Friday, January 23, 2009

Design Concepts in Programming Languages or Computer Security

Design Concepts in Programming Languages

Author: Franklyn A Turbak

Hundreds of programming languages are in use today--scripting languages for Internet commerce, user interface programming tools, spreadsheet macros, page format specification languages, and many others. Designing a programming language is a metaprogramming activity that bears certain similarities to programming in a regular language, with clarity and simplicity even more important than in ordinary programming. This comprehensive text uses a simple and concise framework to teach key ideas in programming language design and implementation. The book's unique approach is based on a family of syntactically simple pedagogical languages that allow students to explore programming language concepts systematically. It takes as its premise and starting point the idea that when language behaviors become incredibly complex, the description of the behaviors must be incredibly simple.

The book presents a set of tools (a mathematical metalanguage, abstract syntax, operational and denotational semantics) and uses it to explore a comprehensive set of programming language design dimensions, including dynamic semantics (naming, state, control, data), static semantics (types, type reconstruction, polymporphism, effects), and pragmatics (compilation, garbage collection). The many examples and exercises offer students opportunities to apply the foundational ideas explained in the text. Specialized topics and code that implements many of the algorithms and compilation methods in the book can be found on the book's Web site, along with such additional material as a section on concurrency and proofs of the theorems in the text. The book is suitable as a text for an introductory graduate or advancedundergraduate programming languages course; it can also serve as a reference for researchers and practitioners.



Interesting book: American Shaman or Invitation to Health

Computer Security: Art and Science

Author: Matt Bishop

"This is an excellent text that should be read by every computer security professional and student." —Dick Kemmerer, University of California, Santa Barbara.

"This is the most complete book on information security theory, technology, and practice that I have encountered anywhere!" —Marvin Schaefer, Former Chief Scientist, National Computer Security Center, NSA

This highly anticipated book fully introduces the theory and practice of computer security. It is both a comprehensive text, explaining the most fundamental and pervasive aspects of the field, and a detailed reference filled with valuable information for even the most seasoned practitioner. In this one extraordinary volume the author incorporates concepts from computer systems, networks, human factors, and cryptography. In doing so, he effectively demonstrates that computer security is an art as well as a science.

Computer Security: Art and Science includes detailed discussions on:

  • The nature and challenges of computer security

  • The relationship between policy and security

  • The role and application of cryptography

  • The mechanisms used to implement policies

  • Methodologies and technologies for assurance

  • Vulnerability analysis and intrusion detection
  • Computer Security discusses different policy models, and presents mechanisms that can be used to enforce these policies. It concludes with examples that show how to apply the principles discussed in earlier sections, beginning with networks and moving on to systems, users, and programs.

    This important work is essential for anyone who needsto understand, implement, or maintain a secure network or computer system.

    0201440997B10252002



    Table of Contents:
    Preface
    Pt. 1Introduction1
    Ch. 1An Overview of Computer Security3
    Pt. 2Foundations29
    Ch. 2Access Control Matrix31
    Ch. 3Foundational Results47
    Pt. 3Policy93
    Ch. 4Security Policies95
    Ch. 5Confidentiality Policies123
    Ch. 6Integrity Policies151
    Ch. 7Hybrid Policies169
    Ch. 8Noninterference and Policy Composition187
    Pt. 4Implementation I: Cryptography215
    Ch. 9Basic Cryptography217
    Ch. 10Key Management245
    Ch. 11Cipher Techniques275
    Ch. 12Authentication309
    Pt. 5Implementation II: Systems339
    Ch. 13Design Principles341
    Ch. 14Representing Identity353
    Ch. 15Access Control Mechanisms381
    Ch. 16Information Flow407
    Ch. 17Confinement Problem439
    Pt. 6Assurance475
    Ch. 18Introduction to Assurance477
    Ch. 19Building Systems with Assurance497
    Ch. 20Formal Methods545
    Ch. 21Evaluating Systems571
    Pt. 7Special Topics611
    Ch. 22Malicious Logic613
    Ch. 23Vulnerability Analysis645
    Ch. 24Auditing689
    Ch. 25Intrusion Detection723
    Pt. 8Practicum771
    Ch. 26Network Security773
    Ch. 27System Security805
    Ch. 28User Security845
    Ch. 29Program Security869
    Pt. 9End Matter923
    Ch. 30Lattices925
    Ch. 31The Extended Euclidean Algorithm929
    Ch. 32Entropy and Uncertainty935
    Ch. 33Virtual Machines941
    Ch. 34Symbolic Logic947
    Ch. 35Example Academic Security Policy959
    Bibliography993
    Index1063

    No comments:

    Post a Comment