Computer Security: Art and Science

Great Book! I had to buy for my class ... happy that we are using this :-)

I used this book for a graudate-level introductory computer security class and it was very detailed and explained concepts well. I took a security and privacy course in undergrad and Bishop's book is much better than the book I used last fall. If you have strong math skills and strong coding skills, this is the book for you. It is even helpful to people studying for the CISSP and Security+ certifications in information security.

I admit...this book was a required text for my computer security class, so I didn't buy it for my reading pleasure. First thought? GOOD GRIEF (it's about 1000 pages)! Current thinking? THANK GOODNESS I HAVE THIS BOOK. I have pages in every chapter marked and read and have to say that it has helped transform me from someone who didn't have a clue about computer secrurity to someone who is now getting the NSTISSI 4011 certification in conjunction with a PhD in Computer Information Systems with a focus in Information Security. The explanations are clear, yet bring the reader beyond the elementary level. Bishop covers a wide range of topics to help create a thorough understanding of security issues. Of most benefit to me was the section on Cryptography. I've read some review regarding the math. It's in there for those who would like to review it, but it not, just skim and read on. The first time I went through this book, I skipped any section with math, but found those very same sections useful as I learned the topics in depth. Since I bought this book a year ago (this review is dated 11/04) and I have not yet put it back on the shelf.

This book gives an excellent introduction to the subject of computer security, both from a practical and theoretical point of view. Computer scientists and not security professionals will probably gain the most from the reading of the book, but there is enough practical discussion to allow the latter to gain more insight into various aspects of computer security, particularly in the mathematics of encryption. The book is designed for use in academic classroom settings, and the author gives two different outlines for use in both undergraduate and graduate level courses. The book is divided up into 9 parts, only parts 2 and 3 of which I read in any detail, with the rest only briefly perused. For this reason only these two parts will be reviewed here. Part 2 of the book is a view of security from the standpoint of theoretical computer science. The author discusses models for the decidability of security systems, i.e. is there a generic algorithm that will determine whether a computer system is secure? As expected, this question is addressed in the context of Turing machines, and the author shows that it is undecidable whether a given state of a given protection system is safe for a given generic right. However the proof proceeds by contradiction, and those of us who insist on constructive proofs in all of mathematics will not accept this one. It would be interesting to find a constructive proof of this result. If the protection system is restricted in some way then they safety question is decidable. The author discusses such a system, the "Take-Grant Protection Model" in terms of directed graphs, and he shows that this model is decidable in linear time with respect to the size of the graph. He then explains the reasons why a safety model can be decidable versus one that cannot be, via a highly technical discussion of the "Schematic Protection Model" (SPM). This section is very interesting due to the nature of the mathematical constructions that are used. These constructions make it readily apparent why the (undecidable) Harrison-Ruzzo-Ullman (HRU) model is more expressive than the SPM. The expressive power of the different models derives from the notion of a `type', and this motivates the author to consider the `typed access matrix model' and its utility in detailing a system's safety properties. In Part 3, the author gets down to more practical matters, and discusses the implementation of security policies. Taking a computer system to be a finite-state automaton with transition functions that change state, a security policy is defined as a statement that partitions these states into `secure' and `nonsecure' states. Secure systems are defined as those that cannot enter a nonsecure state if they are in a secure state. All throughout this part the author emphasizes that fact that all security policies are based on assumptions that would lead to the destruction of these policies if they are false. The author discusses a practical example of a securi

This book is simply superb - a comprehensive, beautifully written text for information security students and practitioners. Matt Bishop has decades of security-related contributions to his credit and his book reflects his accumulated wisdom on all things security. I believe that those colleges and universities that offer information security degree programs will certainly use this book as text for those programs, and in doing so, will serve their students extremely well. And for those of us who are laboring in the security vineyard, this book represents a rare opportunity to refine our understanding of the fundamentals by tuning in to the thoughts of a master teacher and practitioner. Well done!!