skip to content
Secure software design Preview this item
ClosePreview this item
Checking...

Secure software design

Author: Theodor Richardson; Charles Thies
Publisher: Burlington, MA : Jones & Bartlett Learning, ©2013.
Edition/Format:   Print book : EnglishView all editions and formats
Rating:

(not yet rated) 0 with reviews - Be the first.

Subjects
More like this

 

Find a copy in the library

&AllPage.SpinnerRetrieving; Finding libraries that hold this item...

Details

Document Type: Book
All Authors / Contributors: Theodor Richardson; Charles Thies
ISBN: 9781449626327 1449626327
OCLC Number: 755699386
Description: xix, 407 pages : illustrations ; 24 cm
Contents: Machine generated contents note: ch. 1 Introduction --
1.1. World Turned Upside Down --
1.2. Lingo --
1.3. Usual Suspects --
1.4. Many Hats of Hackers --
1.5. Tools of the Trade --
1.5.1. CIA Triad --
1.5.2. Cryptography --
1.5.3. Public Key Cryptography --
1.5.4. Integrity --
1.5.5. Availability --
1.6. Fighting Fire --
1.6.1. Prevention --
1.6.2. Avoidance --
1.6.3. Detection --
1.6.4. Recovery --
1.7. Changing the Design --
1.8. Red vs. Blue --
1.9. Shape of Things --
1.10. Chapter Summary --
1.11. Chapter Exercise --
1.12. Business Application --
1.13. Key Concepts and Terms --
1.14. Assessment --
1.15. Critical Thinking --
1.16. Graduate Focus --
1.17. Bibliography --
ch. 2 Current and Emerging Threats --
2.1. Human Factor --
2.2. Network --
2.3. Operating System Environment --
2.4. Data Management --
2.5. Data-Centric Threats --
2.6. Chapter Summary --
2.7. Chapter Exercise --
2.8. Business Application --
2.9. Key Concepts and Terms --
2.10. Assessment --
2.11. Critical Thinking --
2.12. Graduate Focus --
2.13. Bibliography --
ch. 3 Network Environment --
3.1. Introducing Eve --
3.2. Science of Secrecy --
3.2.1. Cryptography in the Wartime Era --
3.2.2. National Standard --
3.2.3. Advent of Public Key Cryptography --
3.2.4. Quest for Perfect Secrecy --
3.3. Eve Unleashed --
3.4. Malicious Modifications and Insidious Insertions --
3.5. Play It Again, Eve --
3.6. Eve in the Middle --
3.7. Making the Connection --
3.8. Roll Up the Welcome Mat --
3.9. Why in What and How --
3.10. Chapter Summary --
3.11. Chapter Exercise --
3.12. Business Application --
3.13. Key Concepts and Terms --
3.14. Assessment --
3.15. Critical Thinking --
3.16. Graduate Focus --
3.17. Bibliography --
ch. 4 Operating System Environment --
4.1. What Is Operating System Security? --
4.2. Common Operating Systems --
4.3. Operating System Threats --
4.4. Operating System Defense Tactics --
4.4.1. Mac OS X Snow Leopard --
4.4.2. Linux --
4.4.3. Windows 7 --
4.5. Auditing and Monitoring --
4.6. Backup and Redundancy --
4.7. Remote Access Security --
4.8. Virtualization --
4.9. Chapter Summary --
4.10. Chapter Exercise --
4.11. Business Application --
4.12. Key Concepts and Terms --
4.13. Assessment --
4.14. Critical Thinking --
4.15. Graduate Focus --
4.16. Bibliography --
ch. 5 Database Environment --
5.1. Database Fundamentals --
5.2. Conceptual Design --
5.3. Logical Design --
5.3.1. Database Normalization --
5.3.2. First Normal Form --
5.3.3. Second Normal Form --
5.3.4. Third Normal Form --
5.4. Physical Design --
5.4.1. Introduction to SQL --
5.4.2. Using the CREATE TABLE Command to Develop a New Table --
5.4.3. Modifying a Table --
5.5. User Interface --
5.6. Web Applications and the Internet --
5.7. Chapter Summary --
5.8. Chapter Exercise --
5.9. Business Application --
5.10. Key Concepts and Terms --
5.11. Assessment --
5.12. Critical Thinking --
5.13. Graduate Focus --
5.14. Bibliography --
ch. 6 Programming Languages --
6.1. Language Barriers --
6.2. Buffer Bashing --
6.3. Good Input --
6.4. Good Output --
6.5. Inherent Inheritance and Overdoing Overloads --
6.6. Threatdown --
6.7. Deployment Issues --
6.8. Chapter Summary --
6.9. Chapter Exercise --
6.10. Business Application --
6.11. Key Concepts and Terms --
6.12. Assessment --
6.13. Critical Thinking --
6.14. Graduate Focus --
6.15. Bibliography --
ch. 7 Security Requirements Planning --
7.1. You, Me, and the SDLC --
7.2. Establishing Stakeholders --
7.3. Gathering Requirements --
7.4. Functional and Nonfunctional Security --
7.5. Establishing Scope --
7.6. Chapter Summary --
7.7. Chapter Exercise --
7.8. Business Application --
7.9. Key Concepts and Terms --
7.10. Assessment --
7.11. Critical Thinking --
7.12. Graduate Focus --
7.13. Bibliography --
ch. 8 Vulnerability Mapping --
8.1. Use Case Construction and Extension --
8.2. Managing Misuse --
8.3. Off the Map --
8.4. Sequence Diagrams and Class Analysis --
8.5. Data Planning --
8.6. Knowing Your Boundaries --
8.7. Examining Communication, Activity, and State Diagrams --
