ISBN0-13-239077-9

There are a number of approaches to how to teach security ranging from hack it till it breaks to building on sound theory. This book is the latter.

It is a textbook, a bit dry, but that goes with the territory when you know you need to read chapter two to pass the quiz, chapter two gets read. The authors have worked hard, the writing works to make things clear, there are lots of very professional illustrations.

This most reminds me of Matt Bishop's book, with its weight and pagecount, but this is more approachable. This book coupled with a good instructor can certainly help teach the theory, terminology and concepts of information security.

The best chapters are six, Database and Data Mining ten, Privacy in Computing and eleven, Legal and Ethical issues.

The weakest chapter is eight, where they breeze over risk analysis and security policy. I also found chapter three, Program Security made me keep thinking, come on, you are so close, put in the extra effort and take this over the top.

The most interesting thing from a book design is that cryptography is split into chapter two elementary cryptography and the last chapter (twelve) crytography explained instead of being taught back to back.

I found this book to give only a cursory overview to some very important topics. If you're very new to computer security, and for that matter computers and IT in general, this may be a useful book. Anyone who has even a basic knowledge of computer security will not find this book useful at all.

It's easy to find security books that will tell you how to break or secure a system. But there's not an abundance of books that go into the foundational information in great depth. This one does just that... Security in Computing (4th Edition) by Charles P. Pfleeger and Shari Lawrence Pfleeger.

Contents: Is There a Security Problem in Computing?; Elementary Cryptography; Program Security; Protection in General-Purpose Operating Systems; Designing Trusted Operating Systems; Database and Data Mining Security; Security in Networks; Administering Security; The Economics of Cybersecurity; Privacy in Computing; Legal and Ethical Issues in Computer Security; Cryptography Explained; Bibliography; Index

Security in Computing is probably best thought of as a "textbook" on the subject. At 850 pages, it's pretty dense and structured similar to what you'd expect to pick up at a college bookstore. In all the chapters, you'll be introduced to the essential terms and concepts, which then serve as the base for additional discussion of the finer details and implications. And like most textbooks, there are exercises at the end which you can just see being assigned by your prof. There's a strong emphasis on cryptography, as two of the chapters deal with that topic. Without getting into minutiae and esoterica, the authors give you all the foundational information you could ask for.

This is *not* a practical hands-on treatment of software security. If you're expecting to read up on the latest hacks and virus techniques, you'll be disappointed. This also isn't the type of book you'll be pulling off your bookshelf every day as reference. But if you're a security professional, you *need* to know these essential concepts. This would be one of those "other" security books that you should own to make sure you're covering all the bases on your education.

I tried using this book for an undergraduate computer security course I teach. I found the level pathetically low, and found only a few scattered sections to have any value for someone with a basic knowledge of computers (like what a first-year student in CS would know). It seems the authors have aimed their book at a general audience; if you want something at all technical, look elsewhere.

This was a required book for a security course at my school, the money would have been better spent on paper to print wikipedia articles which are just as relevant and useful as this book. If you are looking for a book to learn anything about security from, this is not the book for you.