Security Engineering — The Book
‘I'm incredibly
impressed that one person could produce such a thorough
coverage. Moreover, you make the stuff easy and enjoyable to read. I
find it just as entertaining — and far more useful —
than novels (and my normal science fiction). When I first got it in
the mail, I said to myself "I'm never going to read all of that." But
once I started reading I just kept going and going. Fantastic: well
done. Now, let's hope that all those in charge of security for
information technology will also read the book and heed the lessons.’
Don Norman
‘The book that you MUST READ
RIGHT NOW is the second edition of Ross Anderson's Security Engineering book.
Ross did a complete pass on his classic tome and somehow made it even
better...’
Gary
McGraw
‘It's beautiful. This is the best book on the topic there
is’
Bruce Schneier
All chapters from
the second edition now available free online!
When I wrote the first edition, we put the chapters online free after four years
and found that this boosted sales of the paper edition. People would find a
useful chapter online and then buy the book to have it as a reference. Wiley and
I agreed to do the same with the second edition, and now, four years after
publication, I am putting all the chapters online for free. Enjoy them –
and I hope you'll buy the paper version to have as a conveient shelf reference:
Here are the errata for the
second edition, and here's a page of notes and links
concerning relevant topics that I've come across since publication.
Supplementary materials: If you're a college professor
thinking of using my book in class, note that we use my book in three courses
at Cambridge:
I hope you find these useful. You're welcome to use and adapt any of my slides
if you wish under this Creative Commons
license. Also, if you're an instructor at an accredited institution, you can
request an evaluation copy via Wiley's
website.
The first edition (2001)
You can also download all of the first edition for free:
The foreword, preface and other front matter
- What is Security Engineering?
- Protocols
- Passwords
- Access Control
- Cryptography
- Distributed Systems
- Multilevel Security
- Multilateral Security
- Banking and Bookkeeping
- Monitoring Systems
- Nuclear Command and Control
- Security Printing and Seals
- Biometrics
- Physical Tamper Resistance
- Emission Security
- Electronic and Information Warfare
- Telecom System Security
- Network Attack and Defense
- Protecting E-Commerce Systems
- Copyright and Privacy Protection
- E-Policy
- Management Issues
- System Evaluation and Assurance
- Conclusions
- Bibliography
Finally, here's a single
pdf of the whole book. It's 17Mb, but a number of people asked me for it.
My goal in making the first edition freely
available five years after publication was twofold. First, I wanted to
reach the widest possible audience, especially among poor students. Second, I
am a pragmatic libertarian on free culture and free software issues; I think
that many publishers (especially of music and software) are too defensive of
copyright. (My colleague David MacKay found that putting his book on coding
theory online actually helped its sales. Book publishers are getting the
message faster than the music or software folks.) I expect to put the whole
second edition online too in a few years.
If you own the first edition of my book, I hope you liked it enough to
upgrade to the second edition. I also have online errata for the first edition
here.
Following enquiries from blind students, Jose
C. Lacal has contributed these MP3 files of the first edition:
preface,
chapter 1,
chapter 2,
chapter 3,
chapter 4,
chapter 6, and
chapter 7.
Where to buy the second edition
There are reviews of
the first edition, which was translated into Japanese, Chinese
and Polish.
Return to Ross Anderson's home
page
