Skip to main content
  • Textbook
  • © 2021

Computer Security and the Internet

Tools and Jewels from Malware to Bitcoin

  • Concise but rigorous and comprehensive overview of computer and Internet security

  • Suitable for junior/senior undergrad or first-year graduate students, also suitable for self-study

  • Selectively explains fine points for exemplary topics to concretely illustrate concepts and principles

Part of the book series: Information Security and Cryptography (ISC)

Buying options

eBook USD 59.99
Price excludes VAT (USA)
  • ISBN: 978-3-030-83411-1
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Hardcover Book USD 79.99
Price excludes VAT (USA)

This is a preview of subscription content, access via your institution.

Table of contents (13 chapters)

  1. Front Matter

    Pages i-xxix
  2. Security Concepts and Principles

    • Paul C. van Oorschot
    Pages 1-28
  3. Cryptographic Building Blocks

    • Paul C. van Oorschot
    Pages 29-53
  4. Authentication Protocols and Key Establishment

    • Paul C. van Oorschot
    Pages 91-124
  5. Operating System Security and Access Control

    • Paul C. van Oorschot
    Pages 125-154
  6. Software Security—Exploits and Privilege Escalation

    • Paul C. van Oorschot
    Pages 155-182
  7. Malicious Software

    • Paul C. van Oorschot
    Pages 183-211
  8. Public-Key Certificate Management and Use Cases

    • Paul C. van Oorschot
    Pages 213-244
  9. Web and Browser Security

    • Paul C. van Oorschot
    Pages 245-279
  10. Firewalls and Tunnels

    • Paul C. van Oorschot
    Pages 281-308
  11. Intrusion Detection and Network-Based Attacks

    • Paul C. van Oorschot
    Pages 309-338
  12. Wireless LAN Security: 802.11 and Wi-Fi

    • Paul C. van Oorschot
    Pages 339-373
  13. Bitcoin, Blockchains and Ethereum

    • Paul C. van Oorschot
    Pages 375-409
  14. Back Matter

    Pages 411-446

About this book

Building on the core strengths of the inaugural book, this second edition of a uniquely accessible textbook provides a concise, yet comprehensive overview of computer and Internet security. It builds on the design principles to address security-related error patterns that have plagued software and system designs for more than 50 years.

Computer Security and the Internet is “elementary” in that it assumes no background in security, but unlike “soft” high-level texts it does not avoid low-level details. The book reinforces fundamental academic concepts with examples and also relates these concepts to practical challenges and real-world incidents. Its overriding focus is brevity, without sacrificing breadth of core topics or technical detail within them; it designates selected content as optional to help readers prioritize topics. While knowledge of elementary operating-system and networking concepts is helpful, review sections summarize the essential background.

Topics and features:

  • Delivers comprehensive, technically sound explanations without burdening readers with mathematical proofs or lengthy source-code examples
  • (NEW) adds chapter on wireless LAN security (Wi-Fi and 802.11)
  • (NEW) adds chapter on Bitcoin and Ethereum, blockchains and cryptocurrencies
  • Integrates inline exercises and supplemental per-chapter references and endnotes, bridging to further topics and serving as a springboard to research literature
  • Dives selectively into fine points for exemplary topics to concretely illustrate concepts and principles
  • Provides pointers to key surveys and relevant standards, including from the Internet Engineering Task Force and the U.S. National Institute of Standards and Technology


Ideal for a one- or two-term introductory course for junior/senior undergraduate or first-year graduate students, this textbook/reference is also suitable for self-study by anyone seeking a solid footing in security, including software developers and computing professionals, technical managers, and government staff.

Paul C. van Oorschot is a Professor of Computer Science at Carleton University (Ottawa), Canada Research Chair in Authentication and Computer Security, ACM Fellow, and IEEE Fellow. His earlier industrial career was in telecommunications and software security.

Keywords

  • Information Security
  • Cryptography
  • User Authentication
  • Passwords
  • Biometrics
  • Authentication Protocols
  • Key Establishment
  • Operating System Security
  • Access Control
  • Software Security
  • Web Security
  • Firewalls
  • Intrusion Detection
  • Network Security
  • Computer Security

Reviews

“I can vouch to the accuracy and clarity found in Van Oorschot's latest book, and can recommend it to those serious about getting introduced to security. The topic is very broad, as evidenced by the number of important security conferences and the hundreds of papers published every year, not to mention the billions made selling security products and services.” (Rik Farrow, usenix.org, April 8, 2022)

