Secure software design / Theodor Richardson, PHD., Charles N. Thies.
Material type: TextPublication details: Burlington, Mass. : Jones & Bartlett Learning, c2013.Description: xix, 407 pages : illustrations; 24 cmContent type:- Text
- unmediated
- volume
- 9781449626327 (paperback)
- 005.8 23
Item type | Current library | Collection | Call number | Copy number | Status | Date due | Barcode | |
---|---|---|---|---|---|---|---|---|
Text Books | UPM Female Campus Library FR | Computer and Cyber Sciences | 005.8 RTS (Browse shelf(Opens below)) | C.1 | Available | BC0000001508 | ||
Text Books | UPM Female Campus Library FR | Computer and Cyber Sciences | 005.8 RTS (Browse shelf(Opens below)) | C.2 | Available | BC0000002092 | ||
Text Books | UPM Female Campus Library FR | Computer and Cyber Sciences | 005.8 RTS (Browse shelf(Opens below)) | C.3 | Available | BC0000002093 | ||
Text Books | UPM Female Campus Library FR | Computer and Cyber Sciences | 005.8 RTS (Browse shelf(Opens below)) | C.4 | Available | BC0000002094 | ||
Text Books | UPM Female Campus Library FR | Computer and Cyber Sciences | 005.8 RTS (Browse shelf(Opens below)) | C.8 | Available | BC0000002489 | ||
Text Books | UPM Female Campus Library FR | Computer and Cyber Sciences | 005.8 RTS (Browse shelf(Opens below)) | C.9 | Available | BC0000002490 | ||
Text Books | UPM Female Campus Library FR | Computer and Cyber Sciences | 005.8 RTS (Browse shelf(Opens below)) | C.10 | Available | BC0000002491 | ||
Books | UPM Male Campus Library STACKS | Computer and Cyber Sciences | 005.8 RTS (Browse shelf(Opens below)) | C.2 | Available | BC0000001509 | ||
Text Books | UPM Male Campus Library FR | Computer and Cyber Sciences | 005.8 RTS (Browse shelf(Opens below)) | C.5 | Available | BC0000002095 | ||
Text Books | UPM Male Campus Library FR | Computer and Cyber Sciences | 005.8 RTS (Browse shelf(Opens below)) | C.6 | Available | BC0000002096 | ||
Text Books | UPM Male Campus Library FR | Computer and Cyber Sciences | 005.8 RTS (Browse shelf(Opens below)) | C.7 | Available | BC0000002091 | ||
Text Books | UPM Male Campus Library FR | Computer and Cyber Sciences | 005.8 RTS (Browse shelf(Opens below)) | C.11 | Available | BC0000002492 | ||
Text Books | UPM Male Campus Library FR | Computer and Cyber Sciences | 005.8 RTS (Browse shelf(Opens below)) | C.12 | Available | BC0000002493 |
Includes bibliographical references and index.
Machine generated contents note: ch. 1 Introduction -- 1.1. World Turned Upside Down -- 1.2. Lingo -- 1.3. Usual Suspects -- 1.4. Many Hats of Hackers -- 1.5. Tools of the Trade -- 1.5.1. CIA Triad -- 1.5.2. Cryptography -- 1.5.3. Public Key Cryptography -- 1.5.4. Integrity -- 1.5.5. Availability -- 1.6. Fighting Fire -- 1.6.1. Prevention -- 1.6.2. Avoidance -- 1.6.3. Detection -- 1.6.4. Recovery -- 1.7. Changing the Design -- 1.8. Red vs. Blue -- 1.9. Shape of Things -- 1.10. Chapter Summary -- 1.11. Chapter Exercise -- 1.12. Business Application -- 1.13. Key Concepts and Terms -- 1.14. Assessment -- 1.15. Critical Thinking -- 1.16. Graduate Focus -- 1.17. Bibliography -- ch. 2 Current and Emerging Threats -- 2.1. Human Factor -- 2.2. Network -- 2.3. Operating System Environment -- 2.4. Data Management -- 2.5. Data-Centric Threats -- 2.6. Chapter Summary -- 2.7. Chapter Exercise -- 2.8. Business Application -- 2.9. Key Concepts and Terms -- 2.10. Assessment -- 2.11. Critical Thinking -- 2.12. Graduate Focus -- 2.13. Bibliography -- ch. 3 Network Environment -- 3.1. Introducing Eve -- 3.2. Science of Secrecy -- 3.2.1. Cryptography in the Wartime Era -- 3.2.2. National Standard -- 3.2.3. Advent of Public Key Cryptography -- 3.2.4. Quest for Perfect Secrecy -- 3.3. Eve