• Complain

Steven M. Bellovin - Thinking Security: Stopping Next Years Hackers

Here you can read online Steven M. Bellovin - Thinking Security: Stopping Next Years Hackers full text of the book (entire story) in english for free. Download pdf and epub, get meaning, cover and reviews about this ebook. year: 2015, publisher: Addison-Wesley Professional, genre: Politics. Description of the work, (preface) as well as reviews are available. Best literature library LitArk.com created for fans of good reading and offers a wide selection of genres:

Romance novel Science fiction Adventure Detective Science History Home and family Prose Art Politics Computer Non-fiction Religion Business Children Humor

Choose a favorite category and find really read worthwhile books. Enjoy immersion in the world of imagination, feel the emotions of the characters or learn something new for yourself, make an fascinating discovery.

Steven M. Bellovin Thinking Security: Stopping Next Years Hackers
  • Book:
    Thinking Security: Stopping Next Years Hackers
  • Author:
  • Publisher:
    Addison-Wesley Professional
  • Genre:
  • Year:
    2015
  • Rating:
    4 / 5
  • Favourites:
    Add to favourites
  • Your mark:
    • 80
    • 1
    • 2
    • 3
    • 4
    • 5

Thinking Security: Stopping Next Years Hackers: summary, description and annotation

We offer to read an annotation, description, summary or preface (depends on what the author of the book "Thinking Security: Stopping Next Years Hackers" wrote himself). If you haven't found the necessary information about the book — write in the comments, we will try to find it.

If youre a security or network professional, you already know the dos and donts: run AV software and firewalls, lock down your systems, use encryption, watch network traffic, follow best practices, hire expensive consultants . . . but it isnt working. Youre at greater risk than ever, and even the worlds most security-focused organizations are being victimized by massive attacks.

In Thinking Security, author Steven M. Bellovin provides a new way to think about security. As one of the worlds most respected security experts, Bellovin helps you gain new clarity about what youre doing and why youre doing it. He helps you understand security as a systems problem, including the role of the all-important human element, and shows you how to match your countermeasures to actual threats. Youll learn how to move beyond last years checklists at a time when technology is changing so rapidly.

Youll also understand how to design security architectures that dont just prevent attacks wherever possible, but also deal with the consequences of failures. And, within the context of your coherent architecture, youll learn how to decide when to invest in a new security product and when not to.

Bellovin, co-author of the best-selling Firewalls and Internet Security, caught his first hackers in 1971. Drawing on his deep experience, he shares actionable, up-to-date guidance on issues ranging from SSO and federated authentication to BYOD, virtualization, and cloud security.

Perfect security is impossible. Nevertheless, its possible to build and operate security systems far more effectively. Thinking Security will help you do just that.

Steven M. Bellovin: author's other books


Who wrote Thinking Security: Stopping Next Years Hackers? Find out the surname, the name of the author of the book and a list of all author's works by series.

Thinking Security: Stopping Next Years Hackers — read online for free the complete book (whole text) full work

Below is the text of the book, divided by pages. System saving the place of the last page read, allows you to conveniently read the book "Thinking Security: Stopping Next Years Hackers" online for free, without having to search again every time where you left off. Put a bookmark, and you can go to the page where you finished reading at any time.

Light

Font size:

Reset

Interval:

Bookmark:

Make
About This E-Book

EPUB is an open, industry-standard format for e-books. However, support for EPUB and its many features varies across reading devices and applications. Use your device or app settings to customize the presentation to your liking. Settings that you can customize often include font, font size, single or double column, landscape or portrait mode, and figures that you can click or tap to enlarge. For additional information about the settings and features on your reading device or app, visit the device manufacturers Web site.

Many titles include programming code or configuration examples. To optimize the presentation of these elements, view the e-book in single-column, landscape mode and adjust the font size to the smallest setting. In addition to presenting code and configurations in the reflowable text format, we have included images of the code that mimic the presentation found in the print book; therefore, where the reflowable format may compromise the presentation of the code listing, you will see a Click here to view code image link. Click the link to view the print-fidelity code image. To return to the previous page viewed, click the Back button on your device or app.

Thinking Security

Stopping Next Years Hackers

Steven M. Bellovin

New York Boston Indiannopolis San Francisco Toronto Montreal London Munich - photo 1

New York Boston Indiannopolis San Francisco
Toronto Montreal London Munich Paris Madrid
Capetown Sydney Tokyo Singapore Mexico City

Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in this book, and the publisher was aware of a trademark claim, the designations have been printed with initial capital letters or in all capitals.

A complete list of sources and credits appears on pages .

The author and publisher have taken care in the preparation of this book, but make no expressed or implied warranty of any kind and assume no responsibility for errors or omissions. No liability is assumed for incidental or consequential damages in connection with or arising out of the use of the information or programs contained herein.

