Security Engineering

Author: Ross Anderson

Publisher: John Wiley & Sons

ISBN: 1119642787

Category: Computers

Page: 1232

View: 2422


Now that there’s software in everything, how can you make anything secure? Understand how to engineer dependable systems with this newly updated classic In Security Engineering: A Guide to Building Dependable Distributed Systems, Third Edition Cambridge University professor Ross Anderson updates his classic textbook and teaches readers how to design, implement, and test systems to withstand both error and attack. This book became a best-seller in 2001 and helped establish the discipline of security engineering. By the second edition in 2008, underground dark markets had let the bad guys specialize and scale up; attacks were increasingly on users rather than on technology. The book repeated its success by showing how security engineers can focus on usability. Now the third edition brings it up to date for 2020. As people now go online from phones more than laptops, most servers are in the cloud, online advertising drives the Internet and social networks have taken over much human interaction, many patterns of crime and abuse are the same, but the methods have evolved. Ross Anderson explores what security engineering means in 2020, including: How the basic elements of cryptography, protocols, and access control translate to the new world of phones, cloud services, social media and the Internet of Things Who the attackers are – from nation states and business competitors through criminal gangs to stalkers and playground bullies What they do – from phishing and carding through SIM swapping and software exploits to DDoS and fake news Security psychology, from privacy through ease-of-use to deception The economics of security and dependability – why companies build vulnerable systems and governments look the other way How dozens of industries went online – well or badly How to manage security and safety engineering in a world of agile development – from reliability engineering to DevSecOps The third edition of Security Engineering ends with a grand challenge: sustainable security. As we build ever more software and connectivity into safety-critical durable goods like cars and medical devices, how do we design systems we can maintain and defend for decades? Or will everything in the world need monthly software upgrades, and become unsafe once they stop?

Building Dependable Distributed Systems

Author: Wenbing Zhao

Publisher: John Wiley & Sons

ISBN: 1118912632

Category: Computers

Page: 368

View: 2980


This book covers the most essential techniques for designing and building dependable distributed systems. Instead of covering a broad range of research works for each dependability strategy, the book focuses only a selected few (usually the most seminal works, the most practical approaches, or the first publication of each approach) are included and explained in depth, usually with a comprehensive set of examples. The goal is to dissect each technique thoroughly so that readers who are not familiar with dependable distributed computing can actually grasp the technique after studying the book. The book contains eight chapters. The first chapter introduces the basic concepts and terminologies of dependable distributed computing, and also provide an overview of the primary means for achieving dependability. The second chapter describes in detail the checkpointing and logging mechanisms, which are the most commonly used means to achieve limited degree of fault tolerance. Such mechanisms also serve as the foundation for more sophisticated dependability solutions. Chapter three covers the works on recovery-oriented computing, which focus on the practical techniques that reduce the fault detection and recovery times for Internet-based applications. Chapter four outlines the replication techniques for data and service fault tolerance. This chapter also pays particular attention to optimistic replication and the CAP theorem. Chapter five explains a few seminal works on group communication systems. Chapter six introduces the distributed consensus problem and covers a number of Paxos family algorithms in depth. Chapter seven introduces the Byzantine generals problem and its latest solutions, including the seminal Practical Byzantine Fault Tolerance (PBFT) algorithm and a number of its derivatives. The final chapter covers the latest research results on application-aware Byzantine fault tolerance, which is an important step forward towards practical use of Byzantine fault tolerance techniques.

Security Engineering

Author: Ross J. Anderson

Publisher: John Wiley & Sons

ISBN: 1118008367

Category: Computers

Page: 1088

View: 3319


The world has changed radically since the first edition of this book was published in 2001. Spammers, virus writers, phishermen, money launderers, and spies now trade busily with each other in a lively online criminal economy and as they specialize, they get better. In this indispensable, fully updated guide, Ross Anderson reveals how to build systems that stay dependable whether faced with error or malice. Here's straight talk on critical topics such as technical engineering basics, types of attack, specialized protection mechanisms, security psychology, policy, and more.

