Vous voulez voir cette page en français ? Cliquez ici.

Have one to sell? Sell yours here
Tell the Publisher!
I'd like to read this book on Kindle

Don't have a Kindle? Get your Kindle here, or download a FREE Kindle Reading App.

Computer Security: Principles and Practice [Hardcover]

William Stallings , Lawrence Brown

Available from these sellers.


Amazon Price New from Used from
Hardcover --  
Paperback --  
There is a newer edition of this item:
Computer Security: Principles and Practice (3rd Edition) Computer Security: Principles and Practice (3rd Edition)
CDN$ 126.33
In Stock.
Join Amazon Student in Canada

Book Description

Aug. 12 2007 0136004245 978-0136004240 1

In recent years, the need for education in computer security and related topics has grown dramatically – and is essential for anyone in the fields of Computer Science or Computer Engineering. This is the only book available that provides integrated, comprehensive, up-to-date coverage of the broad range of topics in this subject.

  Comprehensive treatment of user authentication and access control. Unified approach to intrusion detection and firewalls, giving readers a solid understanding of the threats and countermeasures. More detailed coverage of software security than other books. Exploration of management issues. Systematic, comprehensive discussion of malicious software and denial of service attacks. Coverage of Linux and Windows Vista. Up-to-date coverage of database security. Thorough overview of cryptography, authentication, and digital signatures. Coverage of Internet security. For system engineers, programmers, system managers, network managers, product marketing personnel, system support specialists; a solid, up-to-date reference or tutorial for self-study.

Customers Who Bought This Item Also Bought

Product Details

Product Description

From the Back Cover

<>Computer Security: Principles and Practice

William Stallings and Lawrie Brown


A thorough, up-to-date survey of the entire discipline of computer security.


Security experts William Stallings and Lawrie Brown provide a comprehensive survey of computer security threats, technical approaches to the detection and prevention of security attacks, software security issues, and management issues.


Throughout, the authors focus on core principles, showing how they unify the field of computer securuity and demonstrating their applications in real-world systems and networks. They examine alternate design approaches to meeting security requirements and illuminate the standards that are central to today's security solutions.


Ideal for both academic and professional audiences, Computer Security offers exceptional clarity, careful organization, and extensive pedagogical support - including hundreds of carefully crafted practice problems.



  • Security technologies and principles, including cryptography, authentication, and access control
  • Threats and countermeasures, from detecting intruders to countering DOS attacks
  • Trusted computing and multilevel security
  • Secure software: avoiding buffer overflows, malicious input, and other weaknesses
  • Linux and Windows security models
  • Managing security: physical security, training, audits, policies, and more
  • Computer crime, intellectual property, privacy, and ethics
  • Cryptographic algorithms, including public-key cryptography
  • Internet security: SSL, TLS, IP security, S/MIME, Kerberos, X.509, and federatetd identity management


  • Strong coverage of unifying principles and design techniques
  • Dozens of figures and tables that clarify key concepts
  • Field-tested homework problems
  • Extensive Web support at WilliamStallings.com/CompSec/CompSec1e.html
  • Keyword/acronym lists, recommended readings, and glossary

About the Authors


William Stallings has won the Best Computer Science and Engineering Textbook award seven times. His Prentice Hall books include Operating Systems; Cryptography and Network Security; and Data and Computer Communications. Stallings consults widely with technology providers, customers, and researchers. He holds a Ph.D. in Computer Science from MIT. Dr. Lawrie Brown is Senior Lecturer at the School of Information Technology and Electrical Engineering at the University of New South Wales at the Australian Defence Force Academy, Canberra, Australia.


Comprehensive Web support at WilliamStallings.com

About the Author

<>William Stallings has made a unique contribution to understanding the broad sweep of technical developments in computer networking and computer architecture. He has authored 17 titles, and counting revised editions, a total of 41 books on various aspects of these subjects. In over 20 years in the field, he has been a technical contributor, technical manager, and an executive with several high-technology firms. Currently he is an independent consultant whose clients have included computer and networking manufacturers and customers, software development firms, and leading-edge government research institutions.


He is a member of the editorial board of Cryptologia, a scholarly journal devoted to all aspects of cryptology. He is a frequent lecturer and author of numerous technical papers. His books include Data and Computer Communications, Eighth Edition (Prentice Hall, 2007), which has become the standard in the field.  Dr. Stallings holds a PhD from M.I.T. in Computer Science and a B.S. from Notre Dame in electrical engineering.

Sell a Digital Version of This Book in the Kindle Store

If you are a publisher or author and hold the digital rights to a book, you can sell a digital version of it in our Kindle Store. Learn more

Customer Reviews

There are no customer reviews yet on Amazon.ca
5 star
4 star
3 star
2 star
1 star
Most Helpful Customer Reviews on Amazon.com (beta)
Amazon.com: 3.2 out of 5 stars  9 reviews
7 of 7 people found the following review helpful
3.0 out of 5 stars High level book on computer security lacks sufficient detail Sept. 30 2007
By calvinnme - Published on Amazon.com
The author of this book also wrote the widely used text "Cryptography and Network Security". I like that book well enough, but you have to use outside resources to understand what's going on in that book, and I would say that is even more true for this textbook. That is because the author is basically taking subjects discussed in the Cryptography and Network Security book and adding topics like management issues and security of specific operating systems - without getting specific enough that you could actually solve too many problems. To me the best parts of the book are the appendices. The information on number theory is quite good, as are the suggestions for projects and labs. Unfortunately, this book does not contain sufficient information to perform those projects and labs. The contents make a good starting point for the study of computer security, but if you are an instructor be prepared to use lots of supplemental material or your students are going to be left high and dry. Currently the table of contents is not shown, so I include it next. This book is just under 900 pages long, so its 24 chapters are covering their subject matter in under 40 pages each, which does not give much room for detail.

