Designing Secure Software
McGraw-Hill Inc.,US (Verlag)
978-0-07-226391-6 (ISBN)
- Titel wird leider nicht erscheinen
- Artikel merken
Written by the bestselling authors of "19 Deadly Sins of Software Security", this book - which is platform independent - covers all the operating systems and programming languages. There are more than 24 million software developers worldwide. High-profile authors are frequent speakers at industry conferences such as RSA Security,Microsoft TechED, and Black Hat.
Michael Howard (CISSP) is the co-author of the best-selling title, Writing Secure Code, from MS Press, now in its second edition and 19 Deadly Sins of Software Security. He is the Senior Program Manager of the Secure Windows Initiative at Microsoft where he works on secure engineering discipline, process improvement and building software for humans to use. He works with hundreds of people both inside and outside the company each year to help them secure their applications. Michael is a prominent speaker at numerous conferences including Microsoft's TechEd and the PDC. He is also a co-author of Processes to Produce Secure Software published by the Dept. of Homeland Security, National Cyber Security. David LeBlanc, Ph.D, is Chief Software Architect for Webroot Software, was previously Security Architect in the Office group at Microsoft, and is the coauthor of the best-selling title, Writing Secure Code, now in its second edition and 19 Deadly Sins of Software Security. He has worked in the security field throughout his professional life, including working at Internet Security Systems where he was the primary engineer on ISS's award-winning security products. David serves on a number of external security-related advisory boards.
Section One: Chapter 1: Disaster By Design Chapter 2: Incorporating Security Into the Development Process Chapter 3: Security is a Requirement Section Two: Secure Design Principles Chatper 4: Open Design - Security By Obscurity Doesn't Work Chapter 5: Fail Safe Defaults- Allow Known Good Chapter 6: Least Privilege - Use Only What You Need Chapter 7: Economy of Mechanism - Keep it Simple Chapter 8: Separation of Privilege - Use Multiple Authentication Factors Chapter 9: Total Mediation - Check All Access Chapter 10: Least Common Mechanism - Minimize Shared Processes Chapter 11: Psychological Acceptability - The Human Factor Chapter 1:2 Use What's Available Chapter 13: Get Help Section Three: Secure Design Based on Threats Chapter 14: Threat Models Chapter 15: Authentication Chapter 16: Authorization Chapter 17: Integrity Chapter 18: Availability Chapter 19: Confidentiality Chapter 20: Non-Repudiation Services Section Four: Putting It All Together - Common Problems Chapter 21: Desktop Client Security Issues Chapter 22: Server Security Issues Chapter 23: Database Security Issues Chapter 24: Securing a Three-Tiered App
| Erscheint lt. Verlag | 16.3.2007 |
|---|---|
| Zusatzinfo | ill |
| Verlagsort | New York |
| Sprache | englisch |
| Themenwelt | Mathematik / Informatik ► Informatik ► Software Entwicklung |
| Informatik ► Theorie / Studium ► Kryptologie | |
| ISBN-10 | 0-07-226391-1 / 0072263911 |
| ISBN-13 | 978-0-07-226391-6 / 9780072263916 |
| Zustand | Neuware |
| Haben Sie eine Frage zum Produkt? |
aus dem Bereich
