In this book the author presents ten key laws governing information security. He addresses topics such as attacks, vulnerabilities, threats, designing security, identifying key IP assets, authentication, and social engineering. The informal style draws on his experience in the area of video protection and DRM, while the text is supplemented with introductions to the core formal technical ideas. It will be of interest to professionals and researchers engaged with information security.
Presents key laws governing information security
Valuable insights for professionals and researchers engaged with information security
Draws on author’s considerable practical business experience in content security at Sony Pictures Entertainment and at Technicolor (Thomson)
I hope that you will enjoy this book. Would you have any questions, or would you like more information, do not hesitate to contact me at this address.
Availability
The book is published by Springer and is available. It can be purchased here.
The book’s flyer is available here.
Table of Content
Foreword by David Naccache
Introduction
Law 1 – Attackers will always find their way
- Examples
- Analysis
- Take away
- Summary
Law 2 – Know the Assets to Protect
Law 3 – No security through obscurity
Law 4 – Trust No One
Law 5 – Si Vis Pacem, Para Bellum
Law 6 – Security is no stronger than its weakest link
Law 7 – You are the Weakest Link
Law 8 – If you watch the Internet, the Internet is watching you
Law 9 – Quis custodient ipsos custodes?
Law 10 – Security is not a product, security is a process
Conclusions
Abbreviations – Acronyms
References
Appendix A: A short introduction to cryptography
- Asymmetric Cryptography
- Hash functions
Appendix B: Other ten (or more) laws of security
- Microsoft
- Building secure software
- What hackers don’t want you to know