[Page 24 (continued)]1.7. Recommended Reading and Web Sites [PFLE02] provides a good introduction to both computer and network security. Two other excellent surveys are [PIEP03] and [BISH05]. [BISH03] covers much the same ground as [BISH05] but with more mathematical detail and rigor. [SCHN00] is valuable reading for any practitioner in the field of computer or network security: it discusses the limitations of technology, and cryptography in particular, in providing security, and the need to consider the hardware, the software implementation, the networks, and the people involved in providing and attacking security. BISH03 Bishop, M. Computer Security: Art and Science. Boston: Addison-Wesley, 2003. BISH05 Bishop, M. Introduction to Computer Security. Boston: Addison-Wesley, 2005. PFLE02 Pfleeger, C. Security in Computing. Upper Saddle River, NJ: Prentice Hall, 2002. PIEP03 Pieprzyk, J.; Hardjono, T.; and Seberry, J. Fundamentals of Computer Security. New York: Springer-Verlag, 2003. SCHN00 Schneier, B. Secrets and Lies: Digital Security in a Networked World. New York: Wiley 2000. |
The following Web sites[6] are of general interest related to cryptography and network security: [6] Because URLs sometimes change, they are not included. For all of the Web sites listed in this and subsequent chapters, the appropriate link is at this book's Web site at williamstallings.com/Crypto/Crypto4e.html. COAST: Comprehensive set of links related to cryptography and network security. IETF Security Area: Material related to Internet security standardization efforts. Computer and Network Security Reference Index: A good index to vendor and commercial products, FAQs, newsgroup archives, papers, and other Web sites. [Page 25]The Cryptography FAQ: Lengthy and worthwhile FAQ covering all aspects of cryptography. Tom Dunigan's Security Page: An excellent list of pointers to cryptography and network security Web sites. Helgar Lipma's Cryptology Pointers: Another excellent list of pointers to cryptography and network security Web sites. IEEE Technical Committee on Security and Privacy: Copies of their newsletter, information on IEEE-related activities. Computer Security Resource Center: Maintained by the National Institute of Standards and Technology (NIST); contains a broad range of information on security threats, technology, and standards. Security Focus: A wide variety of security information, with an emphasis on vendor products and end-user concerns. SANS Institute: Similar to Security Focus. Extensive collection of white papers. |