An Introduction to Computer Security: The NIST Handbook

An Introduction to Computer Security: The NIST Handbook

This handbook provides assistance in securing computer-based resources (including hardware, software, and information) by explaining important concepts, cost considerations, and interrelationships of security controls.

Publication date: 01 Dec 2006

ISBN-10: n/a

ISBN-13: n/a

Paperback: n/a

Views: 34,388

Type: Book

Publisher: n/a

License: n/a

Post time: 01 May 2008 07:50:25

An Introduction to Computer Security: The NIST Handbook

An Introduction to Computer Security: The NIST Handbook This handbook provides assistance in securing computer-based resources (including hardware, software, and information) by explaining important concepts, cost considerations, and interrelationships of security controls.
Tag(s): Computer Security Cryptography Information Security
Publication date: 01 Dec 2006
ISBN-10: n/a
ISBN-13: n/a
Paperback: n/a
Views: 34,388
Document Type: Book
Publisher: n/a
License: n/a
Post time: 01 May 2008 07:50:25
Excerpts from the Introduction:

This handbook provides assistance in securing computer-based resources (including hardware, software, and information) by explaining important concepts, cost considerations, and interrelationships of security controls. It illustrates the benefits of security controls, the major techniques or approaches for each control, and important related considerations.

The handbook provides a broad overview of computer security to help readers understand their computer security needs and develop a sound approach to the selection of appropriate security controls. It does not describe detailed steps necessary to implement a computer security program, provide detailed implementation procedures for security controls, or give guidance for auditing the security of specific systems. General references are provided at the end of this chapter, and references of "how-to" books and articles are provided at the end of each chapter in Parts II, III and IV.

The purpose of this handbook is not to specify requirements but, rather, to discuss the benefits of various computer security controls and situations in which their application may be appropriate. Some requirements for federal systems are noted in the text. This document provides advice 2 and guidance; no penalties are stipulated.

Intended Audience:

The handbook was written primarily for those who have computer security responsibilities and need assistance understanding basic concepts and techniques. Within the federal government, this includes those who have computer security responsibilities for sensitive systems.

For the most part, the concepts presented in the handbook are also applicable to the private sector. While there are differences between federal and private-sector computing, especially in terms of priorities and legal constraints, the underlying principles of computer security and the available safeguards managerial, operational, and technical are the same. The handbook is therefore useful to anyone who needs to learn the basics of computer security or wants a broad overview of the subject. However, it is probably too detailed to be employed as a user awareness guide, and is not intended to be used as an audit guide.
 




About The Author(s)


No information is available for this author.

National Institute of  Standards and Technology

No information is available for this author.


Book Categories