Engineering Security

Engineering Security

This book is an overview of how security actually works in practice, and details the success and failures of security implementations. It also focuses on usability, and the different mental models of security between end users and cryptographers.

Publication date: 01 Apr 2014

ISBN-10: n/a

ISBN-13: n/a

Paperback: 814 pages

Views: 11,645

Type: Book

Publisher: n/a

License: n/a

Post time: 28 Jun 2016 02:00:00

Engineering Security

Engineering Security This book is an overview of how security actually works in practice, and details the success and failures of security implementations. It also focuses on usability, and the different mental models of security between end users and cryptographers.
Tag(s): Computer Security Information Security
Publication date: 01 Apr 2014
ISBN-10: n/a
ISBN-13: n/a
Paperback: 814 pages
Views: 11,645
Document Type: Book
Publisher: n/a
License: n/a
Post time: 28 Jun 2016 02:00:00
From the Introduction:
Peter Gutmann wrote:As an industry, we’ve been trying to build secure systems for many decades now, particularly in the last fifteen years or so as a combination of the penetration of the Internet into everyday life and the increasing use of computerised devices and systems has enabled attacks at a scope and scale never before possible. In all of that time, we’ve gathered quite a bit of insight into what works and what doesn’t. Like Ross Anderson’s excellent book Security Engineering, this book talks about all of the things that conventional security books usually don’t: Stories of problems with secure (or, to be more accurate, allegedly secure) systems that turned out to be not so secure when they were exposed to attack. 

It also devotes quite a bit of space to discussing why some mechanisms and systems that have been proposed as solutions to various problems don’t actually solve them, and in some cases don’t really solve any problem at all (to use a phrase that comes up several times in this book, they don’t defend against anything that attackers are doing).




About The Author(s)


Peter Gutmann is a computer scientist in the Department of Computer Science at the University of Auckland, New Zealand. His research interests cover the design and analysis of security systems and security usability, including the application of concepts from cognitive psychology to understanding how users interact with security systems, and whatever else happens to catch his interest.

Peter Gutmann

Peter Gutmann is a computer scientist in the Department of Computer Science at the University of Auckland, New Zealand. His research interests cover the design and analysis of security systems and security usability, including the application of concepts from cognitive psychology to understanding how users interact with security systems, and whatever else happens to catch his interest.


Book Categories
Sponsors