|
|
Security Engineering: A Guide to Building Dependable Distributed Systems
|
List Price: $70.00
Our Price: $54.57
Your Save: $15.43 ( 22% )
Availability: Please click buy button for full availability
information.
Average Customer Rating:
 
Manufacturer: Wiley
|
|
|
Binding: Hardcover
Dewey Decimal Number: 005.1
EAN: 9780470068526
ISBN: 0470068523
Label: Wiley
Manufacturer: Wiley
Number Of Items: 1
Number Of Pages: 1080
Publication Date: 2008-04-14
Publisher: Wiley
Studio: Wiley
|
|
|
|
|
|
Spotlight customer reviews:
|
Customer Rating: 
Summary: Should read if ...
Comment: Nutshell review - You should read this book if you have anything to do with information security. Chapters are topic specific and can be easily used as a reference. Well written, easy to follow, great book.
Customer Rating:
Summary: Very Good Book for Starters and Experienced Professionals
Comment: I found the book very interesting to read as a textbook becasue it draws many examples from everyday applications. The style of writing is good and it covers broadly all areas of IT security. For those requiring more detailed discussions in specific areas of security, this may not be sufficient.
Customer Rating:
Summary: Unique in its genre
Comment: The title is maybe misleading. It is not really a guide that will show you a procedure step by step 'how to do' to build secure systems as most engineering books do. It is rather a survey of the different security protocols used in various fields. Of course, you can learn from the success and errors described in the book and use this knowledge for developing a new system but you will have to connect the dots yourself.
The book is very dense in information and at first, its format was making it tedious for me to read. It did take around 3 chapters before I get accustomed to the format. Once, this aspect was out of the way, this book became amazingly interesting. It describes systems used in banking, by diplomats, military, for nuclear weapons, police, set-up box TV decoders smart cards and anti tampering devices in general, spies, biometric authentication, etc.. and focus on the security protocols used by these systems and then highlights the weaknesses of the systems and how people have figured out how to workaround these protocols.
The best quality of the book is that it will help you to better understand the mindset of a secure system designer and a system hacker.
Customer Rating:
Summary: Textbook for class.
Comment: The book is interesting but it's starting to show signs of it's age. I think the last revision of it was 2001, so the examples are good, yet aged. It would be great if they updated it. Still a useful and good book though.
Customer Rating:
Summary: More high-level concepts and less hands-on guidance
Comment: This is certainly a good book for getting introduced to most high-level architectural concepts related to Network security, cryptography, mandatory/multi-level access control etc. From a application development perspective, this book falls short on how to build architecure, design and implement them into your business applications which ultimately meets the end-user. The author justifies the high-level concepts well enough from a generalist perspective, but the industry-standards from OASIS leans towards standards-based application security protocols..which pushes a developer/architect like me to take those suggestions first and how to apply them in real world. The book also does'nt address on how-to build security for emerging application architectures based on Service-oriented architecture (SOA), Identity Management, Net-centric Federated applications. As a developer/architect using Java or Microsoft .NET or open-source based distributed applications, I need guidance on how to implement the recommended concepts (in the book) for example using biometrics or smartcards for building multi-factor access control at my application-level...unfortunately I don't find any answers for real-world implementation.
|
|
|
Editorial Reviews:
|
|
Gigantically comprehensive and carefully researched, Security Engineering makes it clear just how difficult it is to protect information systems from corruption, eavesdropping, unauthorized use, and general malice. Better, Ross Anderson offers a lot of thoughts on how information can be made more secure (though probably not absolutely secure, at least not forever) with the help of both technologies and management strategies. His work makes fascinating reading and will no doubt inspire considerable doubt--fear is probably a better choice of words--in anyone with information to gather, protect, or make decisions about. Be aware: This is absolutely not a book solely about computers, with yet another explanation of Alice and Bob and how they exchange public keys in order to exchange messages in secret. Anderson explores, for example, the ingenious ways in which European truck drivers defeat their vehicles' speed-logging equipment. In another section, he shows how the end of the cold war brought on a decline in defenses against radio-frequency monitoring (radio frequencies can be used to determine, at a distance, what's going on in systems--bank teller machines, say), and how similar technology can be used to reverse-engineer the calculations that go on inside smart cards. In almost 600 pages of riveting detail, Anderson warns us not to be seduced by the latest defensive technologies, never to underestimate human ingenuity, and always use common sense in defending valuables. A terrific read for security professionals and general readers alike. --David Wall Topics covered: How some people go about protecting valuable things (particularly, but not exclusively, information) and how other people go about getting it anyway. Mostly, this takes the form of essays (about, for example, how the U.S. Air Force keeps its nukes out of the wrong hands) and stories (one of which tells of an art thief who defeated the latest technology by hiding in a closet). Sections deal with technologies, policies, psychology, and legal matters.
|
|
|
|
|
|
|
|
