Security Engineering
| Title: | Security Engineering |
| ISBN: | 0-471-38922-6 |
| Author: | Ross Anderson |
| Publisher: | John Wiley & Sons |
Comprehensive overview of system security.
Few books can boast a glowing endorsement from Bruce Schneier, but the back cover of Anderson's book prominently features a favourable judgement from the security guru; "If you're even thinking of doing any security engineering, you need to read this book."
It's difficult to improve on this summary. This is probably the most comprehensive summary of security problems in print today. In effect it is the distillation of Ross Anderson's years of experience and study into a coherent text.
Security Engineering covers all aspects of the problem of systems security, from the technical to the human. Protection mechanisms ranging from the physical (secure printing) to the mathematical (cryptography) are described. Management issues are covered. It is well thought out and written to be accessible to those who do not specialise in security topics. The writing style is crisp and engaging, with interesting examples illustrating the points as they are made.
All that said, there are some minor detractions. Some topics are covered at speed and may need re-reading several times. Some explanations are more lucid than others. However, it is clearly possible to supplement the explanations with selected readings from the enormous bibliography and in general the text is easy to read and even entertaining.
In summary, this book is excellent, both as a reference text and as a primer for engineers of all disciplines who have security as a concern.
Graham Bleach, October 2003