10 PART III CHAPTER 26: Surveillance or Privacy? 26.1 Introduction 26.2 Surveillance 26.3 Terrorism 26.4 Censorship 26.5 Forensics and rules of evidence 26.6 Privacy and data protection 26.7 Freedom of information 26.8 Summary Research problems Further reading Notes CHAPTER 27: Secure Systems Development 27.1 Introduction 27.2 Risk management 27.3 Lessons from safety-critical systems 27.4 Prioritising protection goals 27.5 Methodology 27.6 Managing the team 27.7 Summary Research problems Further reading Notes CHAPTER 28: Assurance and Sustainability 28.1 Introduction 28.2 Evaluation 28.3 Metrics and dynamics of dependability 28.4 The entanglement of safety and security 28.5 Sustainability 28.6 Summary Research problems Further reading Notes CHAPTER 29: Beyond “Computer Says No”
11 Bibliography
12 Index
List of Illustrations
1 Chapter 1Figure 1.1: – Security Engineering Analysis Framework
2 Chapter 2Figure 2.1: Muscular – the slide
3 Chapter 4Figure 4.1: Password generator useFigure 4.2: The MIG-in-the middle attackFigure 4.3: The Mafia-in-the-middle attack
4 Chapter 5Figure 5.1: Monoalphabetic substitution cipherFigure 5.9: The random oracle