Security Engineering: A Guide to Building Dependable Distributed Systems

Security Engineering: A Guide to Building Dependable Distributed Systems, Third Edition, by Cambridge University professor Ross Anderson, teaches readers how to design, implement, and test systems to withstand error and attack. It covers cryptography, protocols, access control, attackers, methods, security psychology, economics, and managing security and safety engineering in an agile development world. The book ends with a grand challenge: sustainable security.

\n Format: Hardback
\n Length: 1232 pages
\n Publication date: 26 January 2021
\n Publisher: John Wiley & Sons Inc
\n

Security engineering is a critical field that plays a vital role in ensuring the security and reliability of our digital systems. With the increasing prevalence of software in everything from smartphones to cloud services, it is essential to understand how to engineer dependable systems that can withstand both error and attack. In his book, "Security Engineering: A Guide to Building Dependable Distributed Systems," Third Edition, Cambridge University professor Ross Anderson updates his classic textbook and provides readers with a comprehensive guide to designing, implementing, and testing systems that are resilient to security threats.

The book first became a best-seller in 2001 and helped establish the discipline of security engineering. By the second edition in 2008, underground dark markets had allowed bad actors to specialize and scale up their attacks, targeting users rather than technology. However, the third edition brings the book up to date for 2020, reflecting the changing landscape of security engineering in the modern world.

One of the key themes of the book is the translation of traditional security principles to the new world of phones, cloud services, social media, and the Internet of Things (IoT). Anderson explains how the basic elements of cryptography, protocols, and access control apply in this new context, and how security engineers can adapt their approaches to meet the unique challenges posed by these technologies.

The book also delves into the nature of attackers and their methods of attack. From nation-states and business competitors to criminal gangs and stalkers, Anderson explores the diverse range of actors involved in cybercrime and their tactics. He provides insights into phishing security psychology, from privacy through ease-of-use to deception, and how these factors influence the design and implementation of secure systems.

Another important aspect of security engineering is the economics of security and dependability. Anderson explains why companies build vulnerable systems and why governments look the other way when it comes to security breaches. He explores the incentives and disincentives that drive security decisions and provides practical advice for organizations and governments on how to improve their security posture.

The book also provides a detailed account of how dozens of industries have gone online, and the security challenges they have faced along the way. Anderson highlights the risks and vulnerabilities associated with different types of online systems, such as e-commerce, social media, and healthcare, and provides practical guidance on how to design and implement secure solutions that meet the specific needs of these industries.

In conclusion, "Security Engineering: A Guide to Building Dependable Distributed Systems," Third Edition is a must-read for anyone interested in security engineering. It provides a comprehensive and up-to-date introduction to the field, covering the latest technologies, attacker methods, security psychology, economics, and best practices. By following the guidance provided in this book, security engineers can build resilient and secure systems that protect against the ever-evolving threat landscape.

\n Weight: 1844g\n
Dimension: 243 x 197 x 56 (mm)\n
ISBN-13: 9781119642787\n
Edition number: 3rd Edition\n