8.8. Vulnerability Mapping --
8.9. Complete Business System Specifications --
8.10. Chapter Summary --
8.11. Chapter Exercise --
8.12. Business Application --
8.13. Key Concepts and Terms --
8.14. Assessment --
8.15. Critical Thinking --
8.16. Graduate Focus --
8.17. Bibliography --
ch. 9 Development and Implementation --
9.1. Architecture Decision --
9.1.1. Monolithic --
9.1.2. 2-Tier --
9.1.3. 3-Tier --
9.1.4. N-Tier --
9.1.5. Distributed Computing --
9.2. Software Sources --
9.3. Watch Your Language --
9.4. Class Security Analysis --
9.5. Procedural Security --
9.6. Modular Mayhem --
9.7. Life of Data --
9.8. Attack Surface Reduction --
9.9. Document, Document, Document --
9.10. Chapter Summary --
9.11. Chapter Exercise --
9.12. Business Application --
9.13. Key Concepts and Terms --
9.14. Assessment --
9.15. Critical Thinking --
9.16. Graduate Focus --
9.17. Bibliography --
ch. 10 Application Review and Testing --
10.1. Static Analysis --
10.2. Dynamic Analysis --
10.3. Casing the Joint --
10.4. Takedown --
10.5. Never Stop at One --
10.6. Hardening the System --
10.7. Chapter Summary --
10.8. Chapter Exercise --
10.9. Business Application --
10.10. Key Concepts and Terms --
10.11. Assessment --
10.12. Critical Thinking --
10.13. Graduate Focus --
10.14. Bibliography --
ch. 11 Incorporating SSD with the SDLC --
11.1. Incident Response Plan --
11.2. Final Security Review --
11.3. Into the Wild --
11.4. Review and React --
11.4.1. Evolving Attacks --
11.4.2. Periodic Review and Archiving --
11.4.3. Secure System Retirement --
11.5. Culture of Security --
11.6. Integration Tools --
11.7. Chapter Summary --
11.8. Chapter Exercise --
11.9. Business Application --
11.10. Key Concepts and Terms --
11.11. Assessment --
11.12. Critical Thinking --
11.13. Graduate Focus --
11.14. Bibliography --
ch. 12 Personnel Training --
12.1. Information Security Audience --
12.2. Organization's Culture in the Web 2.0 Era --
12.3. Information Assurance Curriculum Content --
12.4. Security Training Delivery Methods --
12.5. Implementing a Training Solution --
12.5.1. Step 1: Identify the Program Scope, Goals, and Objectives --
12.5.2. Step 2: Identify Training Staff --
12.5.3. Step 3: Identify Target Audience --
12.5.4. Step 4: Motivate Management and Employees --
12.5.5. Step 5: Administer the Program --
12.5.6. Step 6: Maintain the Program --
12.5.7. Step 7: Evaluate the Program --
12.6. Enforcing Computer Policy and Computer Crime Investigations --
12.7. Chapter Summary --
12.8. Chapter Exercise --
12.9. Business Application --
12.10. Key Concepts and Terms --
12.11. Assessment --
12.12. Critical Thinking --
12.13. Graduate Focus --
12.14. Bibliography --
ch. 13 Culture of Security --
13.1. Confidentiality, Integrity, and Availability --
13.2. Driving the Development Process with Consistency --
13.3. Secure Software Design-Legal Environment --
13.4. Security Policy in the Organization --
13.5. Enforcing Security Policy --
13.6. Chapter Summary --
13.7. Chapter Exercise --
13.8. Business Application --
13.9. Key Concepts and Terms --
13.10. Assessment --
13.11. Critical Thinking --
13.12. Graduate Focus --
13.13. Bibliography --
ch. 14 Web Application Threats --
14.1. Client at Risk --
14.2. Biggest Threats to Web Applications --
14.3. JavaScript and AJAX --
14.4. Adobe Flash --
14.5. ActiveX --
14.6. Simplify, Restrict, and Scrub --
14.7. Chapter Summary --
14.8. Chapter Exercise --
14.9. Business Application --
14.10. Key Concepts and Terms --
14.11. Assessment --
14.12. Critical Thinking --
14.13. Graduate Focus --
14.14. Bibliography --
ch. 15 Secure Data Management --
15.1. Modern Threats to Database Security --
15.2. Managing Roles and Access --
15.2.1. Removing a User from the Database --
15.2.2. Authentication --
15.2.3. Encryption --
15.2.4. Database Views --
15.3. Database Auditing --
15.4. Database Backup and Recovery Strategy --
15.5. Data in the Cloud Environment --
15.6. Chapter Summary --
15.7. Chapter Exercise --
15.8. Business Application --
15.9. Key Concepts and Terms --
15.10. Assessment --
15.11. Critical Thinking --
15.12. Graduate Focus --
15.13. Bibliography --
ch. 16 Zero Day and Beyond --
16.1. Prediction Through Penetration Testing --
16.2. Insider Threat and Beyond --
16.3. Mitigation to Defend Against the Unknown --
16.4. Organization Incident Response --
16.5. Business Continuity Plan --
16.6. Becoming and Staying Proactive --
16.7. Chapter Summary --
16.8. Chapter Exercise --
16.9. Business Application --
16.10. Key Concepts and Terms --
16.11. Assessment --
16.12. Critical Thinking --
16.13. Graduate Focus --
16.14. Bibliography.
Responsibility: Theodor Richardson, Charles N. Thies.

