Information security risk analysis, second edition

Information Security Risk Analysis, Second Edition

Volumn , Issue , 2005, Pages 1-344

  Peltier, Thomas R ^a  

^a Thomas R Peltier Associates LLC   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

DECISION MAKING; MANAGERS; RISK ANALYSIS; RISK MANAGEMENT; SECURITY OF DATA;

ASSESSMENT PROCESS; BUSINESS IMPACT ANALYSIS; EXECUTIVE DECISION MAKINGS; INFORMATION SECURITY RISK ANALYSIS; PRE-SCREENING METHODS; QUALITATIVE RISK ASSESSMENT; RISK MANAGEMENT PROCESS; VULNERABILITY ASSESSMENTS;

RISK ASSESSMENT;

EID: 85055233227     PISSN: None     EISSN: None     Source Type: Book    
DOI: 10.1201/9781420031195     Document Type: Book

References (50)

1. Anonymous. Maximum Security: A Hacker’s Guide to Protecting Your Internet Site and Network, 2nd ed. Indianapolis: Sams Publishing, 1998.
2. Atkinson, R. Security Architecture for the Internet Protocol. RFC 1825, Naval Research Laboratory, August 1995.
3. Bryson, Lisa C. Protect Your Boss and Your Job: Due Care in Information Security. Computer Security Alert 146, San Francisco, May 1995.
4. Carroll, John M. Computer Security, 3rd ed. Woburn, MA: Butterworth-Heinemann Publishers, Ltd., 1996.
5. D’Agenais, Jean, and John Carruthers. Creating Effective Manuals. Cincinnati, OH: South-Western Publishing Co., 1985.
6. Depuis, Clement. CISSP Study Booklet on Operations Security. Posted at http://www.cccure.org, April 5, 1999.
7. Devlin, Ed, and Cole Emerson. Business Resumption Planning, 1999 ed. New York: Auerbach Publications, 1999.
8. Economic Espionage Act of 1996. U.S. Congressional Record of 1996. Available at http://cybercrime.gov/EEAleghist.htm.
9. Ermann, M. David, Mary B. Williams, and Michele S. Shauf. Computers, Ethics and Society, 2nd ed. New York: Oxford University Press, 1997.
10. Ford, Warwick, and Michael S. Baum. Secure Electronic Commerce. Englewood Cliffs, NJ: Prentice Hall, 1997.
11. Glass, Robert L. Building Quality Software. Englewood Cliffs, NJ: Prentice Hall, 1992.
12. Guttman, E., L. Leong, and G. Malkin. Users’ Security Handbook. RFC 2504, Sun Microsystems, February 1999.
13. Hare, Chris. CISSP Certified CBK Study Guide: Business Continuity Planning Domain. Posted at http://www.cccure.org, March 1999.
14. Housley, R., W. Ford, W. Polk, and D. Solo. Internet X.509 Public Key Infrastructure Certificate and CRL Profile. RFC 2459, SPYRUS, January 1999.
15. Hutt, Arthur E., Seymour Bosworth, and Douglas B. Hoyt. Computer Security Handbook, 3rd ed. New York: John Wiley & Sons, 1995.
16. Icove, David, Karl Seger, and William VonStorch. Computer Crime: A Crimefighter’s Handbook. Sebastopol, CA:: O’Reilly & Associates, 1995.
17. Imparl, Steven D., JD. Internet Law: The Complete Guide. Specialty Technical Publishers, 2000.
18. International Information Security Foundation. Generally Accepted Systems Security Principles (GASSP), Version 2.0. Gaithersburg, MD: International Information Security Foundation, June 1999.
19. International Standards Organization. Common Criteria for Information Technology Security Evaluation, Version 2.1. Geneva, Switzerland: International Standards Organization, August 1999.
20. International Standards Organization. Information Technology: Code of Practice for Information Security Management, ISO/IEC 17799:2000(E). Geneva, Switzerland: International Standards Organization, 2000.
21. Jackson, K.M., and J. Hruska. Computer Security Reference Book. Boca Raton, FL: CRC Press, 1992.
22. Kabay, Michel E. The NCSA Guide to Enterprise Security. New York: McGraw-Hill Computer Communications Series, 1999.
23. King, Christopher M., Curtis E. Dalton, and T. Ertem Osmanoglu. Security Architecture: Design, Deployment and Operations. Emeryville, CA: Osborn/McGraw-Hill, 2001.
