What do you think?
Rate this book
Designing Secure Systems
Modern systems are an intertwined mesh of human process, physical security, and technology. Attackers are aware of this, commonly leveraging a weakness in one form of security to gain control over an otherwise protected operation. To expose these weaknesses, we need a single unified model that can be used to describe all aspects of the system on equal terms.
Designing Secure Systems takes a theory-based approach to concepts underlying all forms of systems – from padlocks, to phishing, to enterprise software architecture. We discuss how weakness in one part of a system creates vulnerability in another, all the while applying standards and frameworks used in the cybersecurity world. Our to analyze the security of the entire system – including people, processes, and technology – using a single model.
We begin by describing the core concepts of access, authorization, authentication, and exploitation. We then break authorization down into five interrelated components and describe how these aspects apply to physical, human process, and cybersecurity. Lastly, we discuss how to operate a secure system based on the NIST Cybersecurity Framework (CSF) concepts of "identify, protect, detect, respond, and recover."
Other topics covered in this book include the NIST National Vulnerability Database (NVD), MITRE Common Vulnerability Scoring System (CVSS), Microsoft’s Security Development Lifecycle (SDL), and the MITRE ATT&CK Framework.
Designing Secure Systems takes a theory-based approach to concepts underlying all forms of systems – from padlocks, to phishing, to enterprise software architecture. We discuss how weakness in one part of a system creates vulnerability in another, all the while applying standards and frameworks used in the cybersecurity world. Our to analyze the security of the entire system – including people, processes, and technology – using a single model.
We begin by describing the core concepts of access, authorization, authentication, and exploitation. We then break authorization down into five interrelated components and describe how these aspects apply to physical, human process, and cybersecurity. Lastly, we discuss how to operate a secure system based on the NIST Cybersecurity Framework (CSF) concepts of "identify, protect, detect, respond, and recover."
Other topics covered in this book include the NIST National Vulnerability Database (NVD), MITRE Common Vulnerability Scoring System (CVSS), Microsoft’s Security Development Lifecycle (SDL), and the MITRE ATT&CK Framework.
220 pages, Kindle Edition
Published September 27, 2021
2 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 of 1 review
June 29, 2025
This is an intermediate level look at designing secure computer systems. Its chief strength is that the author constantly provides both "technological" and "physical-world" examples of each concept he is explaining. This certainly helps the non-technical reader visualize and understand the more difficult concepts. The first half of the book covers five major concepts involved in a secure system design. The second half of the book looks at how these concepts interact in the protection process through an identify-protect-detect-respond-recover framework. Perhaps the best chapter for the lay reader goes through a series of examples from the movie Oceans 11. There is a LOT of terminology that gets covered, so my only recommendation for improvement would be to include a glossary of terms at the back of the book. All in all, a good primer in this area.
Displaying 1 of 1 review