The Iot Architect's Guide to Attainable Security and Privacy: The Iot Architect's Guide to Attainable

Fagbemi, Damilare D., Wheeler, David, Wheeler, Jc

  • 出版商: Auerbach Publication
  • 出版日期: 2023-03-29
  • 售價: $2,150
  • 貴賓價: 9.5$2,043
  • 語言: 英文
  • 頁數: 330
  • 裝訂: Quality Paper - also called trade paper
  • ISBN: 1032475234
  • ISBN-13: 9781032475233
  • 相關分類: 物聯網 IoT資訊安全
  • 海外代購書籍(需單獨結帳)

相關主題

商品描述

This book describes how to architect and design Internet of Things (loT) solutions that provide end-to-end security and privacy at scale. It is unique in its detailed coverage of threat analysis, protocol analysis, secure design principles, intelligent loT's impact on privacy, and the effect of usability on security. The book also unveils the impact of digital currency and the dark web on the loT-security economy. It's both informative and entertaining.

"Filled with practical and relevant examples based on years of experience ... with lively discussions and storytelling related to loT security design flaws and architectural issues."-- Dr. James F. Ransome, Senior Director of Security Development Lifecycle (SOL) Engineering, Intel

'There is an absolute treasure trove of information within this book that will benefit anyone, not just the engineering community. This book has earned a permanent spot on my office bookshelf."-- Erv Comer, Fellow of Engineering, Office of Chief Architect Zebra Technologies

'The importance of this work goes well beyond the engineer and architect. The IoT Architect's Guide to Attainable Security & Privacy is a crucial resource for every executive who delivers connected products to the market or uses connected products to run their business."-- Kurt Lee, VP Sales and Strategic Alliances at PWNIE Express

"If we collectively fail to follow the advice described here regarding loT security and Privacy, we will continue to add to our mounting pile of exploitable computing devices. The attackers are having a field day. Read this book, now."-- Brook S.E. Schoenfield, Director of Advisory Services at IOActive, previously Master Security Architect at McAfee, and author of Securing Systems

商品描述(中文翻譯)

本書描述了如何在規模上提供端到端安全和隱私的物聯網(IoT)解決方案的架構和設計。它在威脅分析、協議分析、安全設計原則、智能物聯網對隱私的影響以及可用性對安全的影響方面具有獨特的詳細覆蓋。本書還揭示了數字貨幣和暗網對物聯網安全經濟的影響。它既具有信息性又具有娛樂性。

"這本書充滿了基於多年經驗的實用和相關的例子...並且有關於物聯網安全設計缺陷和架構問題的生動討論和故事講述。" - James F. Ransome 博士,英特爾安全開發生命周期(SOL)工程高級總監

"這本書中有一個絕對的寶藏,將使任何人受益,不僅僅是工程界。這本書已經在我的辦公室書架上永久占據了一個位置。" - Erv Comer,Zebra Technologies首席架構師辦公室工程研究員

"這項工作的重要性遠不止於工程師和架構師。《物聯網架構師的可實現安全與隱私指南》是每個將連接產品交付市場或使用連接產品運營業務的執行人員的關鍵資源。" - Kurt Lee,PWNIE Express銷售和戰略聯盟副總裁

"如果我們在物聯網安全和隱私方面未能共同遵循這裡描述的建議,我們將繼續增加我們可利用的計算設備堆積。攻擊者正大肆擴張。立即閱讀這本書。" - Brook S.E. Schoenfield,IOActive咨詢服務主任,曾任McAfee的主要安全架構師,並撰寫了《保護系統》一書。

作者簡介

David M. Wheeler, CISSP, CSSLP, GSLC, GREM, is a Senior Principal Engineer in the Platform Security Division of the Architecture Graphics and Software group at Intel Corporation and has thirty years' experience in software, security, and networking for both commercial and government systems. In his current role, Dave is responsible for the research and development of new cryptographic algorithms and protocols, several security APIs, and libraries across Intel including for IoT platforms. He performs security reviews for both Intel's IoT and cryptographic implementations and represents Intel at the IETF.
Within the Internet of Things, Dave has contributed to Intel's Software-Defined Industrial Systems architecture and Intel's Internet of Things group's Health Application Platform. Prior to Intel, Dave held various lead software and systems architecture positions at Motorola, Honeywell Bull, General Dynamics, as well as his own firm. Dave has designed and built several hardware security engines, including a Type-2 security coprocessor for a software-defined radio, and the Intel Wireless Trust Module--a hardware cryptographic coprocessor on the Intel XScale processor. He has implemented several cryptographic libraries and protocol layers, including an IPSec-type implementation for an SDR radio; header compression protocol layers for IP, TCP, and UDP over multicast; a connectionless network layer protocol; two-factor authentication verification over RADIUS for a firewall VPN; PPP for serial; an instant messaging protocol over Bluetooth; and many others. of Intel's Internet of Things to make Intel's products and software projects secure.
Blog: http: //crypto-corner.typepad.com
Twitter: @dmwheel1
LinkedIn: https: //www.linkedin.com/in/davidmwheeler/

