- Author:
- Dieter Gollmann
No abstract available.
Cited By
- Shafagh H, Burkhalter L, Ratnasamy S and Hithnawi A Droplet Proceedings of the 29th USENIX Conference on Security Symposium, (2469-2486)
- Lee K, Lee K and Lee S (2018). Remote data integrity check for remotely acquired and stored stream data, The Journal of Supercomputing, 74:3, (1182-1201), Online publication date: 1-Mar-2018.
Ahmadian A, Peldszus S, Ramadan Q and Jürjens J Model-based privacy and security analysis with CARiSMA Proceedings of the 2017 11th Joint Meeting on Foundations of Software Engineering, (989-993)- Chen T, Chen Y, Chen P and Lin C (2017). A two-dimensional knowledge authorization evaluation method enabling inter-enterprise knowledge sharing, Computers and Industrial Engineering, 108:C, (124-135), Online publication date: 1-Jun-2017.
- Jaidi F and Ayachi F The problem of integrity in RBAC-based policies within relational databases Proceedings of the 9th International Conference on Ubiquitous Information Management and Communication, (1-8)
- Shi L and Chadwick D A controlled natural language interface for authoring access control policies Proceedings of the 2011 ACM Symposium on Applied Computing, (1524-1530)
- Proto A, Alexandre L, Batista M, Oliveira I and Cansian A Statistical model applied to netflow for network intrusion detection Transactions on computational science XI, (179-191)
- Cai C BANBAD - A Centralized belief-networks-based anomaly detection algorithm for MANETs Proceedings of the 28th IEEE conference on Global telecommunications, (4362-4367)
- Giroux S, Wachowiak-Smolikova R and Wachowiak M Keystroke-based authentication by key press intervals as a complementary behavioral biometric Proceedings of the 2009 IEEE international conference on Systems, Man and Cybernetics, (80-85)
- Grau S, Allen T and Sherkat N (2009). Silog, Knowledge-Based Systems, 22:7, (535-539), Online publication date: 1-Oct-2009.
- Inglesant P, Sasse M, Chadwick D and Shi L Expressions of expertness Proceedings of the 4th symposium on Usable privacy and security, (77-88)
- Hankin C, Nielson F, Nielson H and Yang F Advice for coordination Proceedings of the 10th international conference on Coordination models and languages, (153-168)
- Myers J and Riela S (2008). Taming the diversity of information assurance & security, Journal of Computing Sciences in Colleges, 23:4, (173-179), Online publication date: 1-Apr-2008.
- Nachtigal S eBPSM Proceedings of the ninth international conference on Electronic commerce, (101-106)
- Flegel U and Meier M Authorization architectures for privacy-respecting surveillance Proceedings of the 4th European conference on Public Key Infrastructure: theory and practice, (1-17)
- Nielson F and Riis Nielson H (2007). Heuristics for Safety and Security Constraints, Electronic Notes in Theoretical Computer Science (ENTCS), 172, (523-543), Online publication date: 1-Apr-2007.
- Vroblefski M, Chen A, Shao B and Swinarski M (2007). Managing user relationships in hierarchies for information system security, Decision Support Systems, 43:2, (408-419), Online publication date: 1-Mar-2007.
- Hopper N, Molnar D and Wagner D From weak to strong watermarking Proceedings of the 4th conference on Theory of cryptography, (362-382)
- Nosseir A, Connor R and Renaud K Question-based group authentication Proceedings of the 18th Australia conference on Computer-Human Interaction: Design: Activities, Artefacts and Environments, (277-283)
- Fernandez E, Sorgente T and Larrondo-Petrie M Even more patterns for secure operating systems Proceedings of the 2006 conference on Pattern languages of programs, (1-9)
- Obiedkov S, Kourie D and Eloff J On lattices in access control models Proceedings of the 14th international conference on Conceptual Structures: inspiration and Application, (374-387)
- Kim J, Lee S, Kim M, Seo J and Noh B A security architecture for adapting multiple access control models to operating systems Proceedings of the 2006 international conference on Computational Science and Its Applications - Volume Part V, (922-931)
- Reid R, Platt R and Wei J A teaching module to introduce encryption for web users Proceedings of the 2nd annual conference on Information security curriculum development, (60-65)
- Gilmore S, Haenel V, Kloul L and Maidl M Choreographing security and performance analysis for web services Proceedings of the 2005 international conference on European Performance Engineering, and Web Services and Formal Methods, international conference on Formal Techniques for Computer Systems and Business Processes, (200-214)
- Baek J and Hong I Secure payment protocol for healthcare using USIM in ubiquitous Proceedings of the 2005 international conference on Computational Science and Its Applications - Volume Part III, (964-972)
- Vaughn R, Dampier D and Warkentin M Building an information security education program Proceedings of the 1st annual conference on Information security curriculum development, (41-45)
- Petrova K, Philpott A, Kaskenpalo P and Buchan J Embedding information security curricula in existing programmes Proceedings of the 1st annual conference on Information security curriculum development, (20-29)
- Payne C Enhanced Security Models for Operating Systems Proceedings of the 28th Annual International Computer Software and Applications Conference - Volume 01, (230-235)
- Popescu B, Crispo B and Tanenbaum A Support for multi-level security policies in DRM architectures Proceedings of the 2004 workshop on New security paradigms, (3-9)
- Litwin W and Schwarz T Algebraic Signatures for Scalable Distributed Data Structures Proceedings of the 20th International Conference on Data Engineering
- Bugliesi M, Castagna G and Crafa S (2004). Access control for mobile agents, ACM Transactions on Programming Languages and Systems, 26:1, (57-124), Online publication date: 1-Jan-2004.
