Information Security Science: Measuring the Vulnerability to Data Compromises

Carl Young

  • 出版商: Syngress Media
  • 出版日期: 2016-06-21
  • 售價: $2,670
  • 貴賓價: 9.5$2,537
  • 語言: 英文
  • 頁數: 406
  • 裝訂: Paperback
  • ISBN: 0128096438
  • ISBN-13: 9780128096437
  • 相關分類: 資訊安全
  • 海外代購書籍(需單獨結帳)

相關主題

商品描述

Information Security Science: Measuring the Vulnerability to Data Compromises provides the scientific background and analytic techniques to understand and measure the risk associated with information security threats. This is not a traditional IT security book since it includes methods of information compromise that are not typically addressed in textbooks or journals.

In particular, it explores the physical nature of information security risk, and in so doing exposes subtle, yet revealing, connections between information security, physical security, information technology, and information theory. This book is also a practical risk management guide, as it explains the fundamental scientific principles that are directly relevant to information security, specifies a structured methodology to evaluate a host of threats and attack vectors, identifies unique metrics that point to root causes of technology risk, and enables estimates of the effectiveness of risk mitigation.

This book is the definitive reference for scientists and engineers with no background in security, and is ideal for security analysts and practitioners who lack scientific training. Importantly, it provides security professionals with the tools to prioritize information security controls and thereby develop cost-effective risk management strategies.

  • Specifies the analytic and scientific methods necessary to estimate the vulnerability to information loss for a spectrum of threats and attack vectors
  • Represents a unique treatment of the nexus between physical and information security that includes risk analyses of IT device emanations, visible information, audible information, physical information assets, and virtualized IT environments
  • Identifies metrics that point to the root cause of information technology risk and thereby assist security professionals in developing risk management strategies
  • Analyzes numerous threat scenarios and specifies countermeasures based on derived quantitative metrics
  • Provides chapter introductions and end-of-chapter summaries to enhance the reader’s experience and facilitate an appreciation for key concepts

商品描述(中文翻譯)

《資訊安全科學:衡量資料危害的脆弱性》提供了科學背景和分析技術,以了解和衡量與資訊安全威脅相關的風險。這不是一本傳統的IT安全書籍,因為它包括通常在教科書或期刊中不涉及的資訊危害方法。

特別是,它探討了資訊安全風險的物理性質,並因此揭示了資訊安全、物理安全、資訊技術和資訊理論之間微妙而有啟發性的聯繫。這本書還是一本實用的風險管理指南,因為它解釋了與資訊安全直接相關的基本科學原則,指定了一種結構化方法來評估各種威脅和攻擊向量,識別指向技術風險根本原因的獨特指標,並能夠估計風險緩解的效果。

這本書是沒有安全背景的科學家和工程師的權威參考書,也是缺乏科學培訓的安全分析師和從業人員的理想選擇。重要的是,它為安全專業人員提供了工具,以優先考慮資訊安全控制,從而制定具有成本效益的風險管理策略。

- 指定了估計一系列威脅和攻擊向量對資訊損失脆弱性所需的分析和科學方法
- 代表了物理安全和資訊安全之間關聯的獨特處理,包括IT設備發射、可見資訊、聽得見的資訊、物理資訊資產和虛擬化IT環境的風險分析
- 識別指向資訊技術風險根本原因的指標,從而協助安全專業人員制定風險管理策略
- 分析了眾多威脅情境並指定基於衍生的定量指標的對策
- 提供章節介紹和章末摘要,以增強讀者的體驗並促進對關鍵概念的理解