Security Without Obscurity: Frequently Asked Questions (Faq)
暫譯: 無需隱蔽的安全性:常見問題解答 (FAQ)

Stapleton, Jeff

Security Without Obscurity: Frequently Asked Questions (Faq)
  • 出版商: CRC
  • 出版日期: 2021-04-20
  • 售價: $3,820
  • 貴賓價: 9.5$3,629
  • 語言: 英文
  • 頁數: 252
  • 裝訂: Hardcover - also called cloth, retail trade, or trade
  • ISBN: 0367486121
  • ISBN-13: 9780367486129
  • 相關分類: 資訊安全

    • 海外代購書籍(需單獨結帳)

相關主題

商品描述

Security without Obscurity: Frequently Asked Questions (FAQ) complements Jeff Stapleton's three other Security Without Obscurity books, to provide clear information and answers to the most commonly asked questions about information security solutions that use or rely on cryptography and key management methods. There is good and bad cryptography, bad ways of using good cryptography, and both good and bad key management methods. Consequently, information security solutions often have common but somewhat unique issues. These common and unique issues are expressed as an FAQ organized by related topic areas.

The FAQ in this book can be used as a reference guide to help address such issues. Cybersecurity is based on information technology (IT) that is managed using information security (IS) controls, but there is information, misinformation and disinformation. Information reflects things that are accurate about security standards, models, protocols, algorithms, and products. Misinformation includes misnomers, misunderstandings, and lack of knowledge. Disinformation can occur when marketing claims either misuse or abuse terminology, alluding to things that are inaccurate or subjective. This FAQ provides information and distils misinformation and disinformation about cybersecurity.

This book will be useful to security professionals, technology professionals, assessors, auditors, managers, and hopefully even senior management who want a quick, straightforward answer to their questions. It will serve as a quick reference to always have ready on an office shelf. As any good security professional knows, no one can know everything.

商品描述(中文翻譯)

安全無需模糊:常見問題解答(FAQ)補充了 Jeff Stapleton 的另外三本《安全無需模糊》書籍,提供有關使用或依賴加密和金鑰管理方法的信息安全解決方案的最常見問題的清晰信息和答案。加密技術有好有壞,使用良好加密的壞方法,以及良好和不良的金鑰管理方法。因此,信息安全解決方案通常會面臨一些共同但又獨特的問題。這些共同和獨特的問題以 FAQ 的形式表達,並按相關主題區域進行組織。

本書中的 FAQ 可作為參考指南,幫助解決這些問題。網絡安全基於信息技術(IT),並使用信息安全(IS)控制進行管理,但存在信息、錯誤信息和虛假信息。信息反映了有關安全標準、模型、協議、算法和產品的準確內容。錯誤信息包括誤稱、誤解和知識缺乏。虛假信息可能發生在市場宣稱中,當這些宣稱錯誤使用或濫用術語,暗示不準確或主觀的內容時。本 FAQ 提供有關網絡安全的信息,並提煉出錯誤信息和虛假信息。

本書將對安全專業人士、技術專業人士、評估者、審計員、經理,甚至希望能快速獲得問題答案的高層管理人員有所幫助。它將作為一個快速參考,隨時可以放在辦公室的書架上。正如任何優秀的安全專業人士所知,沒有人能知道所有的事情。

作者簡介

Jeff Stapleton has 30 plus years' experience in the financial services industry with 25 years as a security professional involved in developing ANSI and ISO security standards including payments, cryptography, key management, public key infrastructures (PKI) and biometrics. He has also been the X9F4 Cybersecurity and Cryptographic Solutions workgroup chair for over 20 years. Jeff earned his bachelor's and master's degrees in Computer Science from the Universities of Missouri in St. Louis (UMSL) and Rolla (UMR) and has taught Information Security at Washington University in St. Louis (WUSTL) and the University of Texas in San Antonio (UTSA). He has conducted security assessments of payment networks, financial institutions, and assisted in developing secure payment systems. He has authored dozens of ISSA Journal articles, IEEE papers, and chapters in various books, including his own 3 book series Security without Obscurity, which is available from CRC Press.

作者簡介(中文翻譯)

Jeff Stapleton 在金融服務行業擁有超過 30 年的經驗,其中 25 年作為安全專業人士,參與開發 ANSI 和 ISO 安全標準,包括支付、加密、金鑰管理、公鑰基礎設施 (PKI) 和生物識別技術。他還擔任 X9F4 網絡安全和加密解決方案工作組主席超過 20 年。Jeff 在密蘇里州聖路易斯大學 (UMSL) 和羅拉大學 (UMR) 獲得計算機科學的學士和碩士學位,並在聖路易斯華盛頓大學 (WUSTL) 和德克薩斯州聖安東尼奧大學 (UTSA) 教授資訊安全。他曾對支付網絡和金融機構進行安全評估,並協助開發安全支付系統。他撰寫了數十篇 ISSA Journal 文章、IEEE 論文以及多本書籍的章節,包括他自己的三本書系列《Security without Obscurity》,該系列由 CRC Press 出版。

類似商品