Book description
Although most people don't give security much attention until their personal or business systems are attacked, this thought-provoking anthology demonstrates that digital security is not only worth thinking about, it's also a fascinating topic. Criminals succeed by exercising enormous creativity, and those defending against them must do the same.
Beautiful Security explores this challenging subject with insightful essays and analysis on topics that include:
- The underground economy for personal information: how it works, the relationships among criminals, and some of the new ways they pounce on their prey
- How social networking, cloud computing, and other popular trends help or hurt our online security
- How metrics, requirements gathering, design, and law can take security to a higher level
- The real, little-publicized history of PGP
This book includes contributions from:
- Peiter "Mudge" Zatko
- Jim Stickley
- Elizabeth Nichols
- Chenxi Wang
- Ed Bellis
- Ben Edelman
- Phil Zimmermann and Jon Callas
- Kathy Wang
- Mark Curphey
- John McManus
- James Routh
- Randy V. Sabett
- Anton Chuvakin
- Grant Geyer and Brian Dunphy
- Peter Wayner
- Michael Wood and Fernando Francisco
All royalties will be donated to the Internet Engineering Task Force (IETF).
Publisher resources
Table of contents
-
Beautiful Security
- SPECIAL OFFER: Upgrade this ebook with O’Reilly
- Preface
- 1. Psychological Security Traps
- 2. Wireless Networking: Fertile Ground for Social Engineering
- 3. Beautiful Security Metrics
- 4. The Underground Economy of Security Breaches
-
5. Beautiful Trade: Rethinking E-Commerce Security
- Deconstructing Commerce
- Weak Amelioration Attempts
-
E-Commerce Redone: A New Security Model
- Requirement 1: The Consumer Must Be Authenticated
- Requirement 2: The Merchant Must Be Authenticated
- Requirement 3: The Transaction Must Be Authorized
- Requirement 4: Authentication Data Should Not Be Shared Outside of Authenticator and Authenticated
- Requirement 5: The Process Must Not Rely Solely on Shared Secrets
- Requirement 6: Authentication Should Be Portable (Not Tied to Hardware or Protocols)
- Requirement 7: The Confidentiality and Integrity of Data and Transactions Must Be Maintained
- The New Model
- 6. Securing Online Advertising: Rustlers and Sheriffs in the New Wild West
- 7. The Evolution of PGP’s Web of Trust
- 8. Open Source Honeyclient: Proactive Detection of Client-Side Exploits
-
9. Tomorrow’s Security Cogs and Levers
- Cloud Computing and Web Services: The Single Machine Is Here
- Connecting People, Process, and Technology: The Potential for Business Process Management
- Social Networking: When People Start Communicating, Big Things Change
- Information Security Economics: Supercrunching and the New Rules of the Grid
- Platforms of the Long-Tail Variety: Why the Future Will Be Different for Us All
- Conclusion
- Acknowledgments
- 10. Security by Design
- 11. Forcing Firms to Focus: Is Secure Software in Your Future?
- 12. Oh No, Here Come the Infosecurity Lawyers!
- 13. Beautiful Log Handling
- 14. Incident Detection: Finding the Other 68%
- 15. Doing Real Work Without Real Data
- 16. Casting Spells: PC Security Theater
- A. Contributors
- Index
- About the Authors
- Colophon
- SPECIAL OFFER: Upgrade this ebook with O’Reilly
Product information
- Title: Beautiful Security
- Author(s):
- Release date: April 2009
- Publisher(s): O'Reilly Media, Inc.
- ISBN: 9780596555542
You might also like
book
Practical Cloud Security
With their rapidly changing architecture and API-driven automation, cloud platforms come with unique security challenges and …
book
Secure by Design
Secure by Design teaches developers how to use design to drive security in software development. This …
book
Foundations of Information Security
In this high-level survey of the information security field, best-selling author Jason Andress covers the basics …
book
Zero Trust Security: An Enterprise Guide
Understand how Zero Trust security can and should integrate into your organization. This book covers the …