- Hardcover: 1080 pages
- Publisher: Wiley; 2 edition (April 14, 2008)
- Language: English
- ISBN-10: 0470068523
- ISBN-13: 978-0470068526
- Product Dimensions: 7.7 x 2.4 x 9.3 inches
- Shipping Weight: 3.9 pounds (View shipping rates and policies)
- Average Customer Review: 63 customer reviews
- Amazon Best Sellers Rank: #370,566 in Books (See Top 100 in Books)
Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
To get the free app, enter your mobile phone number.
Security Engineering: A Guide to Building Dependable Distributed Systems 2nd Edition
Use the Amazon App to scan ISBNs and compare prices.
Fulfillment by Amazon (FBA) is a service we offer sellers that lets them store their products in Amazon's fulfillment centers, and we directly pack, ship, and provide customer service for these products. Something we hope you'll especially enjoy: FBA items qualify for FREE Shipping and Amazon Prime.
If you're a seller, Fulfillment by Amazon can help you increase your sales. We invite you to learn more about Fulfillment by Amazon .
"Enlightenment Now: The Case for Reason, Science, Humanism, and Progress"
Is the world really falling apart? Is the ideal of progress obsolete? Cognitive scientist and public intellectual Steven Pinker urges us to step back from the gory headlines and prophecies of doom, and instead, follow the data: In seventy-five jaw-dropping graphs, Pinker shows that life, health, prosperity, safety, peace, knowledge, and happiness are on the rise. Learn more
Frequently bought together
Customers who bought this item also bought
Customers who viewed this item also viewed
"At over a thousand pages, this is a comprehensive volume." Engineering & Technology Saturday 7 June 2008
From the Back Cover
"Security engineering is different from any other kind of programming. . . . if you're even thinking of doing any security engineering, you need to read this book."
— Bruce Schneier
"This is the best book on computer security. Buy it, but more importantly, read it and apply it in your work."
— Gary McGraw
This book created the discipline of security engineering
The world has changed radically since the first edition was published in 2001. Spammers, virus writers, phishermen, money launderers, and spies now trade busily with each other in a lively online criminal economy — and as they specialize, they get better. New applications, from search to social networks to electronic voting machines, provide new targets. And terrorism has changed the world. In this indispensable, fully updated guide, Ross Anderson reveals how to build systems that stay dependable whether faced with error or malice.
Here's straight talk about
- Technical engineering basics — cryptography, protocols, access controls, and distributed systems
Types of attack — phishing, Web exploits, card fraud, hardware hacks, and electronic warfare
Specialized protection mechanisms — what biometrics, seals, smartcards, alarms, and DRM do, and how they fail
Security economics — why companies build insecure systems, why it's tough to manage security projects, and how to cope
Security psychology — the privacy dilemma, what makes security too hard to use, and why deception will keep increasing
Policy — why governments waste money on security, why societies are vulnerable to terrorism, and what to do about it
Top customer reviews
There was a problem filtering reviews right now. Please try again later.
Two elements combine make this book unique: first, the book manages to cover all of the major topics in the field, and second, the book covers the whole range of attacks that systems can face: technical, procedural and physical. Historically, writers on information security have focused on computers and disembodied "users," downplaying the crucial issues of physical security, perimeters, operating procedures, and the limits of human behavior. This book tries to integrate such concerns into information security thinking, instead of treating them as "special concerns that computer geeks don't really care about."
Best of all, the book is a great read. Ross has a fine way of drawing out the irony we encounter in user behavior, enterprise behavior, and even in the actions of presumed authorities in industry and government. At one point he discusses a government endorsed security evaluation process "which, as mentioned, is sufficient to keep out all attackers but the competent ones."
Ross unabashedly explains several aspects of information security that most writers ignore entirely, like security printing, seals, tamper resistance, and associated procedures. In my own books, reviewers have chided me for including such "irrelevant" topics, even though they play an essential part in making a real system work. As Ross ably points out, most successful attacks these days are pretty mundane and don't involve cryptanalysis or sophisticated protocol hacking. ATM fraud, for example, often relies on pre-computer technology like binoculars to pick up a victim's PIN. This book should open a lot of peoples' eyes.
I specially enjoyed the Multilevel Security and Multilateral Security chapters.
Full of references, the book is well worth to have a place between your 'special books'. I plan to use it as a reference in my next security courses (for graduate students).
Most recent customer reviews
I especially like all the examples.Read more