In this second part of the book, I describe a large number of applications of secure systems, many of which introduce particular protection concepts or technologies.

There are three broad themes. Chapters 8-10 look at conventional computer security issues, and by discussing what one is trying to do and how it's done in different environments — the military, banks and healthcare — we introduce security policy models which set out the protection concepts that real systems try to implement. We introduce our first detailed case studies. An example is the worldwide network of automatic teller machines, which illustrates many of the problems of transferring familiar protection properties from a bank branch to a global distributed environment using cryptography.

Chapters 10-18 look at the hardware and system engineering aspects of information security. This includes biometrics, the design of various tokens such as smartcards, and the whole panoply of hardware security mechanisms from physical locks through chip-level tamper-resistance and emission security to security printing and seals. New applications that illustrate the technologies are described, ranging from electronic warfare and nuclear weapon control through burglar alarms, truck speed limiters and prepayment gas meters. We end up with a chapter on the security of application programming interfaces, where hardware and software security meet.

The third theme is attacks on networks, and on highly-networked systems. ...