LOG IN TO READ THE ANNOTATED BIBLIOGRAPHY
INTRODUCTIONOver the past few decades, computer security has become a central concern for almost all computer systems. Because security relies on making certain actions impossible, security is difficult or impossible to add to a system after it is built. Instead, security should be considered in the requirement stage and carried through design, implementation, and operations. In each of the sections of this ACM Tech Pack, we focus on key themes and topics of the field so that interested readers with the equivalent of an undergraduate computer science background may become familiar with key areas of computer security.
Early mathematical work in the area of cryptography laid the groundwork for key security guarantees that systems seek to provide. Focus on security over the decades has also “gone up the stack” starting with network and operating security to application layer security. While software security techniques in general have been very helpful in providing application layer security, the security of web applications has received special focus due to their pervasiveness (as well as the initial lack of protections built into client/server web protocols). Over the decades, malicious software (or malware) has been used more and more aggressively by the cybercriminal community to achieve nefarious goals and often bypass security checks and countermeasures deployed in various levels of software. As the goal of attackers has also shifted from mischief to cybercrime over the years as computer systems and the data stored by them has become more valuable, the study of the economics of security has also become an important part of the field.