Start reading Security Engineering on your Kindle in under a minute. Don't have a Kindle? Get your Kindle here.

Try it free

Read books on your computer or other mobile devices with our FREE Kindle Reading Apps.

Security Engineering: A Guide to Building Dependable Distributed Systems [Kindle Edition]

Ross J. Anderson (Author)

5.0 out of 5 stars See all reviews (2 customer reviews) |

Digital List Price:	�56.65 What's this?
Print List Price:	�55.00
Kindle Price:	�26.81 includes VAT* & free wireless delivery via *Amazon Whispernet*
You Save:	�28.19 (51%)
Unlike print books, digital books are subject to VAT.

Length: 1082 pages
Don't have a Kindle? Get your Kindle here.

Formats	Amazon Price		New from	Used from
Kindle Edition	�26.81		--	--
Hardcover	�35.75		--	--

Customers Who Bought This Item Also Bought

Liars and Outliers: Enabling the Trust that Soc... by Bruce Schneier
5.0 out of 5 stars (3)

�9.89
Secrets and Lies: Digital Security in a Network... by Bruce Schneier
4.6 out of 5 stars (27)

�7.19
Cryptography Engineering: Design Principles and... by Bruce Schneier
5.0 out of 5 stars (2)

�20.43
Schneier on Security by Bruce Schneier
4.8 out of 5 stars (4)

�11.69
Kingpin: How One Hacker Took Over the Billion-Do... by Kevin Poulsen
4.7 out of 5 stars (9)

�7.43
Official (ISC)2 Guide to the CISSP CBK, Secon... by Harold F. Tipton
4.5 out of 5 stars (2)

�30.35

Product Description

Review

“At over a thousand pages, this is a comprehensive volume.” Engineering & Technology Saturday 7 June 2008

Product Description

The world has changed radically since the first edition of this book was published in 2001. Spammers, virus writers, phishermen, money launderers, and spies now trade busily with each other in a lively online criminal economy and as they specialize, they get better. In this indispensable, fully updated guide, Ross Anderson reveals how to build systems that stay dependable whether faced with error or malice. Here?s straight talk on critical topics such as technical engineering basics, types of attack, specialized protection mechanisms, security psychology, policy, and more.

See all Product Description

Product details

Format: Kindle Edition
File Size: 4805 KB
Print Length: 1082 pages
Page Numbers Source ISBN: 0470068523
Publisher: Wiley; 2 edition (5 Nov 2010)
Sold by: Amazon Media EU S.� r.l.
Language English
ASIN: B004BDOZI0
Text-to-Speech: Enabled

Average Customer Review: 5.0 out of 5 stars See all reviews (2 customer reviews)

Amazon Bestsellers Rank: #106,711 Paid in Kindle Store (See Top 100 Paid in Kindle Store)
- #6 in Books > Computers & Internet > Computer Science > Networking & Security > Network Topics > Distributed Computing

Would you like to give feedback on images?

More About the Author

Discover books, learn about writers, and more.

› Visit Amazon's Ross Anderson Page

What Other Items Do Customers Buy After Viewing This Item?

Liars and Outliers: Enabling the Trust that Society Needs to Thrive by Bruce Schneier Kindle Edition
5.0 out of 5 stars (3)

�9.89

Secrets and Lies: Digital Security in a Networked World by Bruce Schneier Kindle Edition
4.6 out of 5 stars (27)

�7.19

Cryptography Engineering: Design Principles and Practical Applications by Bruce Schneier Kindle Edition
5.0 out of 5 stars (2)

�20.43

Dracula by Bram Stoker Kindle Edition
4.3 out of 5 stars (271)

�0.00

› Explore similar items

Tag this product

(What's this?)

Think of a tag as a keyword or label you consider is strongly related to this product.
Tags will help all customers organise and find favourite items.

Customer Reviews

5 star

4 star

3 star

2 star

1 star

2 reviews

5.0 out of 5 stars

Write a customer review

Most Helpful Customer Reviews

3 of 3 people found the following review helpful

A bible 5 July 2011

By Jack Brennan

Format:Hardcover

If you're interested in cyber (and physical) security in any way or have a few subjects touching on the topic at university or at a technical colleague this book is a must.

It focuses very much on secure systems and their implementation, while at the same time acknowledging the drawbacks that plague secure systems every day. The topic range is extremely broad and the author does indeed have great knowledge regarding all the topics he writes about.

If you're unsure if this book is for you you should go to Robert Andersons website and download the 1st edition for free.

Comment |

Was this review helpful to you?

Yes

2 of 2 people found the following review helpful

A Classic in its Field 16 Jun 2011

By Eoin Woods

Format:Hardcover

Security Engineering was already a classic text in its field and the new edition simply builds on this. It's comprehensive, correct, well written and easy to use. Highly recommended.

Comment |

Was this review helpful to you?

Yes

› See both customer reviews

Write a customer review

Most Helpful Customer Reviews on Amazon.com ^(beta)

Amazon.com: 12 reviews

5 of 5 people found the following review helpful

A profoundly influential work written by a world-class security expert 17 Nov 2008

By Jacob Gajek - Published on Amazon.com

Format:Hardcover

For the typical busy security professional, reading a 900-page tome cover to cover represents an investment of time that may be difficult to justify. Frankly, security books that are worth the effort are few and far between. Security Engineering is one such book, for several reasons.

