Editors' Rating
Published: 03 Oct 2008
It's seven years since Ross Anderson, who heads the security group at the University of Cambridge's Computer Laboratory, published the first edition of Security Engineering: A Guide to Building Dependable Distributed Systems. Since then, as he writes in the preface to this new edition, 'The world has changed'. Malware is written by criminals rather than mischievous teens, Microsoft has moved security from the bottom of its list of priorities to the top, pervasive computing and smartphones pose new challenges, social engineering in the form of phishing and pretexting is one of the biggest threats, cryptography is in far more widespread use, online applications have changed the world and 9/11 has changed perceptions and psychology. No wonder Anderson decided it was time for an update to what's arguably the seminal textbook on its subject.
This is not just a textbook for students. It's a book that should be required reading for everyone involved in designing any kind of security system, whether what's being protected is an airplane full of passengers or a personal computer.
Security is a process, not a product. One of the more helpful consequences of this principle is that Security Engineering is not a particularly technical book; Anderson covers his many technical subjects in plain, well-written, English. The book, as Anderson explains, grew out of his notes for the course on the subject that he teaches at Cambridge; he began writing the book in the late 1990s because existing books didn't cover the same ground. Even now, most books on security either talk about specific tools such as cryptography or securing individual applications and operating systems.
Look, by comparison, at the list of just some of the topics Anderson covers: usability, psychology, access control, economics, banking, nuclear command and control, copyright and digital rights management, terrorism. For the subjects relating to types of applications, he includes not only explanations of the basics and the technologies and system designs involved, but a section on what goes wrong with those systems, plus an outline of areas needing further research. Economics and psychology may seem peripheral, but both are key to building security correctly: psychology helps an engineer understand how users — often the biggest vulnerability in any system — think, while economics, particularly game theory, helps analyse incentives. The point is, it's not enough to have tools and know what their features are: designing good security is much more complex than that.
At the 2008 Black Hat conference, a court ruling stopped a team from MIT from presenting the results of research into vulnerabilities in the implementation of RFID payment cards in use on Boston's mass transit system. The incident serves as a reminder that disclosing security information can still be controversial. Anderson takes the view that the 'bad guys' already know this stuff and that the 'good guys' will benefit much more.
If you're in any doubt about whether you need this book, you can sample it for yourself online: six chapters of the new edition and the full text of the first edition are all available for download for free.
Digg
Slashdot
Del.ici.ous
Stumble
Reddit
