Social sciences and humanities print books and ebooks | Elsevier

Virtualization for Security

Including Sandboxing, Disaster Recovery, High Availability, Forensic Analysis, and Honeypotting

1st Edition
John Hoopes
English

One of the biggest buzzwords in the IT industry for the past few years, virtualization has matured into a practical requirement for many best-practice business scenarios, becoming an invaluable tool for security professionals at companies of every size. In addition to saving time and other resources, virtualization affords unprecedented means for intrusion and malware detection, prevention, recovery, and analysis. Taking a practical approach in a growing market underserved by books, this hands-on title is the first to combine in one place the most important and sought-after uses of virtualization for enhanced security, including sandboxing, disaster recovery and high availability, forensic analysis, and honeypotting.Already gaining buzz and traction in actual usage at an impressive rate, Gartner research indicates that virtualization will be the most significant trend in IT infrastructure and operations over the next four years. A recent report by IT research firm IDC predicts the virtualization services market will grow from $5.5 billion in 2006 to $11.7 billion in 2011. With this growth in adoption, becoming increasingly common even for small and midsize businesses, security is becoming a much more serious concern, both in terms of how to secure virtualization and how virtualization can serve critical security objectives. Titles exist and are on the way to fill the need for securing virtualization, but security professionals do not yet have a book outlining the many security applications of virtualization that will become increasingly important in their job requirements. This book is the first to fill that need, covering tactics such as isolating a virtual environment on the desktop for application testing, creating virtualized storage solutions for immediate disaster recovery and high availability across a network, migrating physical systems to virtual systems for analysis, and creating complete virtual systems to entice hackers and expose potential threats to actual production systems.About the TechnologiesA sandbox is an isolated environment created to run and test applications that might be a security risk. Recovering a compromised system is as easy as restarting the virtual machine to revert to the point before failure. Employing virtualization on actual production systems, rather than just test environments, yields similar benefits for disaster recovery and high availability. While traditional disaster recovery methods require time-consuming reinstallation of the operating system and applications before restoring data, backing up to a virtual machine makes the recovery process much easier, faster, and efficient. The virtual machine can be restored to same physical machine or an entirely different machine if the original machine has experienced irreparable hardware failure. Decreased downtime translates into higher availability of the system and increased productivity in the enterprise.Virtualiz... has been used for years in the field of forensic analysis, but new tools, techniques, and automation capabilities are making it an increasingly important tool. By means of virtualization, an investigator can create an exact working copy of a physical computer on another machine, including hidden or encrypted partitions, without altering any data, allowing complete access for analysis. The investigator can also take a live ?snapshot? to review or freeze the target computer at any point in time, before an attacker has a chance to cover his tracks or inflict further damage.A honeypot is a system that looks and acts like a production environment but is actually a monitored trap, deployed in a network with enough interesting data to attract hackers, but created to log their activity and keep them from causing damage to the actual production environment. A honeypot exposes new threats, tools, and techniques used by hackers before they can attack the real systems, which security managers patch based on the information gathered. Before virtualization became mainstream, setting up a machine or a whole network (a honeynet) for research purposes only was prohibitive in both cost and time management. Virtualization makes this technique more viable as a realistic approach for companies large and small.

Principles of Financial Engineering

2nd Edition
Salih N. Neftci
English

Principles of Financial Engineering, Second Edition, is a highly acclaimed text on the fast-paced and complex subject of financial engineering. This updated edition describes the "engineering" elements of financial engineering instead of the mathematics underlying it. It shows you how to use financial tools to accomplish a goal rather than describing the tools themselves. It lays emphasis on the engineering aspects of derivatives (how to create them) rather than their pricing (how they act) in relation to other instruments, the financial markets, and financial market practices. This volume explains ways to create financial tools and how the tools work together to achieve specific goals. Applications are illustrated using real-world examples. It presents three new chapters on financial engineering in topics ranging from commodity markets to financial engineering applications in hedge fund strategies, correlation swaps, structural models of default, capital structure arbitrage, contingent convertibles, and how to incorporate counterparty risk into derivatives pricing. Poised midway between intuition, actual events, and financial mathematics, this book can be used to solve problems in risk management, taxation, regulation, and above all, pricing. This latest edition of Principles of Financial Engineering is ideal for financial engineers, quantitative analysts in banks and investment houses, and other financial industry professionals. It is also highly recommended to graduate students in financial engineering and financial mathematics programs.

