滿額折
Securing E-Business Systems: A Guide For Managers And Executives
商品資訊
ISBN13:9780471072980
出版社:John Wiley & Sons Inc
作者:Braithwaite
出版日:2002/04/03
裝訂/頁數:精裝/288頁
商品簡介
作者簡介
目次
商品簡介
The essential guide to e-business security for managers and IT professionals
Securing E-Business Systems provides business managers and executives with an overview of the components of an effective e-business infrastructure, the areas of greatest risk, and best practices safeguards. It outlines a security strategy that allows the identification of new vulnerabilities, assists in rapid safeguard deployment, and provides for continuous safeguard evaluation and modification. The book thoroughly outlines a proactive and evolving security strategy and provides a methodology for ensuring that applications are designed with security in mind. It discusses emerging liabilities issues and includes security best practices, guidelines, and sample policies. This is the bible of e-business security.
Timothy Braithwaite (Columbus, MD) is Deputy Director of Information Assurance Programs for Titan Corporation. He has managed data centers, software projects, systems planning, and budgeting organizations, and has extensive experience in project and acquisition management. He is also the author of Y2K Lessons Learned (Wiley: 0-471-37308-7).
Securing E-Business Systems provides business managers and executives with an overview of the components of an effective e-business infrastructure, the areas of greatest risk, and best practices safeguards. It outlines a security strategy that allows the identification of new vulnerabilities, assists in rapid safeguard deployment, and provides for continuous safeguard evaluation and modification. The book thoroughly outlines a proactive and evolving security strategy and provides a methodology for ensuring that applications are designed with security in mind. It discusses emerging liabilities issues and includes security best practices, guidelines, and sample policies. This is the bible of e-business security.
Timothy Braithwaite (Columbus, MD) is Deputy Director of Information Assurance Programs for Titan Corporation. He has managed data centers, software projects, systems planning, and budgeting organizations, and has extensive experience in project and acquisition management. He is also the author of Y2K Lessons Learned (Wiley: 0-471-37308-7).
作者簡介
TIMOTHY BRAITHWAITE has spent more than fifteen years in senior security management positions and another twenty years in executive director positions for computer and communications services organizations in both the public and private sectors. He has also worked as a private consultant. Tim has previously published The Power of IT: Maximizing Your Technology Investments and Evaluating the Year 2000 Project: A Management Guide for Determining Reasonable Care (Wiley).
目次
Preface.
Chapter 1 Electronic Business Systems Security.
Introduction.
How Is E-Business Security Defined?
Can E-Business Security Be Explained More Simply?
Is E-Business Security Really Such a Big Deal?
Is E-Business Security More Important Than Other Information Technology Initiatives?
How Does an Organization Get Started?
Instead of Playing "Catch-Up," What Should an Organization Be Doing to Design E-Business Systems That Are Secure in the First Place?
Chapter 2 E-Business Systems and Infrastructure Support Issues.
Introduction.
E-Business Defined.
A Short History of E-Business Innovations.
The Need for Secure E-Business Systems.
Software: The Vulnerable Underbelly of Computing.
The Interoperability Challenge and E-Business Success.
E-Business Security: An Exercise in Trade-Offs.
Few Systems Are Designed to Be Secure.
Conclusion.
Chapter 3 Security Weaknesses in E-Business Infrastructure and "Best Practices" Security.
Introduction.
Fundamental Technical Security Threats.
The Guiding Principles of Protection.
"Best Practice" Prevention, Detection, and Countermeasures and Recovery Techniques.
x Chapter 4 Managing E-Business Systems and Security.
Introduction.
Part One: Misconceptions and Questionable Assumptions.
Part Two: Managing E-Business Systems as a Corporate Asset.
Part Three: E-Business Security Program Management.
Chapter 5 A "Just-in-Time" Strategy for Securing the E-Business System: The Role for Security Monitoring and Incident Response.
The Current State of E-Business Security.
Standard Requirements of an E-Business Security Strategy.
A New Security Strategy.
The Crucial Role of Security Monitoring and Incident Response to the Securing of E-Business Systems.
The Current State of Intrusion Detection Systems (IDS).
Defining a Cost-Effective Security Monitoring and Incident Response Capability.
Alternatives to Building "Your Own" Security Monitoring and Incident Response Capability.
Summary.
Chapter 6 Designing and Delivering Secured E-Business Application Systems.
Introduction.
Past Development Realities.
Contemporary Development Realities.
Developing Secured E-Business Systems.
Using the SDR Framework.
Choosing a Systems Development Methodology That Is Compatible with the SDR Framework.
Participants in the Identification of Security and Integrity Controls.
Importance of Automated Tools.
A Cautionary Word About New Technologies.
Summary and Conclusions.
Chapter 7 Justifying E-Business Security and the Security Management Program.
Introduction.
The "Quantifiable" Argument.
Emerging "Nonquantifiable" Arguments.
Benefits Justifications Must Cover Security Program Administration.
Conclusion.
Chapter 8 Computers, Software, Security, and Issues of Liability.
Evolving Theories of Responsibility.
