| Description |
1 online resource (xxx, 493 pages) : illustrations |
| Series |
Addison-Wesley professional computing series |
|
Addison-Wesley professional computing series.
|
| Contents |
It's All about the Software -- Dealing with Widespread Security Failures -- Bugtraq -- CERT Advisories -- RISKS Digest -- Technical Trends Affecting Software Security -- The 'ilities -- What Is Security? -- Isn't That Just Reliability? -- Penetrate and Patch Is Bad -- On Art and Engineering -- Security Goals -- Prevention -- Traceability and Auditing -- Monitoring -- Privacy and Confidentiality -- Multilevel Security -- Anonymity -- Authentication -- Integrity -- Know Your Enemy: Common Software Security Pitfalls -- Software Project Goals -- Managing Software Security Risk -- An Overview of Software Risk Management for Security -- The Role of Security Personnel -- Software Security Personnel in the Life Cycle -- Deriving Requirements -- Risk Assessment -- Design for Security -- Implementation -- Security Testing -- A Dose of Reality -- Getting People to Think about Security -- Software Risk Management in Practice -- When Development Goes Astray -- When Security Analysis Goes Astray -- The Common Criteria -- Selecting Technologies -- Choosing a Language -- Choosing a Distributed Object Platform -- CORBA -- DCOM -- EJB and RMI -- Choosing an Operating System -- Authentication Technologies -- Host-Based Authentication -- Physical Tokens -- Biometric Authentication -- Cryptographic Authentication -- Defense in Depth and Authentication -- On Open Source and Closed Source -- Security by Obscurity -- Reverse Engineering -- Code Obfuscation -- Security for Shrink-Wrapped Software -- Security by Obscurity Is No Panacea |
| Summary |
"Building Secure Software cuts to the heart of computer security to help you get security right the first time. If you are serious about computer security, you need to read this book, which includes essential lessons for both security professionals who have come to realize that software is the problem, and software developers who intend to make their code behave. Written for anyone involved in software development and use--from managers to coders--this book is your first step toward building more secure software. Building Secure Software provides expert perspectives and techniques to help you ensure the security of essential software. If you consider threats and vulnerabilities early in the development cycle you can build security into your system. With this book you will learn how to determine an acceptable level of risk, develop security tests, and plug security holes before software is even shipped"--Resource description page |
| Bibliography |
Includes bibliographical references and index |
| Notes |
Master and use copy. Digital master created according to Benchmark for Faithful Digital Reproductions of Monographs and Serials, Version 1. Digital Library Federation, December 2002. http://purl.oclc.org/DLF/benchrepro0212 MiAaHDL |
|
Print version record |
|
digitized 2010 HathiTrust Digital Library committed to preserve pda MiAaHDL |
| Subject |
Computer software -- Development.
|
|
Computer security
|
|
System design.
|
|
Computer Security
|
|
Computer software -- Development.
|
|
Computer security.
|
|
System design.
|
|
Programmation informatique.
|
|
Logiciels.
|
|
Sécurité informatique.
|
|
Computersicherheit
|
|
Datenverarbeitung
|
|
Computer security
|
|
Segurança de computadores.
|
|
Computer software -- Development
|
|
Segurança de software.
|
|
System design
|
|
Gestão da segurança em sistemas computacionais.
|
|
Computer security.
|
|
Computer software -- Development.
|
|
System design.
|
| Form |
Electronic book
|
| Author |
McGraw, Gary, 1966-
|
| LC no. |
2001046055 |
| ISBN |
9780672334092 |
|
0672334097 |
|
020172152X |
|
9780201721522 |
|
9780321624000 |
|
0321624009 |
|
9780672334061 |
|
0672334062 |
|
9781282680838 |
|
1282680838 |
|
9788131744635 |
|
8131744639 |
|
