相關主題
商品描述
A value-packed two-book set that combines the best of engineering dependable and secure software systems with the best in-depth look at physical lock security and insecurity
In Security Engineering: A Guide to Building Dependable Distributed Systems, Third Edition Cambridge University professor Ross Anderson updates his classic textbook and teaches readers how to design, implement, and test systems to withstand both error and attack.
Now the third edition brings it up to date for 2020. As people now go online from phones more than laptops, most servers are in the cloud, online advertising drives the Internet and social networks have taken over much human interaction, many patterns of crime and abuse are the same, but the methods have evolved. Ross Anderson explores what security engineering means in 2020, including:
- How the basic elements of cryptography, protocols, and access control translate to the new world of phones, cloud services, social media and the Internet of Things
- Who the attackers are - from nation states and business competitors through criminal gangs to stalkers and playground bullies
- Security psychology, from privacy through ease-of-use to deception
- The economics of security and dependability - why companies build vulnerable systems and governments look the other way
- How to manage security and safety engineering in a world of agile development - from reliability engineering to DevSecOps
The third edition of Security Engineering ends with a grand challenge: sustainable security. As we build ever more software and connectivity into safety-critical durable goods like cars and medical devices, how do we design systems we can maintain and defend for decades? Or will everything in the world need monthly software upgrades, and become unsafe once they stop?
In Tobias on Locks and Insecurity Engineering, renowned investigative attorney and physical security expert Marc Weber Tobias delivers a comprehensive and insightful exploration of how locks are designed, built, and -- ultimately -- defeated by criminals, spies, hackers, and even lockpickers. In the book, you'll discover the myriad ways that security experts and bad actors have compromised physical locks using everything from the newest 3D printers to 99-cent ballpoint pens.
The book explores the origins of different lock designs and the mistakes that design engineers make when they create new locks. It explains the countless ways that locks remain at risk for attack.
The author explains the latest lock designs and technology, as well as how to assess whether a specific solution will work for you depending on your individual security requirements and use case. You'll also find ways to differentiate between fatally flawed locks and solid, secure options as well as examinations of lock security from the perspectives of forced entry, covert entry, and key-control.
Together these two books are the perfect guides for security and information technology professionals, design engineers, risk managers, law enforcement personnel, intelligence agents, regulators, policymakers, investigators, lawyers, and more.
商品描述(中文翻譯)
一套充滿價值的雙書組合,結合了工程可靠且安全的軟體系統的最佳實踐,以及對物理鎖安全與不安全的深入探討。
在《Security Engineering: A Guide to Building Dependable Distributed Systems, Third Edition》中,劍橋大學教授 Ross Anderson 更新了他的經典教科書,教導讀者如何設計、實施和測試系統,以抵禦錯誤和攻擊。
現在第三版已更新至2020年。隨著人們現在更常使用手機上網而非筆記型電腦,大多數伺服器都在雲端,網路廣告驅動著互聯網,而社交網路則主導了人類互動的許多方面,許多犯罪和濫用的模式依然相同,但方法已經演變。Ross Anderson 探討了2020年安全工程的意義,包括:
- 密碼學、協議和存取控制的基本元素如何轉化為手機、雲端服務、社交媒體和物聯網的新世界
- 攻擊者是誰——從國家、商業競爭者到犯罪團夥、跟蹤者和操場霸凌者
- 安全心理學,從隱私到易用性再到欺騙
- 安全性和可靠性的經濟學——為什麼公司會建造脆弱的系統,而政府卻視而不見
- 如何在敏捷開發的世界中管理安全和安全工程——從可靠性工程到 DevSecOps
《Security Engineering》第三版以一個宏大的挑戰作結:可持續安全。隨著我們在汽車和醫療設備等安全關鍵耐用商品中不斷增加軟體和連接性,我們如何設計可以維護和防禦數十年的系統?還是世界上的一切都需要每月進行軟體升級,並在停止後變得不安全?
在《Tobias on Locks and Insecurity Engineering》中,著名的調查律師和物理安全專家 Marc Weber Tobias 提供了一個全面而深刻的探索,講述鎖的設計、建造,以及最終如何被罪犯、間諜、駭客甚至開鎖者攻破。在這本書中,您將發現安全專家和壞人如何利用從最新的3D印表機到99美分的圓珠筆等各種方式來破壞物理鎖。
這本書探討了不同鎖設計的起源以及設計工程師在創建新鎖時所犯的錯誤。它解釋了鎖在攻擊中面臨風險的無數方式。
作者解釋了最新的鎖設計和技術,以及如何根據您的個人安全需求和使用案例評估特定解決方案是否適合您。您還將找到區分致命缺陷鎖和堅固安全選項的方法,以及從強行進入、隱蔽進入和鑰匙控制的角度檢視鎖安全的內容。
這兩本書共同成為安全和資訊技術專業人士、設計工程師、風險管理者、執法人員、情報人員、監管者、政策制定者、調查員、律師等的完美指南。
作者簡介
ROSS ANDERSON is Professor of Security Engineering at Cambridge University in England. He is widely recognized as one of the world's foremost authorities on security. In 2015 he won the Lovelace Medal, Britain's top award in computing. He is a Fellow of the Royal Society and the Royal Academy of Engineering. He is one of the pioneers of the economics of information security, peer-to-peer systems, API analysis and hardware security. Over the past 40 years, he has also worked or consulted for most of the tech majors.
MARC WEBER TOBIAS is an investigative attorney and physical security/communications expert. For the past forty years, he has worked investigations, both criminal and civil, first for government agencies and then private corporate clients. He also works for many of the major lock manufacturers in the world and runs a team that figures out how to compromise these locks in seconds, then fix them. His story was pretty much summed up by Wired Magazine who dubbed him the "Keymaster".
作者簡介(中文翻譯)
ROSS ANDERSON 是英國劍橋大學的安全工程教授。他被廣泛認為是全球最重要的安全專家之一。2015年,他獲得了英國計算機領域的最高獎項——洛夫萊斯獎章。他是皇家學會和皇家工程院的院士。他是資訊安全經濟學、點對點系統、API 分析和硬體安全的先驅之一。在過去的40年中,他也為大多數科技巨頭工作或提供諮詢。
MARC WEBER TOBIAS 是一位調查律師及物理安全/通訊專家。在過去的四十年中,他從事刑事和民事調查,最初為政府機構工作,後來為私人企業客戶服務。他還為世界上許多主要的鎖具製造商工作,並領導一個團隊,研究如何在幾秒鐘內破解這些鎖,然後修復它們。他的故事幾乎被《Wired Magazine》總結為「鎖匠」。
