Security Engineering and over one million other books are available for Amazon Kindle. Learn more

Vous voulez voir cette page en français ? Cliquez ici.


or
Sign in to turn on 1-Click ordering.
or
Amazon Prime Free Trial required. Sign up when you check out. Learn More
More Buying Choices
Have one to sell? Sell yours here
Start reading Security Engineering on your Kindle in under a minute.

Don't have a Kindle? Get your Kindle here, or download a FREE Kindle Reading App.

Security Engineering: A Guide to Building Dependable Distributed Systems [Hardcover]

Ross J. Anderson
5.0 out of 5 stars  See all reviews (3 customer reviews)
List Price: CDN$ 87.99
Price: CDN$ 70.39 & FREE Shipping. Details
You Save: CDN$ 17.60 (20%)
o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o
Only 3 left in stock (more on the way).
Ships from and sold by Amazon.ca. Gift-wrap available.
Want it delivered Monday, July 28? Choose One-Day Shipping at checkout.

Formats

Amazon Price New from Used from
Kindle Edition CDN $49.36  
Hardcover CDN $70.39  
Join Amazon Student in Canada


Book Description

April 14 2008 0470068523 978-0470068526 2
The world has changed radically since the first edition of this book was published in 2001. Spammers, virus writers, phishermen, money launderers, and spies now trade busily with each other in a lively online criminal economy and as they specialize, they get better. In this indispensable, fully updated guide, Ross Anderson reveals how to build systems that stay dependable whether faced with error or malice. Heres straight talk on critical topics such as technical engineering basics, types of attack, specialized protection mechanisms, security psychology, policy, and more.

Frequently Bought Together

Customers buy this book with Cryptography Engineering: Design Principles and Practical Applications CDN$ 39.57

Security Engineering: A Guide to Building Dependable Distributed Systems + Cryptography Engineering: Design Principles and Practical Applications
Price For Both: CDN$ 109.96

Show availability and shipping details


Customers Who Bought This Item Also Bought


Product Details


Product Description

Review

"At over a thousand pages, this is a comprehensive volume." Engineering & Technology Saturday 7 June 2008

From the Back Cover

"Security engineering is different from any other kind of programming. . . . if you're even thinking of doing any security engineering, you need to read this book."
— Bruce Schneier

"This is the best book on computer security. Buy it, but more importantly, read it and apply it in your work."
— Gary McGraw

This book created the discipline of security engineering

The world has changed radically since the first edition was published in 2001. Spammers, virus writers, phishermen, money launderers, and spies now trade busily with each other in a lively online criminal economy — and as they specialize, they get better. New applications, from search to social networks to electronic voting machines, provide new targets. And terrorism has changed the world. In this indispensable, fully updated guide, Ross Anderson reveals how to build systems that stay dependable whether faced with error or malice.

Here's straight talk about

  • Technical engineering basics — cryptography, protocols, access controls, and distributed systems
  • Types of attack — phishing, Web exploits, card fraud, hardware hacks, and electronic warfare

  • Specialized protection mechanisms — what biometrics, seals, smartcards, alarms, and DRM do, and how they fail

  • Security economics — why companies build insecure systems, why it's tough to manage security projects, and how to cope

  • Security psychology — the privacy dilemma, what makes security too hard to use, and why deception will keep increasing

  • Policy — why governments waste money on security, why societies are vulnerable to terrorism, and what to do about it


Inside This Book (Learn More)
Browse Sample Pages
Front Cover | Copyright | Table of Contents | Excerpt | Index | Back Cover
Search inside this book:

What Other Items Do Customers Buy After Viewing This Item?


Customer Reviews

4 star
0
3 star
0
2 star
0
1 star
0
5.0 out of 5 stars
5.0 out of 5 stars
Most helpful customer reviews
1 of 1 people found the following review helpful
Format:Hardcover
For the typical busy security professional, reading a 900-page tome cover to cover represents an investment of time that may be difficult to justify. Frankly, security books that are worth the effort are few and far between. Security Engineering is one such book, for several reasons.

First, Ross Anderson's vast knowledge, experience and insight on the subject are well known, and his reputation as one of the top security experts in the world is well deserved. No doubt a reflection of this, his book covers a very broad range of security topics, the discussions ranging from high-level policy issues, all the way down to details of smartcard hacking and the mathematics of cryptography. The topics are well researched and described at a level of detail useful to the non-specialist. Concise summaries and occasional nuggets of insight indicate an in-depth understanding of the subject matter. The book is well written, easy to follow, and devoid of the vagueness and platitudes so typical of much of the security literature.

Second, the book exposes the sheer difficulty of engineering secure systems in the face of the many forces at play in a typical product development lifecycle. Through many case studies of success and failure, the author illustrates the numerous pitfalls that may befall even a well-intentioned design. Lessons learned from deploying products in the real world include the negative impact of perverse economic incentives, the importance of designing security features for maximum usability, and the need to look at a security problem from many different angles in a holistic manner. The book is a treasure trove of wisdom for the aspiring security engineer.

