"I can vouch to the accuracy and clarity found in Van Oorschot's latest book, and can recommend it to those serious about getting introduced to security. The topic is very broad, as evidenced by the number of important security conferences and the hundreds of papers published every year, not to mention the billions made selling security products and services." (Rik Farrow, usenix.org, April 8, 2022)
"The book is a technical tour de force and is a helpful reference. ... the book has its primary audience in students in a one-term or two-term, third- or fourth-year undergraduate course in computer science, those in the corporate world looking for a highly technical reference will find the book to be quite valuable. ... As a first-rate computer scientist and writer, van Oorschot has written a book that will make you a much smarter and better information security professional." (Ben Rothke, rsaconference.com, April 7, 2022)

1. Security Concepts and Principles.- 2. Cryptographic Building Blocks.- 3. User Authentication—Passwords, Biometrics and Alternatives.- 4. Authentication Protocols and Key Establishment.-5. Operating System Security and Access Control.- 6. Software Security—Exploits and Privilege Escalation.- 7. Malicious Software.- 8. Public-Key Certificate Management and Use Cases.- 9. Web and Browser Security.- 10. Firewalls and Tunnels.- 11. Intrusion Detection and Network-Based Attacks.- 12. Wireless LAN Security: 802.11 and Wi-Fi.- 13. Bitcoin, Blockchains and Ethereum.- Epilogue.- Index. 

Paul C. van Oorschot is a Professor of Computer Science at Carleton University (Ottawa), where he is Canada Research Chair in Authentication and Computer Security. He is an ACM Fellow, an IEEE Fellow, and a Fellow of the Royal Society of Canada. He was Program Chair of NSPW 2014-2015, USENIX Security 2008, NDSS 2001-2002, and co-author of the Handbook of Applied Cryptography (1996). He has served on the editorial boards of IEEE TDSC, IEEE TIFS, and ACM TISSEC/TOPS. His research interests include authentication and identity management, computer security, Internet security, security and usability, software security, and applied cryptography. His academic career was preceded by 14 years of industrial research and development in telecommunications and software security.

Building on the core strengths of the inaugural book, this second edition of a uniquely accessible textbook provides a concise, yet comprehensive overview of computer and Internet security. It builds on the design principles to address security-related error patterns that have plagued software and system designs for more than 50 years.

Computer Security and the Internet is “elementary” in that it assumes no background in security, but unlike “soft” high-level texts it does not avoid low-level details. The book reinforces fundamental academic concepts with examples and also relates these concepts to practical challenges and real-world incidents. Its overriding focus is brevity, without sacrificing breadth of core topics or technical detail within them; it designates selected content as optional to help readers prioritize topics. While knowledge of elementary operating-system and networking concepts is helpful, review sections summarize the essential background.

Topics and features:

• Delivers comprehensive, technically sound explanations without burdening readers with mathematical proofs or lengthy source-code examples
• (NEW) adds chapter on wireless LAN security (Wi-Fi and 802.11)
• (NEW) adds chapter on Bitcoin and Ethereum, blockchains and cryptocurrencies
• Integrates inline exercises and supplemental per-chapter references and endnotes, bridging to further topics and serving as a springboard to research literature
• Dives selectively into fine points for exemplary topics to concretely illustrate concepts and principles
• Provides pointers to key surveys and relevant standards, including from the Internet Engineering Task Force and the U.S. National Institute of Standards and Technology

Ideal for a one- or two-term introductory course for junior/senior undergraduate or first-year graduate students, this textbook/reference is also suitable for self-study by anyone seeking a solid footing in security, including software developers and computing professionals, technical managers, and government staff.

Paul C. van Oorschot is a Professor of Computer Science at Carleton University (Ottawa), Canada Research Chair in Authentication and Computer Security, ACM Fellow, and IEEE Fellow. His earlier industrial career was in telecommunications and software security.