More and more working computer professionals are confronted with the use, maintenance, or customization of cryptographic components and program certification mechanisms for local or mobile code. This text for advanced undergraduate and beginning graduate students tells what every computer scientist ought to know about cryptographic systems, security protocols, and secure information flow in programs. Highlights include a detailed description of the new advanced encryption standard Rijndael; a complete description of an optimal public-key encryption using RSA which turns 'textbook RSA' into a practical implementation; a current, and formal discussion of standard security models for information flow in computer programs or human organizations; and a discussion of moral, legal, and political issues. Another novel feature of the book is the presentation of a formal model-checking tool for specifying and debugging security protocols. The book also includes numerous implementation exercises and programming projects. A supporting web site contains Java source code for the programs featured in the text plus links to other sites, including online papers and tutorials offering deeper treatments of the topics presented.