Reviews

User-contributed reviews
Retrieving GoodReads reviews...
Retrieving DOGObooks reviews...

Tags

Be the first.

Similar Items

Related Subjects:(4)

User lists with this item (2)

Confirm this request

You may have already requested this item. Please select Ok if you would like to proceed with this request anyway.

Linked Data


Primary Entity

<http://www.worldcat.org/oclc/755699386> # Secure software design
    a schema:Book, schema:CreativeWork ;
   library:oclcnum "755699386" ;
   library:placeOfPublication <http://experiment.worldcat.org/entity/work/data/1102234112#Place/burlington_ma> ; # Burlington, MA
   library:placeOfPublication <http://id.loc.gov/vocabulary/countries/mau> ;
   schema:about <http://dewey.info/class/005.8/e23/> ;
   schema:about <http://id.worldcat.org/fast/872537> ; # Computer software--Development
   schema:about <http://experiment.worldcat.org/entity/work/data/1102234112#Topic/softwareentwicklung> ; # Softwareentwicklung
   schema:about <http://id.worldcat.org/fast/872484> ; # Computer security
   schema:about <http://experiment.worldcat.org/entity/work/data/1102234112#Topic/computersicherheit> ; # Computersicherheit
   schema:about <http://id.loc.gov/authorities/subjects/sh85029535> ; # Computer software--Development
   schema:bookFormat bgn:PrintBook ;
   schema:contributor <http://viaf.org/viaf/186937354> ; # Charles Thies
   schema:copyrightYear "2013" ;
   schema:creator <http://viaf.org/viaf/186755883> ; # Theodor Richardson
   schema:datePublished "2013" ;
   schema:exampleOfWork <http://worldcat.org/entity/work/id/1102234112> ;
   schema:inLanguage "en" ;
   schema:name "Secure software design"@en ;
   schema:productID "755699386" ;
   schema:publication <http://www.worldcat.org/title/-/oclc/755699386#PublicationEvent/burlington_ma_jones_&_bartlett_learning_2013> ;
   schema:publisher <http://experiment.worldcat.org/entity/work/data/1102234112#Agent/jones_&_bartlett_learning> ; # Jones & Bartlett Learning
   schema:workExample <http://worldcat.org/isbn/9781449626327> ;
   wdrs:describedby <http://www.worldcat.org/title/-/oclc/755699386> ;
    .


Related Entities

<http://experiment.worldcat.org/entity/work/data/1102234112#Agent/jones_&_bartlett_learning> # Jones & Bartlett Learning
    a bgn:Agent ;
   schema:name "Jones & Bartlett Learning" ;
    .

<http://experiment.worldcat.org/entity/work/data/1102234112#Topic/softwareentwicklung> # Softwareentwicklung
    a schema:Intangible ;
   schema:name "Softwareentwicklung"@en ;
    .

<http://id.loc.gov/authorities/subjects/sh85029535> # Computer software--Development
    a schema:Intangible ;
   schema:name "Computer software--Development"@en ;
    .

<http://id.worldcat.org/fast/872484> # Computer security
    a schema:Intangible ;
   schema:name "Computer security"@en ;
    .

<http://id.worldcat.org/fast/872537> # Computer software--Development
    a schema:Intangible ;
   schema:name "Computer software--Development"@en ;
    .

<http://viaf.org/viaf/186755883> # Theodor Richardson
    a schema:Person ;
   schema:familyName "Richardson" ;
   schema:givenName "Theodor" ;
   schema:name "Theodor Richardson" ;
    .

<http://viaf.org/viaf/186937354> # Charles Thies
    a schema:Person ;
   schema:familyName "Thies" ;
   schema:givenName "Charles" ;
   schema:name "Charles Thies" ;
    .

<http://worldcat.org/isbn/9781449626327>
    a schema:ProductModel ;
   schema:isbn "1449626327" ;
   schema:isbn "9781449626327" ;
    .


Content-negotiable representations

Close Window

Please sign in to WorldCat 

Don't have an account? You can easily create a free account.