Security Engineering: A Guide to Building Dependable Distributed SystemsThe first quick reference guide to the do's and don'ts of creating high quality security systems. Ross Anderson, widely recognized as one of the world's foremost authorities on security engineering, presents a comprehensive design tutorial that covers a wide range of applications. Designed for today's programmers who need to build systems that withstand malice as well as error (but have no time to go do a PhD in security), this book illustrates basic concepts through many real-world system design successes and failures. Topics range from firewalls, through phone phreaking and copyright protection, to frauds against e-businesses. Anderson's book shows how to use a wide range of tools, from cryptology through smartcards to applied psychology. As everything from burglar alarms through heart monitors to bus ticket dispensers starts talking IP, the techniques taught in this book will become vital to everyone who wants to build systems that are secure, dependable and manageable. |
Contents
What Is Security Engineering? | 3 |
Protocols | 13 |
Research Problems | 50 |
Copyright | |
22 other sections not shown
Common terms and phrases
access control alarm algorithm Alice anonymous applications attacks authentication bank bits block cipher bugs called Chapter ciphertext communications computer security confidentiality copy countries crypto cryptographic customers database decrypt detection developed devices digital signature discuss effect electronic encryption equipment evaluation example failure Figure firewall fraud hardware hash function implementation input intelligence Internet involve issues jamming key escrow keystream large number machine meter military mobile phones multilevel security operating system output password pay-TV phone company plaintext problem processor protocol public key radar radio random records requirements risk S-box seals secret security engineering security policy sensors serial number server signal smartcard staff steganography stream cipher tachograph tamper tamper-resistant target technical techniques things traffic transactions typical Unix users vulnerable wiretaps