Home Page Icon
Home Page
Table of Contents for
End User License Agreement
Close
End User License Agreement
by
Security Engineering, 3rd Edition
Cover
Title Page
Preface to the Third Edition
Preface to the Second Edition
Preface to the First Edition
For my daughter, and other lawyers…
Foreword
PART I
CHAPTER 1: What Is Security Engineering?
1.1 Introduction
1.2 A framework
1.3 Example 1 – a bank
1.4 Example 2 – a military base
1.5 Example 3 – a hospital
1.6 Example 4 – the home
1.7 Definitions
1.8 Summary
Note
CHAPTER 2: Who Is the Opponent?
2.1 Introduction
2.2 Spies
2.3 Crooks
2.4 Geeks
2.5 The swamp
2.6 Summary
Research problems
Further reading
Notes
CHAPTER 3: Psychology and Usability
3.1 Introduction
3.2 Insights from psychology research
3.3 Deception in practice
3.4 Passwords
3.5 CAPTCHAs
3.6 Summary
Research problems
Further reading
Notes
CHAPTER 4: Protocols
4.1 Introduction
4.2 Password eavesdropping risks
4.3 Who goes there? – simple authentication
4.4 Manipulating the message
4.5 Changing the environment
4.6 Chosen protocol attacks
4.7 Managing encryption keys
4.8 Design assurance
4.9 Summary
Research problems
Further reading
Notes
CHAPTER 5: Cryptography
5.1 Introduction
5.2 Historical background
5.3 Security models
5.4 Symmetric crypto algorithms
5.5 Modes of operation
5.6 Hash functions
5.7 Asymmetric crypto primitives
5.8 Summary
Research problems
Further reading
Notes
CHAPTER 6: Access Control
6.1 Introduction
6.2 Operating system access controls
6.3 Hardware protection
6.4 What goes wrong
6.5 Summary
Research problems
Further reading
Notes
CHAPTER 7: Distributed Systems
7.1 Introduction
7.2 Concurrency
7.3 Fault tolerance and failure recovery
7.4 Naming
7.5 Summary
Research problems
Further reading
Notes
CHAPTER 8: Economics
8.1 Introduction
8.2 Classical economics
8.3 Information economics
8.4 Game theory
8.5 Auction theory
8.6 The economics of security and dependability
8.7 Summary
Research problems
Further reading
Notes
PART II
CHAPTER 9: Multilevel Security
9.1 Introduction
9.2 What is a security policy model?
9.3 Multilevel security policy
9.4 Historical examples of MLS systems
9.5 MAC: from MLS to IFC and integrity
9.6 What goes wrong
9.7 Summary
Research problems
Further reading
Notes
CHAPTER 10: Boundaries
10.1 Introduction
10.2 Compartmentation and the lattice model
10.3 Privacy for tigers
10.4 Health record privacy
10.5 Summary
Research problems
Further reading
Notes
CHAPTER 11: Inference Control
11.1 Introduction
11.2 The early history of inference control
11.3 Differential privacy
11.4 Mind the gap?
11.5 Summary
Research problems
Further reading
Notes
CHAPTER 12: Banking and Bookkeeping
12.1 Introduction
12.2 Bookkeeping systems
12.3 Interbank payment systems
12.4 Automatic teller machines
12.5 Credit cards
12.6 EMV payment cards
12.7 Online banking
12.8 Nonbank payments
12.9 Summary
Research problems
Further reading
Notes
CHAPTER 13: Locks and Alarms
13.1 Introduction
13.2 Threats and barriers
13.3 Alarms
13.4 Summary
Research problems
Further reading
Notes
CHAPTER 14: Monitoring and Metering
14.1 Introduction
14.2 Prepayment tokens
14.3 Taxi meters, tachographs and truck speed limiters
14.4 Curfew tags: GPS as policeman
14.5 Postage meters
14.6 Summary
Research problems
Further reading
Notes
CHAPTER 15: Nuclear Command and Control
15.1 Introduction
15.2 The evolution of command and control
15.3 Unconditionally secure authentication
15.4 Shared control schemes
15.5 Tamper resistance and PALs
15.6 Treaty verification
15.7 What goes wrong
15.8 Secrecy or openness?
15.9 Summary
Research problems
Further reading
Notes
CHAPTER 16: Security Printing and Seals
16.1 Introduction
16.2 History
16.3 Security printing
16.4 Packaging and seals
16.5 Systemic vulnerabilities