First, Ross Anderson's vast knowledge, experience and insight on the subject are well known, and his reputation as one of the top security experts in the world is well deserved. No doubt a reflection of this, his book covers a very broad range of security topics, the discussions ranging from high-level policy issues, all the way down to details of smartcard hacking and the mathematics of cryptography. The topics are well researched and described at a level of detail useful to the non-specialist. Concise summaries and occasional nuggets of insight indicate an in-depth understanding of the subject matter. The book is well written, easy to follow, and devoid of the vagueness and platitudes so typical of much of the security literature.

Second, the book exposes the sheer difficulty of engineering secure systems in the face of the many forces at play in a typical product development lifecycle. Through many case studies of success and failure, the author illustrates the numerous pitfalls that may befall even a well-intentioned design. Lessons learned from deploying products in the real world include the negative impact of perverse economic incentives, the importance of designing security features for maximum usability, and the need to look at a security problem from many different angles in a holistic manner. The book is a treasure trove of wisdom for the aspiring security engineer.

Lastly, the book brings together insight from many diverse areas of research. Disciplines ranging from economics, psychology, sociology, criminology, banking and bookkeeping, safety research, electronic warfare, to politics are all mined for ideas and results that could yield a better understanding of - and novel approaches to - difficult security problems. It is perhaps in this aspect that the book will prove to be most influential. Since the first edition was published in 2001, security economics, security usability, and security psychology have emerged as fertile areas of research.

3 of 3 people found the following review helpful

Four benefits for the ISSEP candidate 17 Mar 2011

By Kurt D. Danis - Published on Amazon.com

Format:Hardcover

Four beneficial take-aways from Ross Anderson's book, Security Engineering: A Guide to Building Dependable Distributed Systems:

1. After reading 600 pages of prose, there are four bullets on page 652 that epitomize the entire book. Here they are:

DEFENSE AGAINST NETWORK ATTACK - four sets of tools to defend against network attack:

(1) Management (i.e. CM)
(2) Filtering (i.e. Firewalls)
(3) Intrusion Detection (i.e. IDS devices)
(4) Encryption (i.e. VPN devices with encryption)

2. I discovered a little known standard that may have influenced the Risk Management Framework (RMF) methodology developed in the NIST SP 800-37. Read this excerpt (p. 838): "It is important for the Security Engineer to have some knowledge of internal controls. There is a shortage of books on this subject... the most influential is the Risk Management Framework from the Committee of Sponsoring Organizations (COSO), a group of U.S. accounting and auditing bodies [ [].... Its basic process is an evolutionary cycle: in a given environment, you assess the risks, design controls, monitor their performance, and then go around the loop again."

3. There's a small blurb on the Capability Maturity Model (p. 849). I think this little concept helps to understand all the CMM documents on the street. Here it is: "Some useful insights come from the Capability Maturity Model developed by the Carnegie-Mellon University. Although this is aimed at dependability and at delivering code on time rather than specifically at security, their research shows that capability is something that develops in groups; it's not just a purely individual thing."

Then another blurb on p.864-865:
"The Carnegie-Mellon research showed that newly formed teams tended to underestimate the amount of work in project, and also had a high variance in the amount of time they took; the teams that worked best together were much better able to predict how long they'd take, in terms of the mean development time, but reduced the variance as well."

4. Lastly, the author admits that he's a cynic, and a cynical attitude is probably the BEST way to look at the Common Criteria.

2 of 2 people found the following review helpful

Excellent, readable, current 17 Jan 2011

By Greg - Published on Amazon.com

Format:Kindle Edition|Amazon Verified Purchase

Certainly a top 5 in its space. Especially notable for its broad coverage and excellent references to other more detailed material. This is a very worthwhile update from the first edition (which is freely available from the author's web site as a PDF).

› Go to Amazon.com to see all 12 reviews

Were these reviews helpful? Let us know

Popular Highlights

(What's this?)

privacy is secrecy for the benefit of the individual while confidentiality is secrecy for the benefit of the organization. &quote;

Highlighted by 17 Kindle users

Good security engineering requires four things to come together. There's policy: what you're supposed to achieve. There's mechanism: the ciphers, access controls, hardware tamper-resistance and other machinery that you assemble in order to implement the policy. There's assurance: the amount of reliance you can place on each particular mechanism. Finally, there's incentive: the motive that the people guarding and maintaining the system have to do their job properly, and also the motive that the attackers have to try to defeat your policy. &quote;

Highlighted by 17 Kindle users

Security engineering is about building systems to remain dependable in the face of malice, error, or mischance. &quote;

Highlighted by 16 Kindle users

.jsOffDisplayBlock { display: block; } .jsOffDisplayInline { display: inline; } .jsOffVisibility { visibility: visible; } .jsOnDisplayBlock { display: none; } .jsOnDisplayNoneBlock { display: block; } .jsOnDisplayNoneInline { display: inline; } .jsOnDisplayInline { display: none; } .jsOnVisibility { visibility: hidden; } .jqOnDisplayBlock { display: none; } .jqOnDisplayInline { display: none; } .jqOnVisibility { visibility: hidden; } .jqOnDisplayNoneBlock { display: block; } .jqOnDisplayNoneInline { display: inline; }