Security Engineering A Guide to Building Dependable Distributed Systems

InSecurity Engineering: A Guide to Building Dependable Distributed Systems,Third EditionCambridge University professor Ross Anderson updates hisclassic textbookand teaches readers how to design, implement, and test systemstowithstandbotherrorand attack.
Thisbookbecame a best-seller in 2001 and helped establish the discipline of security engineering.By the second edition in 2008,underground dark marketshadlet the bad guys specialize andscale up;attacks were increasingly on users rather than on technology.The bookrepeateditssuccessby showing how security engineers canfocus onusability.
Nowthe third edition brings it up to date for 2020.As people now go online from phones more than laptops, most servers are in the cloud, online advertising drives the Internet and social networks have taken over much human interaction, many patterns of crime and abuse are the same, but the methods have evolved. Ross Andersonexploreswhatsecurity engineeringmeans in 2020, including:How the basicelements of cryptography, protocols, and access controltranslate to the new world of phones, cloud services, social media and the Internet ofThingsWho the attackers are -fromnation statesandbusiness competitorsthroughcriminal gangstostalkers andplaygroundbulliesWhat they do -fromphishingandcarding throughSIMswappingand softwareexploitsto DDoS andfakenewsSecurity psychology,fromprivacythroughease-of-usetodeceptionThe economics of securityand dependability -why companies buildvulnerablesystems andgovernments look the otherwayHow dozens of industries went online - well orbadlyHow to manage securityand safetyengineeringin a world of agile development- from reliability engineering toDevSecOps
The thirdedition ofSecurity Engineeringends with a grand challenge: sustainable security.As we build ever more softwareand connectivityinto safety-critical durable goods like cars and medical devices, howdowe design systemswe canmaintain and defend for decades?Or will everything in the world need monthly software upgrades, and become unsafe once they stop?