Building an Effective Security Program for Distributed Energy Resources and Systems

Author: Mariana Hentea

Publisher: John Wiley & Sons

ISBN: 1119070422

Category: Science

Page: 608

View: 400


Building an Effective Security Program for Distributed Energy Resources and Systems Build a critical and effective security program for DERs Building an Effective Security Program for Distributed Energy Resources and Systems requires a unified approach to establishing a critical security program for DER systems and Smart Grid applications. The methodology provided integrates systems security engineering principles, techniques, standards, and best practices. This publication introduces engineers on the design, implementation, and maintenance of a security program for distributed energy resources (DERs), smart grid, and industrial control systems. It provides security professionals with understanding the specific requirements of industrial control systems and real-time constrained applications for power systems. This book: Describes the cybersecurity needs for DERs and power grid as critical infrastructure Introduces the information security principles to assess and manage the security and privacy risks of the emerging Smart Grid technologies Outlines the functions of the security program as well as the scope and differences between traditional IT system security requirements and those required for industrial control systems such as SCADA systems Offers a full array of resources— cybersecurity concepts, frameworks, and emerging trends Security Professionals and Engineers can use Building an Effective Security Program for Distributed Energy Resources and Systems as a reliable resource that is dedicated to the essential topic of security for distributed energy resources and power grids. They will find standards, guidelines, and recommendations from standards organizations, such as ISO, IEC, NIST, IEEE, ENISA, ISA, ISACA, and ISF, conveniently included for reference within chapters.

Service Availability

Author: Miroslaw Malek,Edgar Nett,Neeraj Suri

Publisher: Springer

ISBN: 3540320180

Category: Computers

Page: 216

View: 3869


This book constitutes the thoroughly refereed post-proceedings of the Second International Service Availability Symposium, ISAS 2005, held in Berlin, Germany in April 2005. The 15 revised full papers presented together with a keynote talk were carefully selected for inclusion in the book. The papers are organized in topical sections on data and computation availability, specifying, modeling and verifying service availability, high-availability by service-oriented architectures, modeling and composition, and verification and availability assessment.

Developing Secure Distributed Systems with CORBA

Author: Ulrich Lang,Rudolf Schreiner

Publisher: Artech House

ISBN: 1580532950

Category: Computers

Page: 311

View: 5931


This new book is a clearly written, well structured guide to building secure distributed applications with CORBA. It helps securing CORBA applications, integrating security infrastructure with CORBA applications, and evaluating the security effectiveness of distributed applications. You get a comprehensive study of the CORBA security architecture, providing you with a better understanding of its goals and limitations. It serves as your complete reference for understanding security in distributed systems.

Blockchain and the Law

Author: Dariusz Szostek

Publisher: Nomos Verlag

ISBN: 3845298294

Category: Law

Page: 160

View: 8202


Der Band analysiert die neue Blockchain- und Distributed-Ledger-Technologie (DLT) sowie das Bitcoin-System im Hinblick auf ihre Auswirkungen auf Recht, Vertragsgestaltung und digitale Wirtschaft. Aus einer internationalen und europäischen Perspektive geschrieben, hilft es juristischen Praktikern, aber auch Unternehmern, IT-Spezialisten, Entwicklern und IT-Managern beim Verständnis und der Gestaltung von DLT- und Blockchain-Technologien. Aus dem Inhalt Chapter I Blockchains and DLT in the digital economy Chapter II Blockchains, DLT – basic terms Chapter III Blockchains in finance Chapter IV Durable media with blockchain technology Chapter V "Smart Contracts" Chapter VI The future of blockchain solutions in legal regulations (an initiated discussion).

Advances in Network and Distributed Systems Security

Author: Bart De Decker,Frank Piessens,Jan Smits,Els Van Herreweghen

Publisher: Springer

ISBN: 0306469588

Category: Computers

Page: 208

View: 9847


The more our society relies on electronic forms of communication, the more the security of these communication networks is essential for its well-functioning. Topics in this volume include developments in: security protocols; secure software engineering; and mobile agent security.

Advanced Methodologies and Technologies in System Security, Information Privacy, and Forensics

Author: Khosrow-Pour, D.B.A., Mehdi

Publisher: IGI Global

ISBN: 152257493X

Category: Computers

Page: 417

View: 3836


Cyber-attacks are rapidly becoming one of the most prevalent issues globally, and as they continue to escalate, it is imperative to explore new approaches and technologies that help ensure the security of the online community. Beyond cyber-attacks, personal information is now routinely and exclusively housed in cloud-based systems. The rising use of information technologies requires stronger information security and system procedures to reduce the risk of information breaches. Advanced Methodologies and Technologies in System Security, Information Privacy, and Forensics presents emerging research and methods on preventing information breaches and further securing system networks. While highlighting the rising concerns in information privacy and system security, this book explores the cutting-edge methods combatting digital risks and cyber threats. This book is an important resource for information technology professionals, cybercrime researchers, network analysts, government agencies, business professionals, academicians, and practitioners seeking the most up-to-date information and methodologies on cybercrime, digital terrorism, network security, and information technology ethics.