Bild 1 von 11
Galerie
Bild 1 von 11
SEI Series in Software Engineering Ser.: Software Security Engineering : A Guide
US $5,00
Ca.EUR 4,31
Artikelzustand:
- Sofort-KaufenSEI Series in Software Engineering Ser.: Software Security Engineering : A Guide
Oops! Looks like we're having trouble connecting to our server.
Refresh your browser window to try again.
Abholung:
Kostenlose Abholung in 63109 Saint Louis, United States
Versand:
US $5,22 (ca. EUR 4,50) USPS Media MailTM.
Standort: Saint Louis, Missouri, USA
Lieferung:
Lieferung zwischen Fr, 12. Dez und Do, 18. Dez nach 94104 bei heutigem Zahlungseingang
Rücknahme:
Keine Rücknahme.
Zahlungen:
Sicher einkaufen
- Gratis Rückversand im Inland
- Punkte für jeden Kauf und Verkauf
- Exklusive Plus-Deals
Info zum Artikel
Der Verkäufer ist für dieses Angebot verantwortlich.
eBay-Artikelnr.:156264714245
Artikelmerkmale
- Artikelzustand
- ISBN
- 9780321509178
Über dieses Produkt
Product Identifiers
Publisher
Addison Wesley Professional
ISBN-10
032150917X
ISBN-13
9780321509178
eBay Product ID (ePID)
18038285538
Product Key Features
Number of Pages
368 Pages
Publication Name
Software Security Engineering : a Guide for Project Managers
Language
English
Publication Year
2008
Subject
Software Development & Engineering / General, Networking / Vendor Specific, Security / General, Security / Networking
Type
Textbook
Subject Area
Computers
Series
Sei Series in Software Engineering Ser.
Format
Trade Paperback
Dimensions
Item Height
0.9 in
Item Weight
22.4 Oz
Item Length
9.1 in
Item Width
7 in
Additional Product Features
Intended Audience
Scholarly & Professional
LCCN
2008-007000
Illustrated
Yes
Table Of Content
Foreword xi Preface xiii About the Authors xxiii Chapter 1: Why Is Security a Software Issue? 1 1.1 Introduction 1 1.2 The Problem 2 1.3 Software Assurance and Software Security 6 1.4 Threats to Software Security 9 1.5 Sources of Software Insecurity 11 1.6 The Benefits of Detecting Software Security Defects Early 13 1.7 Managing Secure Software Development 18 1.8 Summary 23 Chapter 2: What Makes Software Secure? 25 2.1 Introduction 25 2.2 Defining Properties of Secure Software 26 2.3 How to Influence the Security Properties of Software 36 2.4 How to Assert and Specify Desired Security Properties 61 2.5 Summary 71 Chapter 3: Requirements Engineering for Secure Software 73 3.1 Introduction 73 3.2 Misuse and Abuse Cases 78 3.3 The SQUARE Process Model 84 3.4 SQUARE Sample Outputs 91 3.5 Requirements Elicitation 99 3.6 Requirements Prioritization 106 3.7 Summary 112 Chapter 4: Secure Software Architecture and Design 115 4.1 Introduction 115 4.2 Software Security Practices for Architecture and Design: Architectural Risk Analysis 119 4.3 Software Security Knowledge for Architecture and Design: Security Principles, Security Guidelines, and Attack Patterns 137 4.4 Summary 148 Chapter 5: Considerations for Secure Coding and Testing 151 5.1 Introduction 151 5.2 Code Analysis 152 5.3 Coding Practices 160 5.4 Software Security Testing 163 5.5 Security Testing Considerations Throughout the SDLC 173 5.6 Summary 180 Chapter 6: Security and Complexity: System Assembly Challenges 183 6.1 Introduction 183 6.2 Security Failures 186 6.3 Functional and Attacker Perspectives for Security Analysis: Two Examples 189 6.4 System Complexity Drivers and Security 203 6.5 Deep Technical Problem Complexity 215 6.6 Summary 217 Chapter 7: Governance, and Managing for More Secure Software 221 7.1 Introduction 221 7.2 Governance and Security 223 7.3 Adopting an Enterprise Software Security Framework 226 7.4 How Much Security Is Enough? 236 7.5 Security and Project Management 244 7.6 Maturity of Practice 259 7.7 Summary 266 Chapter 8: Getting Started 267 8.1 Where to Begin 269 8.2 In Closing 281 Glossary 283 References 291 Build Security In Web Site References 311 Index 317
Synopsis
"This book's broad overview can help an organization choose a set of processes, policies, and techniques that are appropriate for its security maturity, risk tolerance, and development style. This book will help you understand how to incorporate practical security techniques into all phases of the development lifecycle." --Steve Riley, senior security strategist, Microsoft Corporation "There are books written on some of the topics addressed in this book, and there are other books on secure systems engineering. Few address the entire life cycle with a comprehensive overview and discussion of emerging trends and topics as well as this one." --Ronda Henning, senior scientist-software/security queen, Harris Corporation Software that is developed from the beginning with security in mind will resist, tolerate, and recover from attacks more effectively than would otherwise be possible. While there