Information Security: Principles and Practice and over one million other books are available for Amazon Kindle. Learn more
Buy Used
CDN$ 61.69
+ CDN$ 6.49 shipping
Used: Good | Details
Sold by Daily-Deal-
Condition: Used: Good
Comment: This Book is in Good Condition. Used Copy With Light Amount of Wear. 100% Guaranteed.
Have one to sell?
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See this image

Information Security: Principles and Practice Hardcover – Oct 28 2005

See all 2 formats and editions Hide other formats and editions
Amazon Price New from Used from
Kindle Edition
"Please retry"
"Please retry"
CDN$ 72.95 CDN$ 61.69

There is a newer edition of this item:

Product Details

Product Description


"…presents information security concepts and practices insightfully in an easily comprehensible style…Although primarily intended as a college course resource, this book will appeal also to many security professionals. Highly recommended." (CHOICE, April 2006)

"The book is well suited for beginners, and contains enough introductory material on a variety of topics." (Computing, January 9, 2006)

From the Back Cover

Your expert guide to information security

As businesses and consumers become more dependent on complex multinational information systems, the need to understand and devise sound information security systems has never been greater. This title takes a practical approach to information security by focusing on real-world examples. While not sidestepping the theory, the emphasis is on developing the skills and knowledge that security and information technology students and professionals need to face their challenges. The book is organized around four major themes:

  • Cryptography: classic cryptosystems, symmetric key cryptography, public key cryptography, hash functions, random numbers, information hiding, and cryptanalysis
  • Access control: authentication and authorization, password-based security, ACLs and capabilities, multilevel and multilateral security, covert channels and inference control, BLP and Biba's models, firewalls, and intrusion detection systems
  • Protocols: simple authentication protocols, session keys, perfect forward secrecy, timestamps, SSL, IPSec, Kerberos, and GSM
  • Software: flaws and malware, buffer overflows, viruses and worms, software reverse engineering, digital rights management, secure software development, and operating systems security

Additional features include numerous figures and tables to illustrate and clarify complex topics, as well as problems—ranging from basic to challenging—to help readers apply their newly developed skills. A solutions manual and a set of classroom-tested PowerPoint® slides will assist instructors in their course development. Students and professors in information technology, computer science, and engineering, and professionals working in the field will find this reference most useful to solve their information security issues.

Inside This Book (Learn More)
First Sentence
The basic terminology of crypto includes the following. Read the first page
Explore More
Browse Sample Pages
Front Cover | Copyright | Table of Contents | Excerpt | Index | Back Cover
Search inside this book:

Customer Reviews

There are no customer reviews yet on
5 star
4 star
3 star
2 star
1 star

Most Helpful Customer Reviews on (beta) 16 reviews
7 of 8 people found the following review helpful
Excellent coverage and clarity Nov. 3 2005
By David Blockus - Published on
Format: Hardcover
This text is an excellent introduction to the popular, important subjects of computer and network security, and is the best such text that I have yet seen. Professor Stamp offers clarity of presentation and a fluid, conversational style. There is an nice balance between comprehensive coverage and detailed analysis. Overall, I really like the structural organization, selection of topics, breadth of coverage, and level of difficulty. No special prerequisites are required to comprehend the basic ideas. However, readers with technical backgrounds will find a lot of material to challenge them. There are an abundance of illustrative figures, nice examples within the body of the text, and a wealth of good problems at the end of each chapter. The author provides excellent references for further study. Appendices delve into details concerning mathematical underpinnings and networking details.

The book is divided into four main parts: cryptography, access control, protocols, and software. The cryptography section introduces fascinating historical vignettes, then explores details of modern block and stream ciphers. The author includes an excellent chapter on cryptanalysis. He provides specific examples, using mathematics and Boolean logic. The access control section explains issues of policy and implementation, regarding authentication and authorization. The protocols section discusses specific mechanisms for secure exchange of confidential information. The final section describes management of software flaws and related security issues.
5 of 6 people found the following review helpful
Excellent security text Jan. 1 2006
By Daniel Yerelian - Published on
Format: Hardcover
Dr. Stamp touches many of the widely used and implemented security algorithms and techniques in today's industry. His clear and concise diagrams, examples, and thought provoking questions allow the reader to get a clear overview of the workings (positive and negative) of security technology. Mark Stamp has gathered all relevant information from a wide range of sources to produce an essential guide for information security. totally sweet
2 of 2 people found the following review helpful
An Excellent Companion to Bishops Book Oct. 26 2009
By TSS - Published on
Format: Hardcover
While Matt Bishop's book (Computer Security, Art and Science) is considered the standard by many professors, I think students will find that Mark Stamp's book provides much more practical utility. Here's what Stamp has that Bishop doesn't:

1.) More readable writing style.

2.) Non-essential theory and rigor removed.

3.) Some less traditional but interesting topics (ex: CAPTCHAs, DRM).

A few things that Bishop has that Stamp doesn't:

1.) Broader range of topics covered.

2.) Classic proofs and theory that Stamp omits for succinctness.

Let's be clear though. One text is not better than the other-- the authors simply have different aims. I suggest that a student use Stamp's book to ease into Information Security, and then to go Bishop when more information is required. For example, in my introductory course to Information Assurance, I used Stamp's book to answer 90% of all questions quickly and completely and Bishop's book to tackle the remaining 10%. If I ever get into the theory side of IA, I'll probably have to use Bishop more, but Stamp works great in most situations.
2 of 2 people found the following review helpful
Good, Readable Primer on Information Security Aug. 22 2007
By Thomas I. Amadio - Published on
Format: Hardcover
This is a very readable primer on information security that address a number of topics including symmetric key crypto, public key crypto, hash functions, cryptanalysis, authentication, authorization, software anomalies, software insecurity, malware, and operating systems. I recommend this book.
4 of 5 people found the following review helpful
Mark does a fine job of it Nov. 21 2005
By Fred Cohen - Published on
Format: Hardcover
Mark has written an excellent book on technical aspects of information protection. For the coverage he provides, he has done an excellent job of explaining things at a technical level suited to students in undergraduate computer science classes or other similar corporate arenas. Well written, nicely done, and well worth the price tag.