“The book is a technical tour de force and is a helpful reference. … the book has its primary audience in students in a one-term or two-term, third- or fourth-year undergraduate course in computer science, those in the corporate world looking for a highly technical reference will find the book to be quite valuable. … As a first-rate computer scientist and writer, van Oorschot has written a book that will make you a much smarter and better information security professional.” (Ben Rothke, rsaconference.com, April 7, 2022)

"[This] book identifies ten relatively self-contained structural areas of widespread concern, each of which is probed with detail sufficient to establish relatively accessible groundwork for the primary concepts. The book makes considerable headway into underlying realities that otherwise tend to make things difficult to understand, to design, and to implement correctly. It provides collected wisdom on how to overcome complexity in many critical areas, and forms a sound basis for many of the necessary fundamental com­ponents and concepts. Also, much of what is described here is well chosen, because it has survived the test of time … Understanding everything in this book is an essential precursor to achieving meaningfully trustworthy systems … Paul’s realistic approach and structural organization in this book are likely to provide a very useful early step – particularly for students and emerging practitioners, but also for computer users interested in a better understanding of what attaining security might entail." [Peter G. Neumann, SRI International]

"This is THE textbook we've been waiting for when redesigning our introductory computer security course! Well-balanced emphasis on the right issues, getting to the bone where necessary. Paul's book filled in the gap we identified quite some time ago." [Vashek Matyáš, Masaryk University]

"Extremely clear and well-organized. The best introduction to the field." [Cormac Herley, Microsoft Research]

"This book's combination of grounding and theory addresses an important gap, and will serve new stu­dents well!" [Adam Shostack, author of “Threat Modeling: Designing for Security”]

"Paul’s book does an amazing job of distilling the chaotic panoply of the security world into a remarkably coherent, principled, and (crucially) accessible form. It’s a wonderful gift to the security field, especially those tasked with teaching security to up-and-coming developers, engineers, and researchers. I’m excited to already be using it in my class." [Bryan Parno, Carnegie Mellon University]

"The only book I could previously recommend as a textbook for introductory security classes was pub­lished in 2002 and outdated in multiple ways. I have been looking for a new textbook for years, but I could not find a book that covered the topics I was going to cover. [This] book, not long, yet remarkably com­prehensive, put an end to my search." [Kemal Bıçakcı, TOBB University of Economics and Technology]

"I have been teaching Computer Security for 25 years, and I have finally found the perfect text for my computer security course! Paul Van Oorschot has once again written a game changing book. His previous work, the Handbook of Applied Cryptography in 1997 was my go-to reference for anything crypto related. In this book he has done for applied network security what he previously accomplished for cryptography. This is an accessible, must have book that can serve as a textbook for an introductory college course, or as the perfect read for anyone wanting to master Internet security." [Avi Rubin, Johns Hopkins University]

"This book is a fantastic introduction to computer and Internet security concepts. Not only is it accessible to those new to the field, but it also manages to present a thorough treatment of the subject matter com­plete with rich real-world examples and helpful exercises. As a security practitioner, I consider this book not only suitable as a trusted reference in an academic setting but also for those actually working in the computer security field. In fact, this text has quickly become an essential (and well used) part of my team’s reference material." [David Whyte, Cyber Resilience Coordination Centre, Bank for International Settlements]

"This book is perfect for my foundational security course. Its relatively short length (which makes it appro­priate for a one semester course) is misleading: the book is rich with material, presented in a manner such that every word counts. It is sufficiently comprehensive to be used as a reference, yet clear enough to be used as a teaching text. Protocols, practices, and concepts are not just presented, but also motivated, often with historical background. I will be using it, and my students will have a much more comprehensive under­standing of security because of it." [Douglas Szajda, University of Richmond, Virginia]

Authors and Affiliations

  • School of Computer Science, Carleton University, Ottawa, Canada

    Paul C. van Oorschot

About the author

Paul C. van Oorschot is a Professor of Computer Science at Carleton University (Ottawa), where he is Canada Research Chair in Authentication and Computer Security. He is an ACM Fellow, an IEEE Fellow, and a Fellow of the Royal Society of Canada. He was Program Chair of NSPW 2014-2015, USENIX Security 2008, NDSS 2001-2002, and co-author of the Handbook of Applied Cryptography (1996). He has served on the editorial boards of IEEE TDSC, IEEE TIFS, and ACM TISSEC/TOPS. His research interests include authentication and identity management, computer security, Internet security, security and usability, software security, and applied cryptography. His academic career was preceded by 14 years of industrial research and development in telecommunications and software security.

Bibliographic Information

Buying options

eBook USD 59.99
Price excludes VAT (USA)
  • ISBN: 978-3-030-83411-1
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Hardcover Book USD 79.99
Price excludes VAT (USA)