Security Engineering: A Guide to Building Dependable Distributed Systems
Ross J. Anderson (Author)
# Format: PDF
# Size: 4.76MB
# Hardcover: 1080 pages
# Publisher: John Wiley & Sons; 2nd Edition edition (11 April 200
# Language English
# ISBN-10: 0470068523
# ISBN-13: 978-0470068526
01 When downloaded use WinRar or a similar program to extract files.
Gigantically comprehensive and carefully researched, Security Engineering makes it clear just how difficult it is to protect information systems from corruption, eavesdropping, unauthorised use and general malice. Better, Ross Anderson offers a lot of thoughts on how information can be made more secure (though probably not absolutely secure, at least not forever) with the help of both technologies and management strategies. His work makes fascinating reading, and will no doubt inspire considerable doubt--fear is probably a better choice of words--in anyone with information to gather, protect, or make decisions upon.
Be aware: this is absolutely not a book solely about computers, with yet another explanation of Alice and Bob and how they exchange public keys in order to exchange messages in secret. Anderson explores, for example, the ingenuous ways in which European truck drivers defeat their vehicles' speed-logging equipment. In another section, he shows how the end of the Cold War brought on a decline in defences against radio-frequency monitoring (radio frequencies can be used to determine, at a distance, what's going on in systems--bank teller machines, say) and how similar technology can be used to reverse-engineer the calculations that go on inside smart cards. In almost 600 pages of riveting detail, Anderson warns us not to be seduced by the latest defensive technologies, never to underestimate human ingenuity and always use common sense in defending valuables. It is a terrific read for security professionals and general readers alike.
Think you are an expert on computer security? Yes? Well, no matter if you can do triple-DES in your head, by carefully reading this book (and learning its lessons) you will find many holes in any security system you have ever designed. Guess what? They don't need to crack your 1024 bit key to thwart your procedures -- there's at least a hundred ways to go around encryption.
Ross Anderson surveys the entire spectrum of contemporary techno-security, from nuclear weapons to the electric meters used in South Africa, and tells you the nuts-n-bolts of how they are architected, and where things fall apart. What becomes clear is that perfect security doesn't exist in the real world, so you need to create "security in depth", where you secure all aspects of your enterprise. Attacks can come from the CEO, your customer, the janitor, the designer, or a passing crack head. In fact, the biggest threat is time itself -- a procedure secure today will become vulnerable in a couple of years if you don't treat security as a living, growing, changing, high-priority part of your enterprise.