Security Engineering: A Guide to Building Dependable Distributed Systems

When it comes to information security, its current state is similar to that of a Microsoft airplane--built, but often flashy, while not forcefully functional. The root of the problem is that most organizations view security as something added on in a piecemeal fashion, rather than an integral engineering issue.

Those in the construction business get this concept; they know that designs, plans, permits, coordination, commitment, buy-in, etc.,; are all requirements, not options. Similarly, before any information security product is rolled-out, the appropriate project plans must exist. While the concept that design must come before implementation is a given in most other industries, many IT departments lack this understanding.

Thus is the quandary that Ross Anderson deals with in Security Engineering: A Guide to Building Dependable Distributed Systems. In a nutshell, Security Engineering is one of the best security books ever written. If you are looking for 50 pages of screen prints on how to install and configure a printer under Windows 2000, this is the wrong book for that. What Anderson does, in great detail and with lucidity, is particularize all of the aspects that are required to create a security infrastructure. He relentlessly reiterates that security must be engineered into information systems from the outset. When security is retrofitted into an application or system, it is never as effective.

Anderson defines security engineering as "building systems to remain dependable in the face of malice, error or mischance. As a discipline, it focuses on the tools, processes and methods needed to design, implement and test complete systems, and to adapt existing systems as their environment evolves."

In its 24 chapters, the book covers every domain of computer security. As noted security guru Bruce Schneier writes in the book's foreword "If you're even thinking of doing any security engineering, you need to read this book." Schneier's comment compliments his own attitude that security is not a product, rather a process. Going with that mantra, Anderson demonstrates in exhaustive detail how information security must be implemented in every aspect of the information system's infrastructure in order for systems to be dependable and secure.

The often knee-jerk response to information security is to deal with it at the product level. With that, the security product of the year is purchased (Air Gap, IDS, PKI, etc.) and the company hopes and prays for security. Unfortunately, it does not work like that. Anderson writes that security products can't operate in a vacuum. They must operate in the framework of a comprehensive architecture supported by policies. That is precisely why there are huge amounts of books on security component technology, but very few on how to use them effectively. When it comes to making all of these security technologies interoperate, there are few good titles in print, and that is the value of this book....

In more than 600 pages of intense information, Anderson lays the groundwork on how to build a secure and dependable system. Every aspect of information security is discussed in the book -- from passwords, access control, and attacks, to physical security and policy. Additionally, relevant and timely topics such as information warfare, privacy protection, access control, and more are discussed. This is the only book that covers the end-to-end spectrum of security design and engineering.

Just as important as the technical issues covered in the book, the entire range of attacks that distributed systems can face (technical, procedural, and physical) are also covered. Understanding these threats are paramount in order to properly secure the system. Anderson notes from years of personal experience that many security systems are designed solely to keep the good guys out without thinking of the bad guys. There are two mistakes with this approach -- it only solves a smart part of the problem, and more importantly, the bad guys do not follow the rules. Bruce Schneier likens this approach to security as putting a pole in front of your house and hoping the attacker runs into the pole. The reality is that the adversary will simply go around the pole.

While many of the chapter topics may sound unexciting, Anderson has a wonderful writing style and at times reads almost like a Tom Clancy thriller with its details of military command and control systems and other similar topics. Anyone responsible for information security should read Security Engineering.

Rating:
Summary: Five stars not enough
Review: Five stars for Ross Anderson's Security Engineering are just not enough - you have to read the book to understand what I mean. I won't repeat what other reviewers here on amazon.com have said; instead I'd say that the author is THE security expert. His amazingly broad and in-depth security expertise and good writing style resulted in a book which is not only comprehensive and detailed, but also interesting to read. You can be an expert in one, two, well, three (out of 10) domains of information security, but it seems the author is equally at home when writing about all 10 domains. I wish I was his student!

Edgar Danielyan

Rating:
Summary: Wonderful
Review: I firmly agree with the positive Amazon reviews by Chen, Oestreich, and Bjergstrom. Beyond that, I would add that the chapter on cryptography adds many things that Schneier's Applied Cryptography does not, like differential analysis and S box design -- and he explains them with wonderful clarity (some typographical hiccups notwithstanding).