may be no silver bullet for security, there are practices that project managers will find beneficial. With this management guide, you can select from a number of sound practices likely to increase the security and dependability of your software, both during its development and subsequently in its operation. Software Security Engineering draws extensively on the systematic approach developed for the Build Security In (BSI) Web site. Sponsored by the Department of Homeland Security Software Assurance Program, the BSI site offers a host of tools, guidelines, rules, principles, and other resources to help project managers address security issues in every phase of the software development life cycle (SDLC). The book's expert authors, themselves frequent contributors to the BSI site, represent two well-known resources in the security world: the CERT Program at the Software Engineering Institute (SEI) and Cigital, Inc., a consulting firm specializing in software security. This book will help you understand why Software security is about more than just eliminating vulnerabilities and conducting penetration tests Network security mechanisms and IT infrastructure security services do not sufficiently protect application software from security risks Software security initiatives should follow a risk-management approach to identify priorities and to define what is "good enough"--understanding that software security risks will change throughout the SDLC Project managers and software engineers need to learn to think like an attacker in order to address the range of functions that software should not do, and how software can better resist, tolerate, and recover when under attack Chapter 1: Why Is Security a Software Issue? 1 1.1 Introduction 1 1.2 The Problem 2 1.3 Software Assurance and Software Security 6 1.4 Threats to Software Security 9 1.5 Sources of Software Insecurity 11 1.6 The Benefits of Detecting Software Security Defects Early 13 1.7 Managing Secure Software Development 18 1.8 Summary 23 Chapter 2: What Makes Software Secure? 25 2.1 Introduction 25 2.2 Defining Properties of Secure Software 26 2.3 How to Influence the Security Properties of Software 36 2.4 How to Assert and Specify Desired Security Properties 61 2.5 Summary 71 Chapter 3: Requirements Engineering for Secure Software 73 3.1 Introduction 73 3.2 Misuse and Abuse Cases 78 3.3 The SQUARE Process Model 84 3.4 SQUARE Sample Outputs 91 3.5 Requirements Elicitation 99 3.6 Requirements Prioritization 106 3.7 Summary 112 Chapter 4: Secure Software Architecture and Design 115 4.1 Introduction 115 4.2 Software Security Practices for Architecture and Design: Architectural Risk Analysis 119 4.3 Software Security Knowledge for Architecture and Design: Security Principles, Security Guideline, Providing readers with a set of sound practices they can selectively adopt to increase the security and dependability of software, both during its development and its operation, this guide draws extensively on the systematic approach developed for the Build Security In (BSI) Web site.
LC Classification Number
QA76.9.A25S654 2008
Artikelbeschreibung des Verkäufers
Info zu diesem Verkäufer
sports_n_more
87,5% positive Bewertungen•194 Artikel verkauft
Angemeldet als privater VerkäuferDaher finden verbraucherschützende Vorschriften, die sich aus dem EU-Verbraucherrecht ergeben, keine Anwendung. Der eBay-Käuferschutz gilt dennoch für die meisten Käufe. Mehr erfahrenMehr erfahren
Verkäuferbewertungen (83)
- i***e (321)- Bewertung vom Käufer.Letzte 6 MonateBestätigter KaufGreat seller AA++! Shipping was fact and the item was packaged nicely. The product was as described and well worth the money spent for the value? Will buy from this seller again.1991 Topps Baseball Factory Sealed Complete Set (792 Cards) (Nr. 157079356124)
- e***a (43110)- Bewertung vom Käufer.Letzte 6 MonateBestätigter KaufGreat Transaction, Thanks1992 Topps Baseball Sealed Complete Factory Set 792 Cards + 10 Topps Gold (Nr. 157079400272)
- w***a (483)- Bewertung vom Käufer.Letztes JahrBestätigter KaufHey Folks!!! EXCELLENT E-SELLER HERE !!!!! Thanks Much,,,CLE.,Canon PG-245XL/CL-246XL (CNM8278B005) Used - 5 Count (Nr. 156880009298)
Noch mehr entdecken:
- Software-Entwicklung Studium und Erwachsenenbildung,
- Studium und Erwachsenenbildung Software-Entwicklung als Taschenbuch,
- Deutsche Studium und Erwachsenenbildung Software-Entwicklung,
- Software-Entwicklung Studium und Erwachsenenbildung als gebundene Ausgabe,
- Sachbuch-Rough-Guides Bücher,
- Sachbuch Insight Guides Bücher,
- Robert-A. - Heinlein-Belletristik-Bücher,
- James-A. - Michener-Belletristik-Bücher,
- Deutsche Bücher Robert-A. - Heinlein-Belletristik,
- Robert-A. - Heinlein-Taschenbuch-Belletristik-Bücher