Building secure software : how to avoid security problems the right way / John Viega, Gary McGraw ; foreword by Bruce Schneier.
By: Viega, John [author]
Contributor(s): McGraw, Gary [author] | Schneier, Bruce [writer of preface]
Material type: 
TextLanguage: İngilizce Series: Addison-Wesley professional computing seriesPublisher: Boston : Addison-Wesley, [2002]Copyright date: ©2002Description: xxx, 493 pages : illustrations ; 24 cmContent type: text Media type: unmediated Carrier type: volumeISBN: 020172152X; 9780201721522; 0321774957; 9780321774958Subject(s): Computer software -- Development | System design | Computer securityAdditional physical formats: Online version:: Building secure software.; Online version:: Building secure software.LOC classification: QA76.76.D47 | V857 2002| Item type | Current location | Home library | Collection | Call number | Status | Notes | Date due | Barcode |
|---|---|---|---|---|---|---|---|---|
Book
|
Merkez Kütüphane Genel Koleksiyon / Main Collection | Merkez Kütüphane | Genel Koleksiyon | QA76.76.D47 V857 2002 (Browse shelf) | Available | Donated by Kemal Bıçakcı | 0060328 |
It's All about the Software -- Dealing with Widespread Security Failures -- Bugtraq -- CERT Advisories -- RISKS Digest -- Technical Trends Affecting Software Security -- The 'ilities -- What Is Security? -- Isn't That Just Reliability? -- Penetrate and Patch Is Bad -- On Art and Engineering -- Security Goals -- Prevention -- Traceability and Auditing -- Monitoring -- Privacy and Confidentiality -- Multilevel Security -- Anonymity -- Authentication -- Integrity -- Know Your Enemy: Common Software Security Pitfalls -- Software Project Goals -- Managing Software Security Risk -- An Overview of Software Risk Management for Security -- The Role of Security Personnel -- Software Security Personnel in the Life Cycle -- Deriving Requirements -- Risk Assessment -- Design for Security -- Implementation -- Security Testing -- A Dose of Reality -- Getting People to Think about Security -- Software Risk Management in Practice -- When Development Goes Astray -- When Security Analysis Goes Astray -- The Common Criteria -- Selecting Technologies -- Choosing a Language -- Choosing a Distributed Object Platform -- CORBA -- DCOM -- EJB and RMI -- Choosing an Operating System -- Authentication Technologies -- Host-Based Authentication -- Physical Tokens -- Biometric Authentication -- Cryptographic Authentication -- Defense in Depth and Authentication -- On Open Source and Closed Source -- Security by Obscurity -- Reverse Engineering -- Code Obfuscation -- Security for Shrink-Wrapped Software -- Security by Obscurity Is No Panacea
Donated by Kemal Bıçakcı
There are no comments for this item.