Programming Books C Java PHP Python Learn more Browse Programming Books
Security Engineering and over one million other books are available for Amazon Kindle. Learn more
  • List Price: $85.00
  • Save: $60.90(72%)
Rented from RentU
To Rent, select Shipping State from options above
Due Date: Jun 27, 2015
FREE return shipping at the end of the semester. Access codes and supplements are not guaranteed with rentals.
Qty:1
  • List Price: $85.00
  • Save: $22.67 (27%)
In Stock.
Ships from and sold by Amazon.com.
Gift-wrap available.
Security Engineering: A G... has been added to your Cart
Sell yours for a Gift Card
We'll buy it for $28.15
Learn More
Trade in now
Have one to sell? Sell on Amazon
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See all 2 images

Security Engineering: A Guide to Building Dependable Distributed Systems Hardcover – April 14, 2008

ISBN-13: 978-0470068526 ISBN-10: 0470068523 Edition: 2nd

Buy New
Price: $62.33
Rent
Price: $24.09 - $24.10
39 New from $48.94 26 Used from $29.96
Rent from Amazon Price New from Used from
Kindle
"Please retry"
Hardcover
"Please retry"
$24.09
$62.33
$48.94 $29.96
Paperback
"Please retry"
Free Two-Day Shipping for College Students with Amazon Student Free%20Two-Day%20Shipping%20for%20College%20Students%20with%20Amazon%20Student


Hero Quick Promo
Save up to 90% on Textbooks
Rent textbooks, buy textbooks, or get up to 80% back when you sell us your books. Shop Now
$62.33 FREE Shipping. In Stock. Ships from and sold by Amazon.com. Gift-wrap available.

Frequently Bought Together

Security Engineering: A Guide to Building Dependable Distributed Systems + University of Maryland: Custom Textbook for CSEC 630 + Computer and Information Security Handbook, Second Edition
Price for all three: $258.54

Buy the selected items together

Editorial Reviews

Review

"At over a thousand pages, this is a comprehensive volume." Engineering & Technology Saturday 7 June 2008

From the Back Cover

"Security engineering is different from any other kind of programming. . . . if you're even thinking of doing any security engineering, you need to read this book."
— Bruce Schneier

"This is the best book on computer security. Buy it, but more importantly, read it and apply it in your work."
— Gary McGraw

This book created the discipline of security engineering

The world has changed radically since the first edition was published in 2001. Spammers, virus writers, phishermen, money launderers, and spies now trade busily with each other in a lively online criminal economy — and as they specialize, they get better. New applications, from search to social networks to electronic voting machines, provide new targets. And terrorism has changed the world. In this indispensable, fully updated guide, Ross Anderson reveals how to build systems that stay dependable whether faced with error or malice.

Here's straight talk about

  • Technical engineering basics — cryptography, protocols, access controls, and distributed systems
  • Types of attack — phishing, Web exploits, card fraud, hardware hacks, and electronic warfare

  • Specialized protection mechanisms — what biometrics, seals, smartcards, alarms, and DRM do, and how they fail

  • Security economics — why companies build insecure systems, why it's tough to manage security projects, and how to cope

  • Security psychology — the privacy dilemma, what makes security too hard to use, and why deception will keep increasing

  • Policy — why governments waste money on security, why societies are vulnerable to terrorism, and what to do about it

NO_CONTENT_IN_FEATURE

Shop the new tech.book(store)
New! Introducing the tech.book(store), a hub for Software Developers and Architects, Networking Administrators, TPMs, and other technology professionals to find highly-rated and highly-relevant career resources. Shop books on programming and big data, or read this week's blog posts by authors and thought-leaders in the tech industry. > Shop now

Product Details

  • Hardcover: 1080 pages
  • Publisher: Wiley; 2 edition (April 14, 2008)
  • Language: English
  • ISBN-10: 0470068523
  • ISBN-13: 978-0470068526
  • Product Dimensions: 7.7 x 2.4 x 9.5 inches
  • Shipping Weight: 3.9 pounds (View shipping rates and policies)
  • Average Customer Review: 4.3 out of 5 stars  See all reviews (24 customer reviews)
  • Amazon Best Sellers Rank: #247,202 in Books (See Top 100 in Books)

More About the Author

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

Real life scenarios are the hallmark of this book.
John WEre
The book is well written, easy to follow, and devoid of the vagueness and platitudes so typical of much of the security literature.
Jacob Gajek
Definitely recommend this book if you are into computers and/or security.
cfinn

Most Helpful Customer Reviews

15 of 15 people found the following review helpful By Jacob Gajek on November 17, 2008
Format: Hardcover
For the typical busy security professional, reading a 900-page tome cover to cover represents an investment of time that may be difficult to justify. Frankly, security books that are worth the effort are few and far between. Security Engineering is one such book, for several reasons.