Strategic Marketing Decision-Making within Japanese and South Korean Companies

1st Edition
Yang-Im Lee + 1 more
English

This book acts as a bridge between marketing and strategic management, as it is written from a strategic marketing perspective. It provides students and practising managers with an appreciation and an understanding of how managers in Japanese and South Korean companies formulate and implement strategic marketing decisions, how they embrace the organizational learning concept, and how they formulate working relationships with staff in partner organizations. It provides an explanation of the role that culture plays in the management process and various problems are cited in the text and solutions are offered that reinforce the theories and concepts covered. A number of case studies highlight the link between theory and practice, and the work is structured in a way that allows the reader to think through and reflect upon the key issues associated with decision-making within Japanese and South Korean companies.

Practical Aviation Security

Predicting and Preventing Future Threats

1st Edition
Jeffrey Price + 1 more
English

Practical Aviation Security is a complete guide to the aviation security system, from crucial historical events, to the policies and policy makers and the major terrorist and criminal acts that have shaped the procedures in use today, to the tip-of-the-spear technologies that are shaping the future. This text enables the reader to enter airport security or other aviation management roles with the proper knowledge to immediately implement the necessary security programs, to meet international guidelines and to responsibly protect their facility or organization, no matter how large or small. Using case studies and practical security measures in use at airports all over the world, readers learn the effective methods and the fundamental principles involved in designing and implementing a security system. This text covers commercial airport security, general aviation and cargo operations, threats and threat detection and response systems as well as international security issues. While not perfect, the aviation security system is comprehensive and requires continual focus and attention to be able to stay a step ahead of the next attack. This text provides the tools necessary to prepare practitioners to enter the industry, and if they are already in the industry to better understand it so they can prevent the next tragedy.

International Review of Research in Mental Retardation

1st Edition
Volume 36
English

International Review of Research in Mental Retardation is an ongoing scholarly look at research into the causes, effects, classification systems, syndromes, etc. of mental retardation. Contributors come from wide-ranging perspectives, including genetics, psychology, education, and other health and behavioral sciences. Volume 36 of the series offers chapters on newborn screening for intellectual disability; responsive parenting; Trisomy 21; Alzheimer’s disease in adults with Down Syndrome; foolish action in adults with intellectual disabilities; animal models of self-injurious behavior; theoretical and methodological issues in sibling research; understanding individual differences in adaptation in parents of children with intellectual disabilitie; and “What Do You Think If . . . “ using vignettes to study attitudes toward adult sibling caregiving and competence of parents of children with disabilities.The wide range of topics covered in these chapters make Volume 36 of the International Review of Research in Mental Retardation a particularly valuable resource for academic researchers in developmental and cognitive psychology, as well as those in neuropsychology.

Nokia Firewall, VPN, and IPSO Configuration Guide

1st Edition
Andrew Hay + 2 more
English

"While Nokia is perhaps most recognized for its leadership in the mobile phone market, they have successfully demonstrated their knowledge of the Internet security appliance market and its customers requirements."--Chri... Christiansen, Vice President, Internet Infrastructure and Security Software, IDC.Syngress has a long history of publishing market-leading books for system administrators and security professionals on commercial security products, particularly Firewall and Virtual Private Network (VPN) appliances from Cisco, Check Point, Juniper, SonicWall, and Nokia (see related titles for sales histories). The Nokia Firewall, VPN, and IPSO Configuration Guide will be the only book on the market covering the all-new Nokia Firewall/VPN Appliance suite. Nokia Firewall/VPN appliances are designed to protect and extend the network perimeter.According to IDC research, Nokia Firewall/VPN Appliances hold the #3 worldwide market-share position in this space behind Cisco and Juniper/NetScreen. IDC estimated the total Firewall/VPN market at $6 billion in 2007, and Nokia owns 6.6% of this market. Nokia's primary customers for security appliances are Mid-size to Large enterprises who need site-to-site connectivity and Mid-size to Large enterprises who need remote access connectivity through enterprise-deployed mobile devices. Nokia appliances for this market are priced form $1,000 for the simplest devices (Nokia IP60) up to $60,0000 for large enterprise- and service-provider class devices (like the Nokia IP2450 released in Q4 2007). While the feature set of such a broad product range obviously varies greatly, all of the appliances run on the same operating system: Nokia IPSO (IPSO refers to Ipsilon Networks, a company specializing in IP switching acquired by Nokia in 1997. The definition of the acronym has little to no meaning for customers.) As a result of this common operating system across the product line, The Nokia Firewall, VPN, and IPSO Configuration Guide will be an essential reference to users of any of these products. Users manage the Nokia IPSO (which is a Linux variant, specifically designed for these appliances) through a Web interface called Nokia Network Voyager or via a powerful Command Line Interface (CLI). Coverage within the book becomes increasingly complex relative to the product line.The Nokia Firewall, VPN, and IPSO Configuration Guide and companion Web site will provide seasoned network administrators and security professionals with the in-depth coverage and step-by-step walkthroughs they require to properly secure their network perimeters and ensure safe connectivity for remote users. The book contains special chapters devoted to mastering the complex Nokia IPSO command line, as well as tips and tricks for taking advantage of the new "ease of use" features in the Nokia Network Voyager Web interface. In addition, the companion Web site offers downloadable video walkthroughs on various installation and troubleshooting tips from the authors.