16.6 Evaluation methodology
16.7 Summary
Research problems
Further reading
CHAPTER 17: Biometrics
17.1 Introduction
17.2 Handwritten signatures
17.3 Face recognition
17.4 Fingerprints
17.5 Iris codes
17.6 Voice recognition and morphing
17.7 Other systems
17.8 What goes wrong
17.9 Summary
Research problems
Further reading
Notes
CHAPTER 18: Tamper Resistance
18.1 Introduction
18.2 History
18.3 Hardware security modules
18.4 Evaluation
18.5 Smartcards and other security chips
18.6 The residual risk
18.7 So what should one protect?
18.8 Summary
Research problems
Further reading
Notes
CHAPTER 19: Side Channels
19.1 Introduction
19.2 Emission security
19.3 Passive attacks
19.4 Attacks between and within computers
19.5 Environmental side channels
19.6 Social side channels
19.7 Summary
Research problems
Further reading
CHAPTER 20: Advanced Cryptographic Engineering
20.1 Introduction
20.2 Full-disk encryption
20.3 Signal
20.4 Tor
20.5 HSMs
20.6 Enclaves
20.7 Blockchains
20.8 Crypto dreams that failed
20.9 Summary
Research problems
Further reading
Notes
CHAPTER 21: Network Attack and Defence
21.1 Introduction
21.2 Network protocols and service denial
21.3 The malware menagerie – Trojans, worms and RATs
21.4 Defense against network attack
21.5 Cryptography: the ragged boundary
21.6 CAs and PKI
21.7 Topology
21.8 Summary
Research problems
Further reading
Notes
CHAPTER 22: Phones
22.1 Introduction
22.2 Attacks on phone networks
22.3 Going mobile
22.4 Platform security
22.5 Summary
Research problems
Further reading
Notes
CHAPTER 23: Electronic and Information Warfare
23.1 Introduction
23.2 Basics
23.3 Communications systems
23.4 Surveillance and target acquisition
23.5 IFF systems
23.6 Improvised explosive devices
23.7 Directed energy weapons
23.8 Information warfare
23.9 Summary
Research problems
Further reading
Note
CHAPTER 24: Copyright and DRM
24.1 Introduction
24.2 Copyright
24.3 DRM on general-purpose computers
24.4 Information hiding
24.5 Policy
24.6 Accessory control
24.7 Summary
Research problems
Further reading
Notes
CHAPTER 25: New Directions?
25.1 Introduction
25.2 Autonomous and remotely-piloted vehicles
25.3 AI / ML
25.4 PETS and operational security
25.5 Elections
25.6 Summary
Research problems
Further reading
Notes
PART III
CHAPTER 26: Surveillance or Privacy?
26.1 Introduction
26.2 Surveillance
26.3 Terrorism
26.4 Censorship
26.5 Forensics and rules of evidence
26.6 Privacy and data protection
26.7 Freedom of information
26.8 Summary
Research problems
Further reading
Notes
CHAPTER 27: Secure Systems Development
27.1 Introduction
27.2 Risk management
27.3 Lessons from safety-critical systems
27.4 Prioritising protection goals
27.5 Methodology
27.6 Managing the team
27.7 Summary
Research problems
Further reading
Notes
CHAPTER 28: Assurance and Sustainability
28.1 Introduction
28.2 Evaluation
28.3 Metrics and dynamics of dependability
28.4 The entanglement of safety and security
28.5 Sustainability
28.6 Summary
Research problems
Further reading
Notes
CHAPTER 29: Beyond “Computer Says No”
Bibliography
Index
End User License Agreement
Search in book...
Toggle Font Controls
Playlists
Add To
Create new playlist
Name your new playlist
Playlist description (optional)
Cancel
Create playlist
Sign In
Email address
Password
Forgot Password?
Create account
Login
or
Continue with Facebook
Continue with Google
Sign Up
Full Name
Email address
Confirm Email Address
Password
Login
Create account
or
Continue with Facebook
Continue with Google
Prev
Previous Chapter
Security Engineering, 3rd Edition
WILEY END USER LICENSE AGREEMENT
Go to
www.wiley.com/go/eula
to access Wiley’s ebook EULA.
Add Highlight
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click
here
login for view all page.
Day Mode
Cloud Mode
Night Mode
Reset