Security Engineering and over one million other books are available for Amazon Kindle. Learn more
CDN$ 70.39
  • List Price: CDN$ 87.99
  • You Save: CDN$ 17.60 (20%)
Usually ships within 2 to 4 weeks.
Ships from and sold by Amazon.ca.
Gift-wrap available.
Quantity:1
Have one to sell?
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See all 2 images

Security Engineering: A Guide to Building Dependable Distributed Systems Hardcover – Apr 14 2008


See all 2 formats and editions Hide other formats and editions
Amazon Price New from Used from
Kindle Edition
"Please retry"
Hardcover
"Please retry"
CDN$ 70.39
CDN$ 63.06 CDN$ 58.29

2014 Books Gift Guide for Children & Teens
Browse our featured books to find gift ideas for the boys or girls on your holiday shopping list this year!

Frequently Bought Together

Security Engineering: A Guide to Building Dependable Distributed Systems + Inside the Security Mind: Making the Tough Decisions
Price For Both: CDN$ 99.99

One of these items ships sooner than the other.


Customers Who Bought This Item Also Bought



Product Details

  • Hardcover: 1080 pages
  • Publisher: Wiley; 2 edition (April 14 2008)
  • Language: English
  • ISBN-10: 0470068523
  • ISBN-13: 978-0470068526
  • Product Dimensions: 19.6 x 6.1 x 24.2 cm
  • Shipping Weight: 1.8 Kg
  • Average Customer Review: 5.0 out of 5 stars  See all reviews (3 customer reviews)
  • Amazon Bestsellers Rank: #24,819 in Books (See Top 100 in Books)
  • See Complete Table of Contents

Product Description

Review

"At over a thousand pages, this is a comprehensive volume." Engineering & Technology Saturday 7 June 2008

From the Back Cover

"Security engineering is different from any other kind of programming. . . . if you're even thinking of doing any security engineering, you need to read this book."
— Bruce Schneier

"This is the best book on computer security. Buy it, but more importantly, read it and apply it in your work."
— Gary McGraw

This book created the discipline of security engineering

The world has changed radically since the first edition was published in 2001. Spammers, virus writers, phishermen, money launderers, and spies now trade busily with each other in a lively online criminal economy — and as they specialize, they get better. New applications, from search to social networks to electronic voting machines, provide new targets. And terrorism has changed the world. In this indispensable, fully updated guide, Ross Anderson reveals how to build systems that stay dependable whether faced with error or malice.

Here's straight talk about

  • Technical engineering basics — cryptography, protocols, access controls, and distributed systems
  • Types of attack — phishing, Web exploits, card fraud, hardware hacks, and electronic warfare

  • Specialized protection mechanisms — what biometrics, seals, smartcards, alarms, and DRM do, and how they fail

  • Security economics — why companies build insecure systems, why it's tough to manage security projects, and how to cope

  • Security psychology — the privacy dilemma, what makes security too hard to use, and why deception will keep increasing

  • Policy — why governments waste money on security, why societies are vulnerable to terrorism, and what to do about it


Inside This Book (Learn More)
Browse Sample Pages
Front Cover | Copyright | Table of Contents | Excerpt | Index | Back Cover
Search inside this book:

What Other Items Do Customers Buy After Viewing This Item?

Customer Reviews

5.0 out of 5 stars
5 star
3
4 star
0
3 star
0
2 star
0
1 star
0
See all 3 customer reviews
Share your thoughts with other customers

Most helpful customer reviews

1 of 1 people found the following review helpful By Jacob Gajek on Nov. 17 2008
Format: Hardcover
For the typical busy security professional, reading a 900-page tome cover to cover represents an investment of time that may be difficult to justify. Frankly, security books that are worth the effort are few and far between. Security Engineering is one such book, for several reasons.

First, Ross Anderson's vast knowledge, experience and insight on the subject are well known, and his reputation as one of the top security experts in the world is well deserved. No doubt a reflection of this, his book covers a very broad range of security topics, the discussions ranging from high-level policy issues, all the way down to details of smartcard hacking and the mathematics of cryptography. The topics are well researched and described at a level of detail useful to the non-specialist. Concise summaries and occasional nuggets of insight indicate an in-depth understanding of the subject matter. The book is well written, easy to follow, and devoid of the vagueness and platitudes so typical of much of the security literature.

Second, the book exposes the sheer difficulty of engineering secure systems in the face of the many forces at play in a typical product development lifecycle. Through many case studies of success and failure, the author illustrates the numerous pitfalls that may befall even a well-intentioned design. Lessons learned from deploying products in the real world include the negative impact of perverse economic incentives, the importance of designing security features for maximum usability, and the need to look at a security problem from many different angles in a holistic manner. The book is a treasure trove of wisdom for the aspiring security engineer.

Lastly, the book brings together insight from many diverse areas of research.
Read more ›
Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again.
Format: Hardcover
This is the book where anybody in the field can find something to learn.