Next Generation SSH2 Implementation

Securing Data in Motion

1st Edition
Dale Liu
English

New security risks, continuously evolving regulation and increasing security standards have created new and growing needs for secure internal information transfers, which SSH provides. This book addresses these new trends in depth, offering the most up-to-date information on the integration of SSH into a security environment. It covers the newest features and applications of SSH-2 (which received Proposed Standard status from the IETF in 2006). SSH2 is more secure than previous versions and has many expanded uses on a wider variety of computing platforms. Another particular note driving new SSH2 adoption are the requirements of recent legislation (PCI/HIPAA/SOX/FISMA... SSH 2 has become an even more valuable tool, as it provides communications security compliance with the latest standards.This book offers the most up-to-date information on SSH2 in a practical, hands-on, tutorial-style reference that goes well beyond UNIX implementation. It concentrates on the latest version of SSH 2 with all new information.

Philosophy of Information

1st Edition
English

Information is a recognized fundamental notion across the sciences and humanities, which is crucial to understanding physical computation, communication, and human cognition. The Philosophy of Information brings together the most important perspectives on information. It includes major technical approaches, while also setting out the historical backgrounds of information as well as its contemporary role in many academic fields. Also, special unifying topics are high-lighted that play across many fields, while we also aim at identifying relevant themes for philosophical reflection. There is no established area yet of Philosophy of Information, and this Handbook can help shape one, making sure it is well grounded in scientific expertise. As a side benefit, a book like this can facilitate contacts and collaboration among diverse academic milieus sharing a common interest in information.

SAP Security Configuration and Deployment

The IT Administrator's Guide to Best Practices

1st Edition
Joey Hirao
English

Throughout the world, high-profile large organizations (aerospace and defense, automotive, banking, chemicals, financial service providers, healthcare, high tech, insurance, oil and gas, pharmaceuticals, retail, telecommunications, and utilities) and governments are using SAP software to process their most mission-critical, highly sensitive data. With more than 100,000 installations, SAP is the world's largest enterprise software company and the world's third largest independent software supplier overall. Despite this widespread use, there have been very few books written on SAP implementation and security, despite a great deal of interest. (There are 220,000 members in an on-line SAP 'community' seeking information, ideas and tools on the IT Toolbox Website alone.) Managing SAP user authentication and authorizations is becoming more complex than ever, as there are more and more SAP products involved that have very different access issues. It's a complex area that requires focused expertise.This book is designed for these network and systems administrator who deal with the complexity of having to make judgmental decisions regarding enormously complicated and technical data in the SAP landscape, as well as pay attention to new compliance rules and security regulations.Most SAP users experience significant challenges when trying to manage and mitigate the risks in existing or new security solutions and usually end up facing repetitive, expensive re-work and perpetuated compliance challenges. This book is designed to help them properly and efficiently manage these challenges on an ongoing basis. It aims to remove the 'Black Box' mystique that surrounds SAP security.

Mobile Malware Attacks and Defense

1st Edition
Ken Dunham
English

Malware has gone mobile, and the security landscape is changing quickly with emerging attacks on cell phones, PDAs, and other mobile devices. This first book on the growing threat covers a wide range of malware targeting operating systems like Symbian and new devices like the iPhone. Examining code in past, current, and future risks, protect your banking, auctioning, and other activities performed on mobile devices.* Visual PayloadsView attacks as visible to the end user, including notation of variants.* Timeline of Mobile Hoaxes and ThreatsUnderstand the history of major attacks and horizon for emerging threates.* Overview of Mobile Malware FamiliesIdentify and understand groups of mobile malicious code and their variations.* Taxonomy of Mobile MalwareBring order to known samples based on infection, distribution, and payload strategies.* Phishing, SMishing, and Vishing AttacksDetect and mitigate phone-based phishing (vishing) and SMS phishing (SMishing) techniques.* Operating System and Device VulnerabilitiesAnaly... unique OS security issues and examine offensive mobile device threats.* Analyze Mobile MalwareDesign a sandbox for dynamic software analysis and use MobileSandbox to analyze mobile malware.* Forensic Analysis of Mobile MalwareConduct forensic analysis of mobile devices and learn key differences in mobile forensics.* Debugging and Disassembling Mobile MalwareUse IDA and other tools to reverse-engineer samples of malicious code for analysis.* Mobile Malware Mitigation MeasuresQualify risk, understand threats to mobile assets, defend against attacks, and remediate incidents.

Life Sciences

Physical Sciences & Engineering

Social Sciences & Humanities

Health

Books in Social sciences and humanities