other aspects of life, from
simple things like food, clothing, and shelter, to complex things like social
and family responsibilities. My wife, Shari Lawrence Pfleeger, took the time
from her professional schedule so that I could devote my full energies to
writing. Furthermore, she soothed me when the schedule inexplicably slipped,
when the computer went down, when I had writerOs block, or when some other
crisis beset this project. On top of that, she reviewed the entire manuscript,
giving the most thorough and constructive review this book has had. Her
suggestions have improved the content, organization, readability, and overall
quality of this book immeasurably. Therefore, it is with great pleasure that I
dedicate this book to Shari, the other half of the team that caused this book
to be written.