Hardcover: 1080 pages
Publisher: Wiley; 2 edition (April 14, 2008)
Product Dimensions: 7.7 x 2.4 x 9.5 inches
Shipping Weight: 3.9 pounds (View shipping rates and policies)
Average Customer Review: 4.4 out of 5 stars See all reviews (59 customer reviews)
Best Sellers Rank: #83,165 in Books (See Top 100 in Books) #16 in Books > Textbooks > Computer Science > Algorithms #20 in Books > Computers & Technology > Certification > CompTIA #40 in Books > Computers & Technology > Programming > Algorithms
A large group of programmers were asked a hypothetical question: If Microsoft was to build an airplane, would you get on it? All of the programmers instantly said no, save for a sole programmer who said he would definitely board the plane. When asked why he was so confident about getting on the plane, he replied, "If Microsoft were to ever build an airplane, it would be extremely safe since the plane would never make it out of the gate."When it comes to information security, its current state is similar to that of a Microsoft airplane--built, but often flashy, while not forcefully functional. The root of the problem is that most organizations view security as something added on in a piecemeal fashion, rather than an integral engineering issue.Those in the construction business get this concept; they know that designs, plans, permits, coordination, commitment, buy-in, etc.,; are all requirements, not options. Similarly, before any information security product is rolled-out, the appropriate project plans must exist. While the concept that design must come before implementation is a given in most other industries, many IT departments lack this understanding.Thus is the quandary that Ross Anderson deals with in Security Engineering: A Guide to Building Dependable Distributed Systems. In a nutshell, Security Engineering is one of the best security books ever written. If you are looking for 50 pages of screen prints on how to install and configure a printer under Windows 2000, this is the wrong book for that. What Anderson does, in great detail and with lucidity, is particularize all of the aspects that are required to create a security infrastructure. He relentlessly reiterates that security must be engineered into information systems from the outset.
For the typical busy security professional, reading a 900-page tome cover to cover represents an investment of time that may be difficult to justify. Frankly, security books that are worth the effort are few and far between. Security Engineering is one such book, for several reasons.First, Ross Anderson's vast knowledge, experience and insight on the subject are well known, and his reputation as one of the top security experts in the world is well deserved. No doubt a reflection of this, his book covers a very broad range of security topics, the discussions ranging from high-level policy issues, all the way down to details of smartcard hacking and the mathematics of cryptography. The topics are well researched and described at a level of detail useful to the non-specialist. Concise summaries and occasional nuggets of insight indicate an in-depth understanding of the subject matter. The book is well written, easy to follow, and devoid of the vagueness and platitudes so typical of much of the security literature.Second, the book exposes the sheer difficulty of engineering secure systems in the face of the many forces at play in a typical product development lifecycle. Through many case studies of success and failure, the author illustrates the numerous pitfalls that may befall even a well-intentioned design. Lessons learned from deploying products in the real world include the negative impact of perverse economic incentives, the importance of designing security features for maximum usability, and the need to look at a security problem from many different angles in a holistic manner. The book is a treasure trove of wisdom for the aspiring security engineer.Lastly, the book brings together insight from many diverse areas of research.
Security Engineering: A Guide to Building Dependable Distributed Systems Fundamentals of Distributed Object Systems: The CORBA Perspective (Wiley Series on Parallel and Distributed Computing) Distributed Platforms: Proceedings of the IFIP/IEEE International Conference on Distributed Platforms: Client/Server and Beyond: DCE, CORBA, ODP and ... in Information and Communication Technology) Home Security: Top 10 Home Security Strategies to Protect Your House and Family Against Criminals and Break-ins (home security monitor, home security system diy, secure home network) Fundamentals Of Information Systems Security (Information Systems Security & Assurance) Social Security: Time for a Life of Leisure - The Guide of Secrets to Maximising Social Security Retirement Benefits and Planning Your Retirement (social ... disability, social security made simple) DAS 101 Distributed Antenna System: A Basic Guide to In-Building Wireless Infrastructure Java Programming with CORBA: Advanced Techniques for Building Distributed Applications (OMG) Distributed Algorithms (The Morgan Kaufmann Series in Data Management Systems) Distributed Systems: Principles and Paradigms (2nd Edition) Distributed Systems: Principles and Paradigms Distributed Operating Systems The Practice of Cloud System Administration: Designing and Operating Large Distributed Systems, Volume 2 Developing Secure Distributed Systems with CORBA Distributed Shared Memory: Concepts and Systems Implementing Information Security in Healthcare: Building a Security Program (HIMSS Book Series) Tissue Engineering I: Scaffold Systems for Tissue Engineering (Advances in Biochemical Engineering/Biotechnology) (v. 1) Engineering a Safer World: Systems Thinking Applied to Safety (Engineering Systems) Systems Engineering and Analysis (5th Edition) (Prentice Hall International Series in Industrial & Systems Engineering) Hacking: Basic Security, Penetration Testing and How to Hack (hacking, how to hack, penetration testing, basic security, arduino, python, engineering)