| 000 | 05203nam a2200565 i 4500 | ||
|---|---|---|---|
| 001 | 6813004 | ||
| 003 | IEEE | ||
| 005 | 20200413152902.0 | ||
| 006 | m eo d | ||
| 007 | cr cn |||m|||a | ||
| 008 | 100430s2010 caua foab 000 0 eng d | ||
| 020 | _z9781598296297 (pbk.) | ||
| 020 | _a9781598296303 (electronic bk.) | ||
| 024 | 7 |
_a10.2200/S00260ED1V01Y201003SPT002 _2doi |
|
| 035 | _a(CaBNVSL)swl00005978 | ||
| 035 | _a(OCoLC)631262531 | ||
| 040 |
_aCaBNVSL _cCaBNVSL _dCaBNVSL |
||
| 050 | 4 |
_aQA76.9.A25 _bA528 2010 |
|
| 082 | 0 | 4 |
_a005.8 _222 |
| 245 | 0 | 0 |
_aAnalysis techniques for information security _h[electronic resource] / _cAnupam Datta ... [et al.]. |
| 260 |
_aSan Rafael, Calif. (1537 Fourth Street, San Rafael, CA 94901 USA) : _bMorgan & Claypool, _cc2010. |
||
| 300 |
_a1 electronic text (ix, 152 p. : ill.) : _bdigital file. |
||
| 490 | 1 |
_aSynthesis lectures on information security, privacy, and trust, _x1945-9750 ; _v# 2 |
|
| 538 | _aMode of access: World Wide Web. | ||
| 538 | _aSystem requirements: Adobe Acrobat Reader. | ||
| 500 | _aPart of: Synthesis digital library of engineering and computer science. | ||
| 500 | _aSeries from website. | ||
| 504 | _aIncludes bibliographical references (p. 133-149). | ||
| 505 | 8 | _aBibliography -- Authors' biographies. | |
| 505 | 8 | _a5. Analyzing security protocols -- Protocol analysis methodology -- Protocol composition logic -- Modelling protocols -- Protocol logic -- Proof system -- Example -- Other protocol analysis approaches -- Recent advances -- Secure composition -- Computational soundness -- Conclusions -- | |
| 505 | 8 | _aA. Formalizing static analysis -- A.1. Programs -- Expressions and conditionals -- Support for nondeterminism -- Evaluation of expressions and conditional expressions -- Concrete semantics of a program -- The concrete collecting semantics of a program -- A.2. Abstraction and abstract domains -- Abstract semantics of a program -- Abstract collecting semantics -- A.3. Iterative computation -- Kleene iteration -- Widening -- Narrowing -- Chaotic iteration -- | |
| 505 | 8 | _a4. Analyzing security policies -- Access-matrix-based systems -- RBAC -- Security policies -- Trust management -- SPKI/SDSI -- The basic connection between SPKI/SDSI and pushdown systems -- The generalized authorization problem -- Using semirings in other kinds of authorization specifications -- Discussion -- RT -- | |
| 505 | 8 | _a3. Detecting buffer overruns using static analysis -- Overall tool architecture -- Codesurfer -- Constraint generation -- Taint analysis -- Constraint solving -- Detecting overruns -- Constraint resolution using linear programming -- Handling infeasible linear programs -- Implementation -- Solving constraint systems hierarchically -- Adding context sensitivity -- Summary constraints -- Experience with the tool -- WU-FTP Daemon -- Sendmail -- Performance -- Adding context sensitivity -- Effects of pointer analysis -- Shortcomings -- Related work -- | |
| 505 | 8 | _a2. Foundations -- Static analysis -- What is static analysis -- How is static analysis carried out -- Dataflow analysis, pushdown systems, and weighted pushdown systems -- Interprocedural dataflow analysis -- Pushdown systems -- Boolean programs -- Weighted pushdown systems -- Datalog -- | |
| 505 | 0 | _a1. Introduction -- | |
| 506 | 1 | _aAbstract freely available; full-text restricted to subscribers or individual document purchasers. | |
| 510 | 0 | _aGoogle book search | |
| 510 | 0 | _aINSPEC | |
| 510 | 0 | _aGoogle scholar | |
| 510 | 0 | _aCompendex | |
| 520 | 3 | _aIncreasingly our critical infrastructures are reliant on computers. We see examples of such infrastructures in several domains, including medical, power, telecommunications, and finance. Although automation has advantages, increased reliance on computers exposes our critical infrastructures to a wider variety and higher likelihood of accidental failures and malicious attacks. Disruption of services caused by such undesired events can have catastrophic effects, such as disruption of essential services and huge financial losses. The increased reliance of critical services on our cyberinfrastructure and the dire consequences of security breaches have highlighted the importance of information security. Authorization, security protocols, and software security are three central areas in security in which there have been significant advances in developing systematic foundations and analysis methods that work for practical systems. This book provides an introduction to this work, covering representative approaches, illustrated by examples, and providing pointers to additional work in the area. | |
| 530 | _aAlso available in print. | ||
| 588 | _aTitle from PDF t.p. (viewed on April 30, 2010). | ||
| 650 | 0 |
_aComputer security _xMathematical models. |
|
| 650 | 0 |
_aData protection _xMathematical models. |
|
| 700 | 1 | _aDatta, Anupam. | |
| 830 | 0 | _aSynthesis digital library of engineering and computer science. | |
| 830 | 0 |
_aSynthesis lectures on information security, privacy, and trust, _x1945-9750 ; _v# 2. |
|
| 856 | 4 | 2 |
_3Abstract with links to resource _uhttp://ieeexplore.ieee.org/servlet/opac?bknumber=6813004 |
| 999 |
_c561841 _d561841 |
||