For information about buying this title in bulk quantities, or for special sales opportunities (which may include electronic versions; custom cover designs; and content particular to your business, training goals, marketing focus, or branding interests), please contact our corporate sales department at or (800) 382-3419.

For government sales inquiries, please contact .

For questions about sales outside the United States, please contact .

Visit us on the Web: informit.com/aw

Library of Congress Cataloging-in-Publication Data
Bellovin, Steven M., author.
Thinking security : stopping next years hackers / Steven M. Bellovin.
pages cm
Includes bibliographical references and index.
ISBN 978-0-13-427754-7 (hardcover : alk. paper)
1. Computer networksSecurity measures. 2. Computer security. I. Title.
TK5105.59.B45154 2016
658.478dc23
2015030719

Copyright 2016 Steven M. Bellovin

All rights reserved. Printed in the United States of America. This publication is protected by copyright, and permission must be obtained from the publisher prior to any prohibited reproduction, storage in a retrieval system, or transmission in any form or by any means, electronic, mechanical, photocopying, recording, or likewise. To obtain permission to use material from this work, please submit a written request to Pearson Education, Inc., Permissions Department, 200 Old Tappan Road, Old Tappan, New Jersey 07675, or you may fax your request to (201) 236-3290.

ISBN-13: 978-0-13-427754-7
ISBN-10: 0-13-427754-6

Text printed in the United States on recycled paper at RR Donnelley in Crawfordsville, Indiana.

First printing, November 2015

To Diane for many reasons and then some and to Rebecca and Daniel who asked - photo 2

To Diane, for many reasons and then some,
and to Rebecca and Daniel who asked me not
to write another book but no longer live at
home and hence dont get a veto
.

Contents
Preface

Most computer security books tell you what to do and what not to do. This one tells you why.

The list of security dos and donts is long: run antivirus software, get a firewall, lock everything down, follow extensive checklists, encrypt everything in sight, watch everything that goes on in your network, (especially) bring in over-priced consultants, and so on. The results are dismaying: companies are spending a great deal on security, but we read of massive computer-related attacks. Clearly, something is wrong.

The root of the problem is twofold: were protecting (and spending money on protecting) the wrong things, and were hurting productivity in the process. Unlike automobile locks, which increase a cars functionality by enabling you to park in bad neighborhoods, computer security tends to stop a user from doing something rather than enabling them to go into bad neighborhoods safely. Peopleread that as employeeswant to be productive; when security measures get in their way, guess whats going to suffer? Thats right: security.

The solution, though of course easier said than done, is similarly twofold: protect the right things, and make it easy for employees to do the right thing. That requires more than checklists; it requires thought about the actual threats and technology. Thats what this book is about: how to think about security.

Protecting the Right Things

Security starts by knowing what youre protecting and against whom. A corollary to this is that any security advice that doesnt start with those two questions is wrong: youll spend too much effort on the wrong things. If youre protecting national security secrets against foreign intelligence agencies, you probably need every defense ever invented and some that havent been invented yet. You also need defenses against the three Bs: burglary, bribery, and blackmail.

]). The typical attacker today is motivated by money; the question you have to ask yourself is how an attacker can monetize your computers and networks. If you work for a bank, the answer is pretty obvious; banks are, to quote the famous line, where the money is. But any random computer can help the bad guys steal from the rest of us, so we cant let our guard down. These attacks, though, will be often opportunistic rather than targeted. Even then, there are different gradations of risk.

Theres a corollary to this: defense is also about money. It makes no sense to spend more money to protect an asset than you have at risk. Theres a saying that bears remembering []: Amateurs worry about algorithms; pros worry about economics. Your goal is not to make a system penetration impossible; rather, its to make it too expensive for your enemies, while not spending too much yourself.

Lets look at passwords as a typical example. Weve been told for more than 30 years that weak passwords are a bad idea []. Its absolutely true; break-ins caused by poor password selection are very real. Were also told never to write down a password. However, the world has changed in many ways since 1979.

Suppose I pick a really strong password. Well, Im not picking just one really strong password; Im picking many different ones, for all the different web sites I have to log in to. Theres no way I can remember all of them; Im certain to forget a few, so Ill have to resort to a password recovery mechanism. And what is that? For many web sites, theyll just email me the password. The security of my account, then, depends on the security of my email, right? Not quitetheres more.

Next page
Light

Font size:

Reset

Interval:

Bookmark:

Make

Similar books «Thinking Security: Stopping Next Years Hackers»

Look at similar books to Thinking Security: Stopping Next Years Hackers. We have selected literature similar in name and meaning in the hope of providing readers with more options to find new, interesting, not yet read works.


Reviews about «Thinking Security: Stopping Next Years Hackers»

Discussion, reviews of the book Thinking Security: Stopping Next Years Hackers and just readers' own opinions. Leave your comments, write what you think about the work, its meaning or the main characters. Specify what exactly you liked and what you didn't like, and why you think so.