Rating:
Summary: Number one in its class.
Review: I usually buy only network security books. However, I felt tempted by the high ratings and bought this book. Well, the more I read it the more I like it. Well written, comprehensive and up to date, it is a sort of rich jumping table for finding additional information about the issues it already covers. Part two and three, are wonderful complements for people interested in 'traditional computer security'. I believe that any security administrator should be familiar with the issues discussed in those parts.
I specially enjoyed the Multilevel Security and Multilateral Security chapters.
Full of references, the book is well worth to have a place between your 'special books'. I plan to use it as a reference in my next security courses (for graduate students).

Rating:
Summary: excellent
Review: I've been doing security (mostly cryptography) for many years. I'm confident that this book's 41 pages of crypto information will prove far more valuable to the average security person than Schneier's 750+. The whole book is similar, with a great deal of good information packed into a modest amount of space, yet entertaining and fun to read.

Rating:
Summary: Comprehensive, current, and stunningly good
Review: It is about time that this book has been written!

Ross Anderson has a unique perspective to offer. He explains complex information, such as the inner working of cryptographic functions, with a clear and precise manner, while at the same time always relating the content to the real world. He possess a rare combination of expertise in theory and experience in practice.

This book covers everything from security of ATM machines, to secure printing; from multi-level security to information warfare; from hardware security to e-commerce; from legal issues to intellectual property protection; from biometrics to tamper resistance. In short, Anderson's book basically covers the entire field of computer security. It is also refreshing that the book is as deep as it is broad.

I will use this book to teach and also to learn. It is a good read cover to cover, and I imagine it will make a fine textbook for many classes on computer security. Every chapter ends with suggestions for interesting research problems and further reading.

As I was reading this book, I kept asking myself how one person could have produced such a comprehensive and complete book. It is indeed a treasure.

Rating:
Summary: Excellent substantive content but please leave out politics.
Review: Mr. Anderson is a first rate, major league expert in his field and this comes across in the substantive, technical content of his writing. However his professional dissertation is diminished by the anti American invective of his (supposed) anecdotes. If you are a US citizen that has been indoctrinated to blame America first or just someone that dislikes America - you will find Mr. Anderson's anecdotes to be entertaining, even amusing. If you are not anti American, Mr. Anderson's anecdotes only clutter and distract from the text. This book is a great technical source. If Anderson would keep his political bias to himself, I would not hesitate to give his book a 5 star rating.

Rating:
Summary: If you buy only one security book this season...
Review: Ross Anderson's research group at Cambridge University is one of the best known in the computer security community, regularly winning best paper awards at the most prestigious conferences.

Knowledge from years of the group's research and Ross' personal experience is all distilled into a work that is very broad and accessible. Don't let the "engineering" in the title scare you - most of this book can be read by just about anyone and should be read by those studying corporate security or security policy. Not that cutting edge researches won't find it informative - for them the plethora of references alone are worth the price of the book.

--Stuart Schechter
Harvard University

Rating:
Summary: One of the most definitive security books ever!
Review: Security Engineering is clearly one of the most definitive security books ever!

Ross Anderson writes on nearly every major security topic in great depth and with vast insight.

Rating:
Summary: A good read?
Review: Surprisingly, that's exactly what this book is, even for those who aren't in the field. Some good boy-toy stuff, not too complicated if you want to read it that way. It's also a brilliant and comprehensive introduction to the subject, a higher-level course included, and a good reference too - buy it, don't borrow it, it's worth keeping around.
The descriptions of the techniques used to break security precautions - TV smart cards, banknotes, ATM's, cloning phones etc etc are enthralling, and you can see that he had a great time doing it - though it's not a how-to, more a description of the mistakes the designers of these systems have made.
There is a lot more, in fact almost everything, here. Web security, nuclear security, biometrics, tamper restance, emission security, telecom security, law, it's all here. It has the same place, completeness, and authority as Bruce Schneier's Applied Cryptography has in it's field, ie it is THE book if you're interested in the subject. And as I said, it's also a great read.