Deep and wide coverage of a broad range of topics with extended bibliography for further reading makes this work standing out. Author highlights the areas that require additional research, provokes interesting discussions. Examples from different disciplines and perspectives of different countries/governments are linked together to further highlight the rationales for solutions.

The book is written with high quality and clarity of thinking that sets tone to other writers to follow, but not easy to match. It was a real pleasure reading this book.

The author also made this book available on line [...]
Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again.
By Christopher Parsons on Sept. 24 2011
Format: Hardcover Verified Purchase
Anderson has successfully synthesized an incredibly diverse set of literature and, as a result, the book is useful for any person who is involved in security. The first section of the book outlines different threat models, offers accessible ways to develop and implement security designs, and also addresses issues of economics, psychology, and basic security issues that must be considered from the outset of security planning. Because different threat situations are raised throughout the book the reader will learn to appreciate the value of adopting comprehensive threat planning. This approach is not meant to drive a 'secure everything' mentality but to encourage readers to reflect on, and understand, what is actually being protected, why it is being protected, and what it is being protected from. As a result, a manager or team lead not invested in the day-to-day securing of a principle can have intelligent and critical discussions with their security staff, ensuring that principles are properly identified and resources assigned to ensure desired levels of threat protection. For staff involved in implementing policy, reading this first section may help to couch concerns in a language that is better understood by management. It will also let those same staff members more precisely plan and implement policies that are handed down from higher levels in an organizational framework.

In the second section of the book, Anderson addresses a series of 'topic areas' such as multilateral security, banking and bookkeeping, monitoring and metering, security printing and seals, API attacks, copyright, telecom security, and more.
Read more ›
Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again.

Most Helpful Customer Reviews on Amazon.com (beta)

Amazon.com: 22 reviews
14 of 14 people found the following review helpful
A profoundly influential work written by a world-class security expert Nov. 17 2008
By Jacob Gajek - Published on Amazon.com
Format: Hardcover
For the typical busy security professional, reading a 900-page tome cover to cover represents an investment of time that may be difficult to justify. Frankly, security books that are worth the effort are few and far between. Security Engineering is one such book, for several reasons.

First, Ross Anderson's vast knowledge, experience and insight on the subject are well known, and his reputation as one of the top security experts in the world is well deserved. No doubt a reflection of this, his book covers a very broad range of security topics, the discussions ranging from high-level policy issues, all the way down to details of smartcard hacking and the mathematics of cryptography. The topics are well researched and described at a level of detail useful to the non-specialist. Concise summaries and occasional nuggets of insight indicate an in-depth understanding of the subject matter. The book is well written, easy to follow, and devoid of the vagueness and platitudes so typical of much of the security literature.

Second, the book exposes the sheer difficulty of engineering secure systems in the face of the many forces at play in a typical product development lifecycle. Through many case studies of success and failure, the author illustrates the numerous pitfalls that may befall even a well-intentioned design. Lessons learned from deploying products in the real world include the negative impact of perverse economic incentives, the importance of designing security features for maximum usability, and the need to look at a security problem from many different angles in a holistic manner. The book is a treasure trove of wisdom for the aspiring security engineer.

Lastly, the book brings together insight from many diverse areas of research. Disciplines ranging from economics, psychology, sociology, criminology, banking and bookkeeping, safety research, electronic warfare, to politics are all mined for ideas and results that could yield a better understanding of - and novel approaches to - difficult security problems. It is perhaps in this aspect that the book will prove to be most influential. Since the first edition was published in 2001, security economics, security usability, and security psychology have emerged as fertile areas of research.
7 of 7 people found the following review helpful
Excellent, readable, current Jan. 16 2011
By Greg - Published on Amazon.com
Format: Kindle Edition Verified Purchase
Certainly a top 5 in its space. Especially notable for its broad coverage and excellent references to other more detailed material. This is a very worthwhile update from the first edition (which is freely available from the author's web site as a PDF).
4 of 4 people found the following review helpful
Very good May 4 2012
By Witek Radomski - Published on Amazon.com
Format: Hardcover
I've had this book on my shelf for a while because the beginning of the book kept losing me, but after getting through the first couple of chapters it starts getting very interesting and I found it to be extremely mind opening. Loved all the various topics ranging from Cryptography to "Nuclear Command and Control" (yeah) to cheating in online video games. Examining these many different genres of security helps you think about security from more angles. An essential book.
3 of 3 people found the following review helpful
Solid security book March 16 2013
By Taylor D. Kelley - Published on Amazon.com
Format: Hardcover Verified Purchase
Houses several of the most concepts in a readily accessible fashion. Outside of the CISSP book this one I a solid second to own.
3 of 3 people found the following review helpful
Textbook Purchase Review May 15 2012
By Ben - Published on Amazon.com
Format: Hardcover Verified Purchase
I have just started a course in Security Engineering with the recommended Security Engineering Textbook which I am reviewing. I found the text simple to understand, full of examples that illustrate concepts and I think I enjoy using it.


Feedback