- Li C and Pahl C Security in the Web Services Framework Proceedings of the 1st international symposium on Information and communication technologies, (481-486)
- Azadegan S, Lavine M, O'Leary M, Wijesinha A and Zimand M (2003). An undergraduate track in computer security, ACM SIGCSE Bulletin, 35:3, (207-210), Online publication date: 1-Sep-2003.
- Azadegan S, Lavine M, O'Leary M, Wijesinha A and Zimand M An undergraduate track in computer security Proceedings of the 8th annual conference on Innovation and technology in computer science education, (207-210)
- Seo H, Cho T and Chi S Modeling and simulation of distributed security models Proceedings of the 2003 international conference on Computational science, (809-818)
- Venter H and Eloff J (2003). Feature, Computers and Security, 22:4, (299-307), Online publication date: 1-May-2003.
- Wooley G (2003). Results of classroom enterprise security assessment of five large enterprise networks, Journal of Computing Sciences in Colleges, 18:3, (185-195), Online publication date: 1-Feb-2003.
- Janczewski L New challenges in privacy protection Advanced topics in global information management, (125-139)
- Clarke S and Drake P A social perspective on information security Socio-technical and human cognition elements of information systems, (249-265)
- Whitaker A, Shaw M and Gribble S (2002). Scale and performance in the Denali isolation kernel, ACM SIGOPS Operating Systems Review, 36:SI, (195-209), Online publication date: 31-Dec-2003.
- Koh J, Yi M, Cho T, Kim H and Kim H Knowledge-Based Modeling and Simulation of Network Access Control Mechanisms Representing Security Policies Proceedings of the 4th International Conference on Information and Communications Security, (374-385)
- Whitaker A, Shaw M and Gribble S Scale and performance in the Denali isolation kernel Proceedings of the 5th symposium on Operating systems design and implementation (Copyright restrictions prevent ACM from being able to make the PDFs for this conference available for downloading), (195-209)
- Whitaker A, Shaw M and Gribble S Denali Proceedings of the 10th workshop on ACM SIGOPS European workshop, (10-15)
- Aljareh S and Rossiter N A task-based security model to facilitate collaboration in trusted multi-agency networks Proceedings of the 2002 ACM symposium on Applied computing, (744-749)
- Frank C and Wells G (2002). Laboratory exercises for a computer security course, Journal of Computing Sciences in Colleges, 17:4, (51-54), Online publication date: 1-Mar-2002.
- Bryce C and Vitek J (2001). The JavaSeal Mobile Agent Kernel, Autonomous Agents and Multi-Agent Systems, 4:4, (359-384), Online publication date: 1-Dec-2001.
- Siponen M A paradigmatic analysis of conventional approaches for developing and managing secure IS Proceedings of the 16th international conference on Information security: Trusted information: the new decade challenge, (437-452)
- (2001). Five dimensions of information security awareness, ACM SIGCAS Computers and Society, 31:2, (24-29), Online publication date: 1-Jun-2001.
- Weippl E Coimbra Proceedings of the 2000 ACM workshops on Multimedia, (145-148)
Index Terms
- Computer security
Recommendations
Security problems in computer communication systems
At the present time there is a rapid growth in computer communications associated with terminal-based, multi-user computer systems, and in networks of computers [1,2,3]. Nearly all such systems communicate, process, or store information which is ...
Security of internet-connected computer networks
The security of computer networks connected to the internet is an important, vital and hotly contested real-world issue. Once the computer networks get connected to the internet, the number of attacks, their strength and intensity grow exponentially. ...
Reviews
Nancy R. Mead
Gollman intended this book as a textbook for graduate students with a computer science background. As is often the case, the material was initially used in several courses. The book is divided into four parts. Part 1, “Fundamentals” (chapters 1 through 5), consists of “Setting the Scene,” “Identification and Authentication,” “Access Control,” “Security Models,” and “The Security Kernel.” Part 2, “Practice” (chapters 6 through 9), covers “Unix Security,” “Windows NT Security,” “How Things Go Wrong,” and “Security Evaluation.” Part 3, “Distributed Systems” (chapters 10 through 13), includes “Distributed Systems Security,” “World Wide Web Security,” “Cryptography,” and “Network Security.” Part 4, “Theory” (chapters 14 through 17), contains “Database Security,” “Multi-Level Secure Databases,” “Concurrency Control and Multi-Level Security,” and “Object-Oriented Security.” Each chapter includes an abstract and objectives, as well as further reading and exercises. Good definitions are given, and there is an extensive reference list. I found myself wishing that I had had this book when I started working in this area. I also found myself comparing the definitions used by the author with those in use on our research project. The book makes for great reading on computer security, whether or not you are planning to teach from it. As a practitioner, I appreciated the logical approach to the subject and the fact that the presentation is well grounded in definitions and theory. The book is highly readable and contains clear explanations and examples. It does require a good background in computer science or mathematics, especially for some of the exercises. I wish that some of the topics that are specifically not covered, such as risk analysis, had been included, because I would love to see the author's perspectives on those topics. Many people involved in computing will find this book readable and informative, whether or not they are teaching courses in computer security. Those teaching a first graduate course in computer security for students with computer science or mathematics backgrounds should consider using it as a text.
Access critical reviews of Computing literature here
Become a reviewer for Computing Reviews.