Security Engineering
A Guide to Building Dependable Distributed Systems
Gebonden Engels 2021 3e druk 9781119642787Samenvatting
Now that there’s software in everything, how can you make anything secure? Understand how to engineer dependable systems with this newly updated classic
In 'Security Engineering: A Guide to Building Dependable Distributed Systems', Third Edition Cambridge University professor Ross Anderson updates his classic textbook and teaches readers how to design, implement, and test systems to withstand both error and attack.
This book became a best-seller in 2001 and helped establish the discipline of security engineering. By the second edition in 2008, underground dark markets had let the bad guys specialize and scale up; attacks were increasingly on users rather than on technology. The book repeated its success by showing how security engineers can focus on usability.
Now the third edition brings it up to date for 2020. As people now go online from phones more than laptops, most servers are in the cloud, online advertising drives the Internet and social networks have taken over much human interaction, many patterns of crime and abuse are the same, but the methods have evolved.
Ross Anderson explores what security engineering means in 2020, including:
- How the basic elements of cryptography, protocols, and access control translate to the new world of phones, cloud services, social media and the Internet of Things
- Who the attackers are – from nation states and business competitors through criminal gangs to stalkers and playground bullies
- What they do – from phishing and carding through SIM swapping and software exploits to DDoS and fake news
- Security psychology, from privacy through ease-of-use to deception
- The economics of security and dependability – why companies build vulnerable systems and governments look the other way
- How dozens of industries went online – well or badly
- How to manage security and safety engineering in a world of agile development – from reliability engineering to DevSecOps
The third edition of Security Engineering ends with a grand challenge: sustainable security. As we build ever more software and connectivity into safety-critical durable goods like cars and medical devices, how do we design systems we can maintain and defend for decades? Or will everything in the world need monthly software upgrades, and become unsafe once they stop?
Specificaties
Lezersrecensies
Inhoudsopgave
Preface to the Second Edition xli
Preface to the First Edition xliii
Formy daughter, and other lawyers… xlvii
Foreword xlix
Part I
Chapter 1 What Is Security Engineering? 3
Chapter 2 Who Is the Opponent? 17
Chapter 3 Psychology and Usability 63
Chapter 4 Protocols 119
Chapter 5 Cryptography 145
Chapter 6 Access Control 207
Chapter 7 Distributed Systems 243
Chapter 8 Economics 275
Part II
Chapter 9 Multilevel Security 315
Chapter 10 Boundaries 341
Chapter 11 Inference Control 375
Chapter 12 Banking and Bookkeeping 405
Chapter 13 Locks and Alarms 471
Chapter 14 Monitoring and Metering 497
Chapter 15 Nuclear Command and Control 529
Chapter 16 Security Printing and Seals 549
Chapter 17 Biometrics 571
Chapter 18 Tamper Resistance 599
Chapter 19 Side Channels 639
Chapter 20 Advanced Cryptographic Engineering 667
Chapter 21 Network Attack and Defence 699
Chapter 22 Phones 737
Chapter 23 Electronic and Information Warfare 777
Chapter 24 Copyright and DRM 815
Chapter 25 New Directions? 865
Part III
Chapter 26 Surveillance or Privacy? 909
Chapter 27 Secure Systems Development 965
Chapter 28 Assurance and Sustainability 1015
Chapter 29 Beyond “Computer Says No” 1059
Bibliography 1061
Index 1143
Rubrieken
- advisering
- algemeen management
- coaching en trainen
- communicatie en media
- economie
- financieel management
- inkoop en logistiek
- internet en social media
- it-management / ict
- juridisch
- leiderschap
- marketing
- mens en maatschappij
- non-profit
- ondernemen
- organisatiekunde
- personal finance
- personeelsmanagement
- persoonlijke effectiviteit
- projectmanagement
- psychologie
- reclame en verkoop
- strategisch management
- verandermanagement
- werk en loopbaan