So while we are on a “free” kick … I’ve been meaning to write about this essential reference for any seasoned or up in coming security pro. “Security Engineering: A Guide to Building Dependable Distributed Systems” written by Ross Anderson of the University of Cambridge and published by Wiley has been one of the “goto” references for teaching security over the past decade. Although more academic than many of the modern-day security books out there, “Security Engineering” not only covers the basics of security but also some of the intricacies of building secure systems from the ground up.

A lot of people ask me how to get started in security and I can definitely recommend checking this book out … especially now since the 2nd edition is free for all. Apparently, Ross convinced Wiley that giving out books after several years actually boosts once stagnant sales of older titles.

When I wrote the first edition, we put the chapters online free after four years and found that this boosted sales of the paper edition. People would find a useful chapter online and then buy the book to have it as a reference. Wiley and I agreed to do the same with the second edition, and now, four years after publication, I am putting all the chapters online for free. Enjoy them – and I hope you’ll buy the paper version to have as a convenient shelf reference.

(Note: As part of a campaign to bring forward some of our older posts that we feel still benefit the community, we’ve added this article to our Best Of category that will periodically get tweeted out. Please mention it to me on Twitter or contact us if there are any other posts you feel we should include in this category. This post was previously categorized under Infosec Blogs/Podcasts. [email protected]grecs)

To get an idea about what “Security Engineering” is all about here is its table of contents.

Table of contents

Preface

Acknowledgements

Chapter 1: What is Security Engineering?

Chapter 2: Usability and Psychology

Chapter 3: Protocols

Chapter 4: Access Control

Chapter 5: Cryptography

Chapter 6: Distributed Systems

Chapter 7: Economics

Chapter 8: Multilevel Security

Chapter 9: Multilateral Security

Chapter 10: Banking and Bookkeeping

Chapter 11: Physical Protection

Chapter 12: Monitoring and Metering

Chapter 13: Nuclear Command and Control

Chapter 14: Security Printing and Seals

Chapter 15: Biometrics

Chapter 16: Physical Tamper Resistance

Chapter 17: Emission Security

Chapter 18: API Security

Chapter 19: Electronic and Information Warfare

Chapter 20: Telecom System Security

Chapter 21: Network Attack and Defence

Chapter 22: Copyright and DRM

Chapter 23: The Bleeding Edge

Chapter 24: Terror, Justice and Freedom

Chapter 25: Managing the Development of Secure Systems

Chapter 26: System Evaluation and Assurance

Chapter 27: Conclusions

Bibliography

Index

And for those “professors” among us, Ross also provides a detailed breakdown of how they used the book in three courses at the University of Cambridge … complete with course material and exam questions.

Update 4/4/13 6:00 PM: There’s been some of great discussion about this book on some of the different news sites. Here’s the Hacker News thread where commenters mentioned a few places to download the entire book as one PDF. A programming subreddit posting also points out several other download resources. And of course both threads contain some great insight into “Security Engineering’s” content.

#####

Have you used this book as part of a university class or self-study? Any thoughts? Let us know in the comments below. Today’s post pic is from the University of Cambridge. See ya!

Please Share > Twitter

Facebook

LinkedIn

Google

More

Reddit

Tumblr



Email

Print