Unleashed -- 3.4. Malicious Modifications and Insidious Insertions -- 3.5. Play It Again, Eve -- 3.6. Eve in the Middle -- 3.7. Making the Connection -- 3.8. Roll Up the Welcome Mat -- 3.9. Why in What and How -- 3.10. Chapter Summary -- 3.11. Chapter Exercise -- 3.12. Business Application -- 3.13. Key Concepts and Terms -- 3.14. Assessment -- 3.15. Critical Thinking -- 3.16. Graduate Focus -- 3.17. Bibliography -- ch. 4 Operating System Environment -- 4.1. What Is Operating System Security? -- 4.2. Common Operating Systems -- 4.3. Operating System Threats -- 4.4. Operating System Defense Tactics -- 4.4.1. Mac OS X Snow Leopard -- 4.4.2. Linux -- 4.4.3. Windows 7 -- 4.5. Auditing and Monitoring -- 4.6. Backup and Redundancy -- 4.7. Remote Access Security -- 4.8. Virtualization -- 4.9. Chapter Summary -- 4.10. Chapter Exercise -- 4.11. Business Application -- 4.12. Key Concepts and Terms -- 4.13. Assessment -- 4.14. Critical Thinking -- 4.15. Graduate Focus -- 4.16. Bibliography -- ch. 5 Database Environment -- 5.1. Database Fundamentals -- 5.2. Conceptual Design -- 5.3. Logical Design -- 5.3.1. Database Normalization -- 5.3.2. First Normal Form -- 5.3.3. Second Normal Form -- 5.3.4. Third Normal Form -- 5.4. Physical Design -- 5.4.1. Introduction to SQL -- 5.4.2. Using the CREATE TABLE Command to Develop a New Table -- 5.4.3. Modifying a Table -- 5.5. User Interface -- 5.6. Web Applications and the Internet -- 5.7. Chapter Summary -- 5.8. Chapter Exercise -- 5.9. Business Application -- 5.10. Key Concepts and Terms -- 5.11. Assessment -- 5.12. Critical Thinking -- 5.13. Graduate Focus -- 5.14. Bibliography -- ch. 6 Programming Languages -- 6.1. Language Barriers -- 6.2. Buffer Bashing -- 6.3. Good Input -- 6.4. Good Output -- 6.5. Inherent Inheritance and Overdoing Overloads -- 6.6. Threatdown -- 6.7. Deployment Issues -- 6.8. Chapter Summary -- 6.9. Chapter Exercise -- 6.10. Business Application -- 6.11. Key Concepts and Terms -- 6.12. Assessment -- 6.13. Critical Thinking -- 6.14. Graduate Focus -- 6.15. Bibliography -- ch. 7 Security Requirements Planning -- 7.1. You, Me, and the SDLC -- 7.2. Establishing Stakeholders -- 7.3. Gathering Requirements -- 7.4. Functional and Nonfunctional Security -- 7.5. Establishing Scope -- 7.6. Chapter Summary -- 7.7. Chapter Exercise -- 7.8. Business Application -- 7.9. Key Concepts and Terms -- 7.10. Assessment -- 7.11. Critical Thinking -- 7.12. Graduate Focus -- 7.13. Bibliography -- ch. 8 Vulnerability Mapping -- 8.1. Use Case Construction and Extension -- 8.2. Managing Misuse -- 8.3. Off the Map -- 8.4. Sequence Diagrams and Class Analysis -- 8.5. Data Planning -- 8.6. Knowing Your Boundaries -- 8.7. Examining Communication, Activity, and State Diagrams -- 8.8. Vulnerability Mapping -- 8.9. Complete Business System Specifications -- 8.10. Chapter Summary -- 8.11. Chapter Exercise -- 8.12. Business Application -- 8.13. Key Concepts and Terms -- 8.14. Assessment -- 8.15. Critical Thinking -- 8.16. Graduate Focus -- 8.17. Bibliography -- ch. 9 Development and Implementation -- 9.1. Architecture Decision -- 9.1.1. Monolithic -- 9.1.2. 2-Tier -- 9.1.3. 3-Tier -- 9.1.4. N-Tier -- 9.1.5. Distributed Computing -- 9.2. Software Sources -- 9.3. Watch Your Language -- 9.4. Class Security Analysis -- 9.5. Procedural Security -- 9.6. Modular Mayhem -- 9.7. Life of Data -- 9.8. Attack Surface Reduction -- 9.9. Document, Document, Document -- 9.10. Chapter Summary -- 9.11. Chapter Exercise -- 9.12. Business Application -- 9.13. Key Concepts and Terms -- 9.14. Assessment -- 9.15. Critical Thinking -- 9.16. Graduate Focus -- 9.17. Bibliography -- ch. 10 Application Review and Testing -- 10.1. Static Analysis -- 