Higher Education

Computer Security Assurance, 1st Edition

  • Mark S Merkow DeVry University Online
  • Jim Breithaupt Maricopa County Community College
  • ISBN-10: 1401862659  |  ISBN-13: 9781401862657
  • 448 Pages
  • © 2005 | Published
  • College Bookstore Wholesale Price = $198.75

About

Overview

Written in a friendly and easy-to-understand tone, Computer Security Assurance Using the Common Criteria helps readers navigate through all the activities within the Common Criteria (CC) that have gained the attention of the security community and will revolutionize how people compare, select, purchase, and maintain security systems. Practical examples aimed at deciphering the contents and activities within the CC help build an understanding that places readers on a path to real-world security assurance applications. Up-to-date coverage explains IT security assurance methodologies and the activities within any of the CC-defined user roles that are necessary for high quality and proven secure IT software and hardware.

Features and Benefits

  • assumes no prior knowledge of the Common Criteria or of security assurance concepts, rendering the book especially helpful to those who are new to the topic and its use
  • provides clear and current examples and state-of-the-practice information can be adapted to individual circumstances, helping readers immediately apply the concepts learned
  • includes a step-by-step analysis of the Common Criteria that is relevant to information assurance product testing and certification
  • highlights the basic and fundamental assumptions that users must make related to the underlying security of the devices and software involved in an error-free computer installation
  • builds confidence in the readers� ability to identify problems and vulnerabilities, resulting in fewer design and implementation flaws

Table of Contents

Part I BUILDING TRUST IN SECURITY SYSTEMS:
Foundations of IT Security Assurance.
The Common Criteria (CC).
Part II THE PIECES OF THE COMMON CRITERIA (CC) PUZZLE:
Participants and Activities within the Common Criteria (CC).
Developing a Protection Profile (PP).
Developing Security Targets.
The CCToolBox.
Common Criteria (CC) Interpretations and Issue Resolution.
Part III EVALUATION PHASE:
Evaluating Target of Evaluations (TOEs).
Certification Process.
Maintenance of Assurance.
The Common Criteria (CC) at Work.
Part IV APPENDIXES:
Appendix A Sample Protection Profile (PP).
Appendix B Sample Security Target.
Appendix C Example Common Criteria (CC) Certificate.
Appendix D Common Criteria (CC)-Compliant Testing Labs.
Appendix E Guidance Documents.
Appendix F Inside The Common Criteria Information Portal.
Appendix G Other Common Criteria (CC) Information Sources.
Appendix H Glossary.

Supplements

All supplements have been updated in coordination with the main title. Select the main title's "About" tab, then select "What's New" for updates specific to title's edition.

For more information about these supplements, or to obtain them, contact your Learning Consultant.

Instructor Supplements

Information Security Intelligence: Cryptographic Principles & Applications  (ISBN-10: 1401837271 | ISBN-13: 9781401837273)

Safeguarding the confidentiality, authenticity, integrity, and non-repudiation of information is paramount to organizational stability and success. This new book provides an understanding of information security, potential threats to our information, and effective countermeasures to proactively combat those threats. A comprehensive review of cryptographic techniques is explained in simple mathematical terms. The text covers symmetrical and asymmetrical encryption, digital signatures, Kerberos, code signing, creation/deployment of strong keys and passwords, Virtual Private Networks, SET, SSL, SSH, IPSec, and authentication techniques. A detailed examination of Tiny Encryption Algorithm (TEA) exposes readers to the inner workings of encryption. CD-ROM experiments help solidify the learning experience. Emphasis throughout is on the application of the cryptographic methods and support structures needed to effectively apply the principles to create a secure business setting.

List Price = $165.95  | CengageBrain Price = $165.95  | College Bookstore Wholesale Price = $124.75

Student Supplements

Information Security Intelligence: Cryptographic Principles & Applications  (ISBN-10: 1401837271 | ISBN-13: 9781401837273)

Safeguarding the confidentiality, authenticity, integrity, and non-repudiation of information is paramount to organizational stability and success. This new book provides an understanding of information security, potential threats to our information, and effective countermeasures to proactively combat those threats. A comprehensive review of cryptographic techniques is presented and explained in simple mathematical terms. The text covers symmetrical and asymmetrical encryption, digital signatures, Kerberos, creation/deployment of strong keys and passwords, Virtual Private Networks, SET, SSL, SSH, IPSec, and authentication techniques. A detailed examination of Tiny Encryption Algorithm (TEA) exposes readers to the inner workings of encryption. CD-ROM experiments help solidify the learning experience. Emphasis throughout is on the application of the cryptographic methods and support structures needed to effectively apply the principles to create a secure business setting.

List Price = $165.95  | CengageBrain Price = $165.95  | College Bookstore Wholesale Price = $124.75

Meet the Author

Author Bio

Mark S Merkow

Mark S Merkow, CCP, CISSP, and CISM, works with his company¿s CIO office to establish the IT security strategy for financial services management and infrastructure to support a broad portfolio of credit card, banking, and brokerage products and services. Mark represents his company as an FS/ISAC Site Coordinator. He is also a delegate to the ANSI X9F (Financial Services Security) committee and has worked closely with the National Institute of Standards and Technology (NIST) on the Common Criteria Security testing and evaluation methodology. Mark also teaches online courses in IT Security and E-commerce for DeVry University Online and University of Phoenix Online. He holds a Masters of Science in Decision and Information Systems and a Masters of Education in Learning Technologies from Arizona State University. Mark also holds two industry security certifications, the Certified Information Systems Security Professional (CISSP) and the Certified Information Security Manager (CISM) certificate from ISACA. Mark is also an author of seven books (five on IT Security), a columnist for Internet.com, and a contributor to several other books including the Internet Encyclopedia (Wiley, 2004).

Jim Breithaupt

Jim Breithaupt is a project manager and IT specialist, involved with the rapidly emerging electronic brokerage and payment card technologies. Jim has more than twenty five years of experience as a systems analyst, designer, and developer, primarily in the financial services industry. Jim has also taught English for the past ten years as an adjunct faculty member in the Department of English for the Maricopa County Community College District. He is a contributing author to Building SET Applications for Secure Transactions (John Wiley & Sons, 1998) co-author of The Complete Guide To Internet Security (AMACOM Books, 2000), and co-author of The ePrivacy Imperative (AMACOM Books, 2001)