24. Krawczyk, H., M. Bellare, and R. Canetti. HMAC: Keyed-Hashing for Message Authentication. RFC 2104, IBM, February 1997.
25. National Institute of Standards and Technology. Generally Accepted Principles and Practices for Securing Information Technology Systems, Special Publication 800-14. Washington, D.C.: U.S. Government Printing Office, September 1996.
26. National Institute of Standards and Technology. Contingency Planning Guide for Securing Information Technology Systems, Special Publication 800-34. Washington, D.C.: U.S. Government Printing Office, June 2002.
27. National Institute of Standards and Technology. An Introduction to Computer Security: The NIST Handbook, Special Publication 800-12. Washington, D.C.: U.S. Government Printing Office, October 1995.
28. National Institute of Standards and Technology. NIST Generally Accepted Principles and Practices for Securing Information Technology Systems, Special Publication 800-14. Washington, D.C.: U.S. Government Printing Office, September 1996.
29. National Institute of Standards and Technology. Risk Management Guide for Information Technology Systems, Special Publication 800-30. Washington, D.C.: U.S. Government Printing Office, January 2002.
30. National Research Council. Computers a Risk: Safe Computing in the Information Age. Washington, D.C.: National Academy Press, 1991.
31. National Security Agency. Online Course: Overview and Risk Management Terminology. Posted at www.ncisse.org/Courseware/NSAcourse/lesson1/lesson. PPT, 1997.
32. Parker, Donn. Risk Reduction Out, Enablement and Due Care In. Computer Security Institute Journal, Volume XVI, Number 4, Winter 2000.
33. Peltier, Thomas R. Information Security Policies, Standards, Procedures and Guidelines. Boca Raton, FL: CRC Press, 2001.
34. Peltier, Thomas R. Information Security Risk Analysis. New York: Auerbach Publications, 2001.
35. Peltier, Tom. How to Build a Comprehensive Security Awareness Program. Computer Security Institute Journal, Volume XVI, Number 2, Spring 2000.
36. Pfleeger, Charles P. Security in Computing, 2nd ed. Upper Saddle River, NJ: Prentice Hall, 1996.
37. Piper, D. The Internet IP Security Domain of Interpretation for ISAKMP. RFC 2407, Network Alchemy, November 1998.
38. Postel, Jon, and Joyce Reynolds. File Transfer Protocol. RFC 959, ISI, October 1985.
39. Russell, Deborah, and G.T. Gangemi Sr. Computer Security Basics. Sebastopol, CA: O’Reilly & Associates, 1991.
40. Scambray, Joel, Stuart McClure, and George Kurtz. Hacking Exposed: Network Security Secrets and Solutions, 2nd ed. New York: Osborne/McGraw-Hill, 2001.
41. Schneier, Bruce. Applied Cryptography. New York: John Wiley & Sons, 1996.
42. Stephenson, Peter. Investigating Computer-Related Crime. New York: CRC Press, 2000.
43. Summers, Rita C. Secure Computing: Threats and Safeguards. New York: McGraw-Hill, 1997.
44. Tipton, Harold F., and Micki Krause, Eds. Information Security Management Handbook, 1996–97, yearbook edition. New York: Auerbach Publications, 1997.
45. Tipton, Harold F., and Micki Krause, Eds. Information Security Management Handbook, 4th ed. New York: Auerbach Publications, 2000.
46. Tudor, Jan Killmeyer. Information Security Architecture. New York: Auerbach Publications, 2001.
47. U.S. Department of Defense. Technical Rationale behind CSC-STD-003-85. Washington, D.C.: U.S. Government Printing Office, 1985.
48. U.S. Department of Defense. Trusted Computer System Evaluation Criteria. Washington, D.C.: U.S. Government Printing Office, 1985.
49. U.S. Department of Defense. Trusted Network Interpretation of the Trusted Computer System Evaluation Criteria. Washington, D.C.: U.S. Government Printing Office, 1987.
50. Vallabhaneni, Rao S. CISSP Examination Textbooks, Vol. 1. Schaumburg, IL: SRV Professional Publications, 2000.