Lastly, the book brings together insight from many diverse areas of research.
Read more ›
Was this review helpful to you?
5.0 out of 5 stars A Must Read Sept. 24 2011
Format:Hardcover|Verified Purchase
Anderson has successfully synthesized an incredibly diverse set of literature and, as a result, the book is useful for any person who is involved in security. The first section of the book outlines different threat models, offers accessible ways to develop and implement security designs, and also addresses issues of economics, psychology, and basic security issues that must be considered from the outset of security planning. Because different threat situations are raised throughout the book the reader will learn to appreciate the value of adopting comprehensive threat planning. This approach is not meant to drive a 'secure everything' mentality but to encourage readers to reflect on, and understand, what is actually being protected, why it is being protected, and what it is being protected from. As a result, a manager or team lead not invested in the day-to-day securing of a principle can have intelligent and critical discussions with their security staff, ensuring that principles are properly identified and resources assigned to ensure desired levels of threat protection. For staff involved in implementing policy, reading this first section may help to couch concerns in a language that is better understood by management. It will also let those same staff members more precisely plan and implement policies that are handed down from higher levels in an organizational framework.

In the second section of the book, Anderson addresses a series of 'topic areas' such as multilateral security, banking and bookkeeping, monitoring and metering, security printing and seals, API attacks, copyright, telecom security, and more.
Read more ›
Was this review helpful to you?
5.0 out of 5 stars not a word can be taken out of the book April 13 2009
Format:Hardcover
This is the book where anybody in the field can find something to learn.

Deep and wide coverage of a broad range of topics with extended bibliography for further reading makes this work standing out. Author highlights the areas that require additional research, provokes interesting discussions. Examples from different disciplines and perspectives of different countries/governments are linked together to further highlight the rationales for solutions.

The book is written with high quality and clarity of thinking that sets tone to other writers to follow, but not easy to match. It was a real pleasure reading this book.

The author also made this book available on line [...]
Was this review helpful to you?
Most Helpful Customer Reviews on Amazon.com (beta)
Amazon.com: 4.4 out of 5 stars  21 reviews
14 of 14 people found the following review helpful
5.0 out of 5 stars A profoundly influential work written by a world-class security expert Nov. 17 2008
By Jacob Gajek - Published on Amazon.com
Format:Hardcover
For the typical busy security professional, reading a 900-page tome cover to cover represents an investment of time that may be difficult to justify. Frankly, security books that are worth the effort are few and far between. Security Engineering is one such book, for several reasons.

First, Ross Anderson's vast knowledge, experience and insight on the subject are well known, and his reputation as one of the top security experts in the world is well deserved. No doubt a reflection of this, his book covers a very broad range of security topics, the discussions ranging from high-level policy issues, all the way down to details of smartcard hacking and the mathematics of cryptography. The topics are well researched and described at a level of detail useful to the non-specialist. Concise summaries and occasional nuggets of insight indicate an in-depth understanding of the subject matter. The book is well written, easy to follow, and devoid of the vagueness and platitudes so typical of much of the security literature.

Second, the book exposes the sheer difficulty of engineering secure systems in the face of the many forces at play in a typical product development lifecycle. Through many case studies of success and failure, the author illustrates the numerous pitfalls that may befall even a well-intentioned design. Lessons learned from deploying products in the real world include the negative impact of perverse economic incentives, the importance of designing security features for maximum usability, and the need to look at a security problem from many different angles in a holistic manner. The book is a treasure trove of wisdom for the aspiring security engineer.

Lastly, the book brings together insight from many diverse areas of research. Disciplines ranging from economics, psychology, sociology, criminology, banking and bookkeeping, safety research, electronic warfare, to politics are all mined for ideas and results that could yield a better understanding of - and novel approaches to - difficult security problems. It is perhaps in this aspect that the book will prove to be most influential. Since the first edition was published in 2001, security economics, security usability, and security psychology have emerged as fertile areas of research.
7 of 7 people found the following review helpful
5.0 out of 5 stars Excellent, readable, current Jan. 16 2011
By Greg - Published on Amazon.com
Format:Kindle Edition|Verified Purchase
Certainly a top 5 in its space. Especially notable for its broad coverage and excellent references to other more detailed material. This is a very worthwhile update from the first edition (which is freely available from the author's web site as a PDF).
4 of 4 people found the following review helpful
5.0 out of 5 stars Very good May 4 2012
By Witek Radomski - Published on Amazon.com
Format:Hardcover
I've had this book on my shelf for a while because the beginning of the book kept losing me, but after getting through the first couple of chapters it starts getting very interesting and I found it to be extremely mind opening. Loved all the various topics ranging from Cryptography to "Nuclear Command and Control" (yeah) to cheating in online video games. Examining these many different genres of security helps you think about security from more angles. An essential book.
3 of 3 people found the following review helpful
5.0 out of 5 stars Solid security book March 16 2013
By Taylor D. Kelley - Published on Amazon.com
Format:Hardcover|Verified Purchase
Houses several of the most concepts in a readily accessible fashion. Outside of the CISSP book this one I a solid second to own.
3 of 3 people found the following review helpful
4.0 out of 5 stars Textbook Purchase Review May 15 2012
By Ben - Published on Amazon.com
Format:Hardcover|Verified Purchase
I have just started a course in Security Engineering with the recommended Security Engineering Textbook which I am reviewing. I found the text simple to understand, full of examples that illustrate concepts and I think I enjoy using it.
Search Customer Reviews
Only search this product's reviews

Look for similar items by category


Feedback