Chapter 1 Overview

Chapter 2 Cryptographic Tools
Chapter 3 User Authentication
Chapter 4 Access Control
Chapter 5 Database Security
Chapter 6 Intrusion Detection
Appendix 6A:The Base-Rate Fallacy
Chapter 7 Malicious Software
Chapter 8 Denial of Service
Chapter 9 Firewalls and Intrusion Prevention Systems
Chapter 10 Trusted Computing and Multilevel Security

Chapter 11 Buffer Overflow
Chapter 12 Other Software Security Issues

Chapter 13 Physical and Infrastructure Security
Chapter 14 Human Factors
Appendix 14A: Security Awareness Standard of Good Practice
Appendix 14B: Security Policy Standard of Good Practice
Chapter 15 Security Auditing
Chapter 16 IT Security Management and Risk Assessment
Chapter 17 IT Security Controls, Plans and Procedures
Chapter 18 Legal and Ethical Aspects
Appendix 18A: Information Privacy Standard of Good Practice

Chapter 19 Symmetric Encryption and Message Confidentiality
Chapter 20 Public-Key Cryptography and Message Authentication

Chapter 21 Internet Security Protocols and Standards
Chapter 22 Internet Authentication Applications

Chapter 23 Linux Security
Chapter 24 Windows Security

Appendix A Some Aspects of Number Theory
A.1 Prime and Relatively Prime Numbers
A.2 Modular Arithmetic
A.3 Fermat's and Euler's Theorems
Appendix B Random and Pseudorandom Number Generation
B.1 The Use of Random Numbers
B.2 Pseudorandom Number Generators (PRNGs)
B.3 True Random Number Generators
Appendix C Projects for Teaching Computer Security
C.1 Research Projects
C.2 Programming Projects
C.3 Laboratory Exercises
C.4 Writing Assignments
C.5 Reading/Report Assignments

Appendix D Standards and Standard-Setting Organizations
Appendix E TCP/IP Protocol Architecture
Appendix F Glossary
5 of 6 people found the following review helpful
2.0 out of 5 stars Okay content but they need to hire a proof-reader June 7 2008
By Rich - Published on Amazon.com
The content is okay. I would prefer some more detail and less "fluff" that's been pulled from old papers about security. My main complaint about this book is the sheer number of misspellings and typos. For example, I've just read one section that says "see section E" for further detail. There isn't a section "E" -- contextually, you can determine quickly that they mean section "D". I feel like I'm reading someone's draft and not a final product.

Also, most modern books include either a self-testing CD or a web site where you can quiz yourself. If you're using this book for self-study (as opposed to being in a class), it's difficult to gauge how well you're retaining the information. This book does not include a CD. It does, however have a companion web site but I was unable to find a self-assessment tool on that website.
1 of 1 people found the following review helpful
4.0 out of 5 stars Pretty Good Intro Textbook Oct. 22 2009
By M. Wright - Published on Amazon.com
I've been using this book as a textbook in my intro to security class since for a couple of years. As an introductory text for upper-level undergrads or grads in computer science, I think it's very appropriate and reasonably well written. In particular, I like it better than the Pfleeger and Pfleeger book (which is okay) and the Bishop book (which is very dense and theoretical -- theory is obviously important, but not for an intro course).

Like the other books of Stallings that I've read, it suffers somewhat from what I'll call "standards-itis." It uses well-known and well-documented methods and protocols as the only means of explaining some concepts. It thus may take a concept like "passwords" and say here is how UNIX does it, here is how that's been improved, and here are some published ideas on stopping bad password use. That's not bad, though it could be centered more around the principles of password protection. What's worse is when the book goes into great detail about things like the options in a Snort rule. This can make for some unnecessarily boring stretches of reading, with little conceptual material being imparted.

As another reviewer pointed out, you can't just pick up the book and have a ready-made course. You should supplement with some online materials (probably necessary anyway) and prepare students specifically for any labs you do. And I don't recommend this for someone learning without a teacher.

Overall, however, I think it's the best intro text for the subject that I've found.
3.0 out of 5 stars Good info, but way too much math.. Nov. 14 2011
By Stephen1313 - Published on Amazon.com
Format:Hardcover|Verified Purchase
This book was required for a class.
I thought it would be great and have a lot of hands on projects etc.
There is a lot of good information here, but it falls short in the hands on.
Also, it has a ton of very dry math.
Do not get it unless it is required for school.
3.0 out of 5 stars OK but outdated Feb. 6 2011
By IPSec - Published on Amazon.com
Format:Hardcover|Verified Purchase
The book is OK but it is 6 years old. Computer and network security have evolved so much in the last six years that the book is pretty out dated. It's a good basic foundation, not much more.

Look for similar items by category