REVIEW - Computer Security

Title:

Computer Security

Author:

Dieter Gollmann

ISBN:

0471978442

Publisher:

Wiley (1999)

Pages:

336pp

Reviewer:

Mike Ellis

Reviewed:

February 2001

Rating:

★★☆☆☆

Dieter Gollman has picked a large and complex area of modern computer technology as the subject area for this book and he is obviously well qualified to write it. Intended as a book to accompany a university CS course, or for self-study, it includes comprehensive exercises at the end of each chapter (answers not included).

Four sections, each of four chapters, cover the whole topic of system security from fundamentals, through current practice on individual systems and on distributed systems rounding off with a section on the theory of security. Along the way we are taught that security is not an absolute but depends on the application(s) the system supports.

Right from the start the importance of security at all levels in the system is stressed; there is little benefit in using passwords if the password file is clear-text, nor if the application passes clear-text across the network, nor if several users use one password. Security is therefore addressed at the network level, the operating system level, within databases and within applications. Techniques discussed range from simple access control, through authentication to cryptography.

Of course, no security is perfect and sections are included which deal with detecting intrusions as well as looking at the sociological problem of users finding convenient (but insecure) ways around awkward (but secure) systems.

Computer Security is a book that will teach you what you don't know, but will only go part way to fill in the blanks. The conscientious reader will need to complete the exercises and follow up the further reading sections in order to gain fully from this book.


Book cover image courtesy of Open Library.