zbMATH — the first resource for mathematics

Security management. Risk handling in information technology systems. (Sicherheitsmanagement. Risikobewältigung in informationstechnologischen Systemen.) (German) Zbl 0756.68004
Sicherheit in der Informations- und Kommunikationstechnik. 1. Mannheim etc.: BI-Wissenschaftsverlag. 334 p. (1992).
The importance of security and reliability of information technology (IT) systems is well known in each modern enterprise. Presently there is an increasing number of publications of this matter. The goal of this book is to give a comprehensive overview of a complex and large variety of subjects of IT security. However, the author hardly discusses the existing problems on these subjects in their full width. The book aims at scientists and persons in IT practise and provides relevant fundamental knowledge of the evolution of security problems and their mutual connections and influences. The book is recommended to all german- speaking readers who are interested in a scientifically sound overview of data security. For an extra study of special problems, suitable references facilitate the search for further sources.
The book is divided into 11 chapters. After an introduction each chapter has a different focus for discussion. Based on todays facts, chapter 2 describes the risks on data processing. Chapter 3 discusses IT security as a part of risks management. After that, the basic threats and the ‘attack’ scenarios are described in chapter 4. Some basic technologies for IT security are discussed in detail in chapter 5, in which encryption is the main item. Chapter 6 has a wider scope with technical concepts for solutions. Especially authentification, authorization and computer virus problems are discussed. Security evaluations are examined in chapter 7. In the chapters 8, 9 and 10 the author treats the structural, the organizational and personal measures, and legal aspects. The last chapter looks ahead to the demands of the 90’s. The appendix contains informations about the state of international standardization.

68-01 Introductory exposition (textbooks, tutorial papers, etc.) pertaining to computer science
68P25 Data encryption (aspects in computer science)
68M01 General theory of computer systems