Information Assurance Books

TitleAuthorPublisherSummary
Applied Cryptography Bruce Schneier John Wiley & Sons,1996 Providesa comprehensive survey of modern cryptography. The book details how programmers and electronic communications professionals can use cryptography -- the technique of enciphering and deciphering messages -- to maintain the privacy of computer data.
Computer Security Dieter Gollman John Wiley & Sons, 1999 Offers a starting point for discovering underlying issues and provides a means of orientation in a world populated by a bewildering array of competing security systems.
Hacking Exposed Stuart McClure, et al McGraw-Hill Osborne Media, 2003 Talks about security from an offensive angle. A Jane's-like catalog of the weaponry that black-hat hackers use is laid out in full. Readers see what programs are out there, get a rundown on what the programs can do, and benefit from detailed explanations of concepts (such as wardialing and rootkits) that most system administrators kind of understand, but perhaps not in detail.
Handbook of Applied Cryptography Alfred J. Menezes, et al CRC Press Introduces practical aspects of conventional and public-key cryptography and offering information on the latest techniques and algorithms in the field. Mathematical treatments accompany practical discussions of areas including pseudorandom bits and sequences, stream and block ciphers, hash functions, and digital signatures. Also covers establishment protocols, implementation, and patents and standards.
How to Break Software James Whittaker Pearson Addison Wesley, 2002 A practical tutorial on how to actually do testing by presenting numerous 'attacks' you can perform to test your software for bugs. The testing techniques are as flexible as conventional testing is rigid.
Information Warfare and Security Dorothy E. Denning Addison-Wesley Pub Co, 1998 Covers threats such as fraud, sabotage, espionage, piracy, identity theft, and electronic warfare.
PracticalUnix and Internet Security Simson Garfinkel, Gene Spafford O'Reilly & Associates,1996 The breadth is vast, from fundamentals (definitions of computer security; the history of Unix) and commonsense but little-observed security basics (making backups; physical and personnel security; buggy software) to modern software (NFS, WWW, firewalls) and the handling of security incidents.
The CERT Guide to System and Network Security Practices Julia Allen Addison-Wesley Pub Co, 2001 Techniques for hardening computers and networks against compromise by malice-minded hackers, detecting break-ins and other attacks when they occur, and designing security policies to minimize potential damage. Specific advice has to do with locked-down workstations, servers in DMZs, firewalls, and intrusion detection utilities.
Trust in Cyberspace Fred B. Schneider National Academy Press, 1999 In this text, experts from industry and academia provide a detailed assessment of the current state of the art for building trustworthy networked information systems. They propose new directions for research in computer and network security, software technology and system architecture.