10.2. Dynamic Analysis -- 10.3. Casing the Joint -- 10.4. Takedown -- 10.5. Never Stop at One -- 10.6. Hardening the System -- 10.7. Chapter Summary -- 10.8. Chapter Exercise -- 10.9. Business Application -- 10.10. Key Concepts and Terms -- 10.11. Assessment -- 10.12. Critical Thinking -- 10.13. Graduate Focus -- 10.14. Bibliography -- ch. 11 Incorporating SSD with the SDLC -- 11.1. Incident Response Plan -- 11.2. Final Security Review -- 11.3. Into the Wild -- 11.4. Review and React -- 11.4.1. Evolving Attacks -- 11.4.2. Periodic Review and Archiving -- 11.4.3. Secure System Retirement -- 11.5. Culture of Security -- 11.6. Integration Tools -- 11.7. Chapter Summary -- 11.8. Chapter Exercise -- 11.9. Business Application -- 11.10. Key Concepts and Terms -- 11.11. Assessment -- 11.12. Critical Thinking -- 11.13. Graduate Focus -- 11.14. Bibliography -- ch. 12 Personnel Training -- 12.1. Information Security Audience -- 12.2. Organization's Culture in the Web 2.0 Era -- 12.3. Information Assurance Curriculum Content -- 12.4. Security Training Delivery Methods -- 12.5. Implementing a Training Solution -- 12.5.1. Step 1: Identify the Program Scope, Goals, and Objectives -- 12.5.2. Step 2: Identify Training Staff -- 12.5.3. Step 3: Identify Target Audience -- 12.5.4. Step 4: Motivate Management and Employees -- 12.5.5. Step 5: Administer the Program -- 12.5.6. Step 6: Maintain the Program -- 12.5.7. Step 7: Evaluate the Program -- 12.6. Enforcing Computer Policy and Computer Crime Investigations -- 12.7. Chapter Summary -- 12.8. Chapter Exercise -- 12.9. Business Application -- 12.10. Key Concepts and Terms -- 12.11. Assessment -- 12.12. Critical Thinking -- 12.13. Graduate Focus -- 12.14. Bibliography -- ch. 13 Culture of Security -- 13.1. Confidentiality, Integrity, and Availability -- 13.2. Driving the Development Process with Consistency -- 13.3. Secure Software Design-Legal Environment -- 13.4. Security Policy in the Organization -- 13.5. Enforcing Security Policy -- 13.6. Chapter Summary -- 13.7. Chapter Exercise -- 13.8. Business Application -- 13.9. Key Concepts and Terms -- 13.10. Assessment -- 13.11. Critical Thinking -- 13.12. Graduate Focus -- 13.13. Bibliography -- ch. 14 Web Application Threats -- 14.1. Client at Risk -- 14.2. Biggest Threats to Web Applications -- 14.3. JavaScript and AJAX -- 14.4. Adobe Flash -- 14.5. ActiveX -- 14.6. Simplify, Restrict, and Scrub -- 14.7. Chapter Summary -- 14.8. Chapter Exercise -- 14.9. Business Application -- 14.10. Key Concepts and Terms -- 14.11. Assessment -- 14.12. Critical Thinking -- 14.13. Graduate Focus -- 14.14. Bibliography -- ch. 15 Secure Data Management -- 15.1. Modern Threats to Database Security -- 15.2. Managing Roles and Access -- 15.2.1. Removing a User from the Database -- 15.2.2. Authentication -- 15.2.3. Encryption -- 15.2.4. Database Views -- 15.3. Database Auditing -- 15.4. Database Backup and Recovery Strategy -- 15.5. Data in the Cloud Environment -- 15.6. Chapter Summary -- 15.7. Chapter Exercise -- 15.8. Business Application -- 15.9. Key Concepts and Terms -- 15.10. Assessment -- 15.11. Critical Thinking -- 15.12. Graduate Focus -- 15.13. Bibliography -- ch.
16 Zero Day and Beyond -- 16.1. Prediction Through Penetration Testing -- 16.2. Insider Threat and Beyond -- 16.3. Mitigation to Defend Against the Unknown -- 16.4. Organization Incident Response -- 16.5. Business Continuity Plan -- 16.6. Becoming and Staying Proactive -- 16.7. Chapter Summary -- 16.8. Chapter Exercise -- 16.9. Business Application -- 16.10. Key Concepts and Terms -- 16.11. Assessment -- 16.12. Critical Thinking -- 16.13. Graduate Focus -- 16.14. Bibliography.
1 3
There are no comments on this title.