Damilare D. Fagbemi CISSP, GXPN, had what might be considered the best possible introduction to the field of information security. An innovative software system that he built, the first of its kind in Nigeria at the time, was hacked minutes before a highly publicized deployment. After that, needless to say, Damilare got interested in information security fairly quickly. He began learning about the security of data and networks, then took and passed the CISSP. Considering his background in software development, he wondered where the intersection might be between the vast disciplines of software and security. A few years later, in Ireland, he stumbled upon a job advertisement for product security engineering. Th e rest as they say, is history.
Since then, Damilare has had the opportunities to serve as an engineer, architect, and technical leader at high-tech firms such as Intel Corporation and McAfee LLC, in the United States and Ireland. In those roles, he has had the pleasure of working with talented product teams to architect and build secure Internet of Things (IoT), web, and mobile solutions. As part of Intel's innovation in Smart Cities, he designed an IoT solution for Intelligent Transportation and contributed to the architecture of an artificial intelligence (AI)-powered platform for rapid decision making at the IoT edge. Damilare leads the Libraries Product Security Expert Center in Intel's Architecture Graphics and Software group, where he has enjoyed creating and leading a cross-organizational and cross-located security engineering team. He has taught security architecture and design across three continents--North America, Africa, and Europe--and served as Chapter leader of the Open Web Application Security Project (OWASP) in Nigeria. He is also a former co-founder of a software development company, with clients spanning private and government sectors.
Blog: https: //tech.edgeofus.com
Twitter: @damilarefagbemi
LinkedIn: https: //www.linkedin.com/in/damilarefagbemi/

JC Wheeler began her career at US West Cellular analyzing analog network traffic and contributing to the rollout of one of the first commercial CDMA infrastructures in the nation, where she helped design the metrics and tools for CDMA traffic analysis. She then moved to Motorola to design cellular and satellite network protocols, authentication, crypto key management, and end-user features. She began consulting at General Dynamics in 2005, where she designed and integrated VoIP, header compression, multicast communications protocols, over-the-air provisioning, and IPSec variants for both MANET and satellite SDR waveforms. Th e small business she co-owned won a DoD SBIR and was a semifinalist in Th e Arizona Innovation Challenge for its smartphone secure framework; it was also a Navy Phase 2 SBIR subcontractor, building an AI engine to troubleshoot MANET radio configurations. JC is now retired and enjoys researching new technologies and macroeconomic trends.

作者簡介(中文翻譯)

David M. Wheeler, CISSP, CSSLP, GSLC, GREM,是英特爾公司架構圖形和軟體組的平台安全部門的高級主任工程師,擁有三十年的軟體、安全和網路方面的商業和政府系統經驗。在他目前的職位上,Dave負責研究和開發新的加密算法和協議,以及英特爾各個平台(包括物聯網平台)的多個安全API和庫。他對英特爾的物聯網和加密實現進行安全審查,並代表英特爾參與IETF。在物聯網領域,Dave為英特爾的軟體定義工業系統架構和物聯網健康應用平台做出了貢獻。在加入英特爾之前,Dave曾在Motorola、Honeywell Bull、General Dynamics以及自己的公司擔任過各種領導軟體和系統架構職位。Dave設計和建造了幾個硬體安全引擎,包括一個用於軟體定義無線電的Type-2安全協處理器,以及英特爾XScale處理器上的硬體加密協處理器-英特爾無線信任模組。他實現了幾個加密庫和協議層,包括用於SDR無線電的IPSec類型實現、用於多播的IP、TCP和UDP的標頭壓縮協議層、無連接網路層協議、用於防火牆VPN的RADIUS的雙因素身份驗證驗證、串行的PPP、藍牙的即時通訊協議等等。他在英特爾的物聯網項目中致力於使英特爾的產品和軟體項目更加安全。

Damilare D. Fagbemi CISSP, GXPN,在資訊安全領域有著可能被認為是最好的入門方式。他建立的一個創新軟體系統,在尼日利亞當時的一次高度宣傳的部署前幾分鐘被駭客攻擊。毫不意外地,Damilare迅速對資訊安全產生了興趣。他開始學習有關數據和網路安全,然後參加並通過了CISSP考試。考慮到他在軟體開發方面的背景,他想知道軟體和安全這兩個廣泛領域之間的交集在哪裡。幾年後,在愛爾蘭,他偶然看到了一個產品安全工程的工作廣告。如他們所說,其餘的就是歷史了。

從那時起,Damilare有機會在美國和愛爾蘭的英特爾公司和McAfee LLC擔任工程師、架構師和技術領導者。在這些角色中,他有幸與優秀的產品團隊合作,設計和構建安全的物聯網(IoT)、網頁和移動解決方案。作為英特爾在智慧城市方面的創新,他設計了一個用於智能交通的物聯網解決方案,並為物聯網邊緣快速決策的人工智能(AI)平台的架構做出了貢獻。Damilare在英特爾的架構圖形和軟體組中領導了庫產品安全專家中心,他喜歡創建和領導一個跨組織和跨地點的安全工程團隊。他曾在北美、非洲和歐洲三大洲教授安全架構和設計,並擔任尼日利亞開放網路應用安全項目(OWASP)的分會負責人。他還是一家軟體開發公司的前聯合創始人,客戶遍及私營和政府部門。

JC Wheeler在美國西部蜂窩公司開始了她的職業生涯,分析類比網路流量並為其中一個最早的部署之一做出了貢獻。