New security book – “The Craft of System Security”

Whether you’re a security practitioner, developer, manager, administrator, or user, this book will give you the deep understanding necessary to meet today’s security challenges–and anticipate tomorrow’s. Unlike most books, The Craft of System Security doesn’t just introduce the modern security practitioner’s toolkit: it reveals why each tool exists, and demonstrates exactly how to use it to solve real problems.
 

After reading this book, you will be able to

• Understand the classic “Orange Book” approach to security, and its limitations
• Use operating system security tools and structures–with examples from Windows, Linux, BSD, and Solaris
• Learn how networking, the Web, and wireless technologies impact security
• Identify software security defects, from buffer overflows to development process flaws
• Understand cryptographic primitives and their use in secure systems
• Use best-practice techniques for authenticating people and computer systems in diverse settings
• Use validation, standards, and testing to enhance confidence in a system’s security
• Discover the security, privacy, and trust issues arising from desktop productivity tools
• Understand digital rights management, watermarking, information hiding, and policy expression
• Learn principles of Human-Computer Interaction (HCI) design for improved security