Security Engineering: A Guide to Building Dependable Distributed Systems
by Ross Anderson
Wiley 2001. ISBN 0-471-38922-6.
Reviewed by Anish Mathuria September 14, 2001
This book is for everyone who wants to design and build secure systems. It fills a void in the literature on security engineering. A central theme throughout the book is that in order to design secure systems, you have to grasp the fundamentals of crypto and access control, but at the same time you need to understand why security often fails in the real world. Readers will find entertaining and accessible discussions on a variety of topics including banking security, security protocols, tamper resistance, security policy models, monitoring systems, and copyright protection (to name a few). Each chapter ends with thought-provoking questions on the subject as well as suggestions for further reading. The bibliography has over 800 references from the academic and popular literature on security. It is available online from the book's website, www.ross-anderson.com. to hats of any color.