First, Ross Anderson's vast knowledge, experience and insight on the subject are well known, and his reputation as one of the top security experts in the world is well deserved. No doubt a reflection of this, his book covers a very broad range of security topics, the discussions ranging from high-level policy issues, all the way down to details of smartcard hacking and the mathematics of cryptography. The topics are well researched and described at a level of detail useful to the non-specialist. Concise summaries and occasional nuggets of insight indicate an in-depth understanding of the subject matter. The book is well written, easy to follow, and devoid of the vagueness and platitudes so typical of much of the security literature.

Second, the book exposes the sheer difficulty of engineering secure systems in the face of the many forces at play in a typical product development lifecycle. Through many case studies of success and failure, the author illustrates the numerous pitfalls that may befall even a well-intentioned design. Lessons learned from deploying products in the real world include the negative impact of perverse economic incentives, the importance of designing security features for maximum usability, and the need to look at a security problem from many different angles in a holistic manner. The book is a treasure trove of wisdom for the aspiring security engineer.

Lastly, the book brings together insight from many diverse areas of research.
Read more ›
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
7 of 7 people found the following review helpful By Greg on January 16, 2011
Format: Kindle Edition Verified Purchase
Certainly a top 5 in its space. Especially notable for its broad coverage and excellent references to other more detailed material. This is a very worthwhile update from the first edition (which is freely available from the author's web site as a PDF).
1 Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
4 of 4 people found the following review helpful By Witek Radomski on May 4, 2012
Format: Hardcover
I've had this book on my shelf for a while because the beginning of the book kept losing me, but after getting through the first couple of chapters it starts getting very interesting and I found it to be extremely mind opening. Loved all the various topics ranging from Cryptography to "Nuclear Command and Control" (yeah) to cheating in online video games. Examining these many different genres of security helps you think about security from more angles. An essential book.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
3 of 3 people found the following review helpful By Ben on May 15, 2012
Format: Hardcover Verified Purchase
I have just started a course in Security Engineering with the recommended Security Engineering Textbook which I am reviewing. I found the text simple to understand, full of examples that illustrate concepts and I think I enjoy using it.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
3 of 3 people found the following review helpful By Taylor D. Kelley on March 16, 2013
Format: Hardcover Verified Purchase
Houses several of the most concepts in a readily accessible fashion. Outside of the CISSP book this one I a solid second to own.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
8 of 11 people found the following review helpful By Marc W. Abel on September 6, 2013
Format: Hardcover
I read on page 133 that "the price of the perfect secrecy of the one-time pad is that it fails completely to protect message integrity." Actually, the lack of message integrity shown in the author's example is solely a construction of his naive implementation.

Although a character-wise or bit-wise application of an OTP appears in common explanations today, it's a foolish route to take. Many block ciphers can actually be used with one-time pads with perfect security. For example, 10-round AES can consume 128 bits of key from an OTP per 128 bit block of plaintext, resulting in 128 bits of ciphertext. Although the plaintext could still be manipulated by an attacker in this scheme, odds of detection are astronomically high because the simple bit flip-type attacks as shown in this book's example are no longer feasible. Instead, the recovered plaintext will have at least one block of jibberish, depending on whether or not chaining is employed. This scheme still maintains perfect security, because the 128 bits of key used for a given block of plaintext will not be reused, and as before all possible decryptions of the message are available with equal plausibility.

Moreover, one-time pads are very uniquely suited for protecting message integrity, because both users have this enormous resource of key material on hand. This can be done using Wegman-Carter hashing, which supplies provably secure authentication. This approach, known since 1981, should have made it into this book.

Frank Miller's invention of one-time pads during the 19th century is overlooked in this book, although information about Miller may not have been widely known at the time the present edition was published.
Read more ›
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
2 of 2 people found the following review helpful By LexLuthor on May 22, 2011
Format: Hardcover
This has got to be, hands down, one of the best security books that I have ever read. I ended up in a class where this was the text and groaned when I saw how thick it was, but it really doesn't read that way. It's full from cover to cover of great examples, including everything from infosec to physsec. It's definitely written to be a textbook, but is completely readable and will leave you with a much better understanding of how security engineering works. Awesome read!
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again

Most Recent Customer Reviews

Set up an Amazon Giveaway

Amazon Giveaway allows you to run promotional giveaways in order to create buzz, reward your audience, and attract new followers and customers. Learn more
Security Engineering: A Guide to Building Dependable Distributed Systems
This item: Security Engineering: A Guide to Building Dependable Distributed Systems
Price: $85.00 $62.33
Ships from and sold by Amazon.com

What Other Items Do Customers Buy After Viewing This Item?