Security Engineering: A Guide to Building Dependable Distributed Systems, 2nd Edition
by Ross J. Anderson
Reviewed by Ross Oliver, April 17, 2013
This weighty tome claims in its subtitle to be "A Guide to Building Dependable Distributed Systems." However, very little of its 1,000+ pages could be considered guiding. What is covered are superficial descriptions of a huge range of technologies and techniques, ranging from nuclear command an control to vehicle speed governors to cryptographic hash functions. The book was last updated in 2008, so many of the technology related topics are already dated. The author also doesn't attempt to anticipate future changes, and does not address topics that could have reasonably been foreseen in 2008, such as the growth of mobile devices and cloud services.
The material is far more descriptive than prescriptive. The author does not use these descriptions to provide direction or guiding principles for readers who are implementing or building new systems. Drawing conclusions and applying the information to future designs is left to the reader.
The book does provide a large amount of reference and historical material. The 1,300+ entries in the bibliography include references to books, papers, and web site documenting many key security events and topics.