Likely Scenarios.
How Might a Liability Case Unfold?
Questions to Be Asked to Ensure That Reasonable Care Has Been Taken in Developing a Secure E-Business System.
Chapter 9 The National Critical Infrastructure Protection (CIP) Initiative.
The Problem of Dependency.
Critical Infrastructure Protection (CIP) Purpose, Directives, Organizations, and Relationships.
Frequently Asked Questions About the IT-ISAC.
Critical Information Infrastructure Protection Issues that Need Resolution.
Appendix A: Y2K Lessons Learned and Their Importance for E-Business Security.
Appendix B: Systems Development Review Framework for E-Business Development Projects.
Appendix C: A Corporate Plan of Action for Securing E-Business Systems (Sample).
Appendix D: E-Business Risk Management Review Model Instructions for Use.
Appendix E: Resources Guide.
Index.
Chapter 1 Electronic Business Systems Security.
Introduction.
How Is E-Business Security Defined?
Can E-Business Security Be Explained More Simply?
Is E-Business Security Really Such a Big Deal?
Is E-Business Security More Important Than Other Information Technology Initiatives?
How Does an Organization Get Started?
Instead of Playing "Catch-Up," What Should an Organization Be Doing to Design E-Business Systems That Are Secure in the First Place?
Chapter 2 E-Business Systems and Infrastructure Support Issues.
Introduction.
E-Business Defined.
A Short History of E-Business Innovations.
The Need for Secure E-Business Systems.
Software: The Vulnerable Underbelly of Computing.
The Interoperability Challenge and E-Business Success.
E-Business Security: An Exercise in Trade-Offs.
Few Systems Are Designed to Be Secure.
Conclusion.
Chapter 3 Security Weaknesses in E-Business Infrastructure and "Best Practices" Security.
Introduction.
Fundamental Technical Security Threats.
The Guiding Principles of Protection.
"Best Practice" Prevention, Detection, and Countermeasures and Recovery Techniques.
x Chapter 4 Managing E-Business Systems and Security.
Introduction.
Part One: Misconceptions and Questionable Assumptions.
Part Two: Managing E-Business Systems as a Corporate Asset.
Part Three: E-Business Security Program Management.
Chapter 5 A "Just-in-Time" Strategy for Securing the E-Business System: The Role for Security Monitoring and Incident Response.
The Current State of E-Business Security.
Standard Requirements of an E-Business Security Strategy.
A New Security Strategy.
The Crucial Role of Security Monitoring and Incident Response to the Securing of E-Business Systems.
The Current State of Intrusion Detection Systems (IDS).
Defining a Cost-Effective Security Monitoring and Incident Response Capability.
Alternatives to Building "Your Own" Security Monitoring and Incident Response Capability.
Summary.
Chapter 6 Designing and Delivering Secured E-Business Application Systems.
Introduction.
Past Development Realities.
Contemporary Development Realities.
Developing Secured E-Business Systems.
Using the SDR Framework.
Choosing a Systems Development Methodology That Is Compatible with the SDR Framework.
Participants in the Identification of Security and Integrity Controls.
Importance of Automated Tools.
A Cautionary Word About New Technologies.
Summary and Conclusions.
Chapter 7 Justifying E-Business Security and the Security Management Program.
Introduction.
The "Quantifiable" Argument.
Emerging "Nonquantifiable" Arguments.
Benefits Justifications Must Cover Security Program Administration.
Conclusion.
Chapter 8 Computers, Software, Security, and Issues of Liability.
Evolving Theories of Responsibility.
Likely Scenarios.
How Might a Liability Case Unfold?
Questions to Be Asked to Ensure That Reasonable Care Has Been Taken in Developing a Secure E-Business System.
Chapter 9 The National Critical Infrastructure Protection (CIP) Initiative.
The Problem of Dependency.
Critical Infrastructure Protection (CIP) Purpose, Directives, Organizations, and Relationships.
Frequently Asked Questions About the IT-ISAC.
Critical Information Infrastructure Protection Issues that Need Resolution.
Appendix A: Y2K Lessons Learned and Their Importance for E-Business Security.
Appendix B: Systems Development Review Framework for E-Business Development Projects.
Appendix C: A Corporate Plan of Action for Securing E-Business Systems (Sample).
Appendix D: E-Business Risk Management Review Model Instructions for Use.
Appendix E: Resources Guide.
Index.
購物須知
外文書商品之書封,為出版社提供之樣本。實際出貨商品,以出版社所提供之現有版本為主。部份書籍,因出版社供應狀況特殊,匯率將依實際狀況做調整。
無庫存之商品,在您完成訂單程序之後,將以空運的方式為你下單調貨。為了縮短等待的時間,建議您將外文書與其他商品分開下單,以獲得最快的取貨速度,平均調貨時間為1~2個月。
為了保護您的權益,「三民網路書店」提供會員七日商品鑑賞期(收到商品為起始日)。
若要辦理退貨,請在商品鑑賞期內寄回,且商品必須是全新狀態與完整包裝(商品、附件、發票、隨貨贈品等)否則恕不接受退貨。