Record ID | marc_loc_2016/BooksAll.2016.part40.utf8:30546922:3545 |
Source | Library of Congress |
Download Link | /show-records/marc_loc_2016/BooksAll.2016.part40.utf8:30546922:3545?format=raw |
LEADER: 03545cam a22003257a 4500
001 2012405842
003 DLC
005 20121130082440.0
008 120814s2012 flua b 001 0 eng
010 $a 2012405842
020 $a9781439814468
020 $a1439814465 (hardback)
035 $a(OCoLC)ocn809754903
040 $aAU@$beng$cAU@$dIUL$dCNAUC$dDLC
042 $alccopycat
050 00 $aQA76.76.D47$bP3774 2012
082 04 $a005.8$223
100 1 $aPaul, Mano.
245 14 $aThe 7 qualities of highly secure software /$cMano Paul.
246 3 $aSeven qualities of highly secure software
260 $aBoca Raton, FL :$bCRC Press,$cc2012.
300 $axvi, 144 p. :$bill. ;$c25 cm.
500 $a"An Auerbach book."
504 $aIncludes bibliographical references and index.
505 0 $aMachine generated contents note: 1.Quality #1: Security Is Built In, Not Bolted On -- Prelude: The Ant and the Grasshopper -- Introduction -- Security Myths That Need Busting -- Myth #1 We Have a Firewall -- Myth #2 We Use SSL -- Myth #3 We Have Intrusion Detection Systems and Intrusion Prevention Systems (IDSs/IPSs) -- Myth #4 Our Software Will Not Be Accessible from the Internet -- Myth #5 We Have Never Been Compromised -- Myth #6 Security Is "Not My Job" but the Responsibility of the Service Provider -- Myth #7 Security Adds Little to No Value to the Business -- Build Security In: The Need -- Build Security In: What It Takes -- Build Security In: The Value-Add -- Conclusion -- References -- 2.Quality #2: Functionality Maps to a Security Plan -- Prelude: Breaking the Tape -- Introduction -- What Is a Security Plan? -- Security Plan Development -- Step 1 Identify Security Objectives -- Step 2 Identify Applicable Requirements -- Step 3 Identify Threats --
505 0 $aContents note continued: Step 4 Identify Applicable Controls -- Benefits of a Security Plan -- Mapped Software -- Conclusion -- References -- 3.Quality #3: Includes Foundational Assurance Elements -- Prelude: What Lies Beneath? -- Introduction -- Data: The New Frontier -- Data under Siege -- Foundational Assurance Elements -- Confidentiality -- Integrity -- Availability -- Authentication -- Authorization -- Auditing -- Conclusion -- References -- 4.Quality #4: Is Balanced -- Prelude: The Clown Fish and the Anemone -- Introduction -- Balancing Scale: Risk and Reward -- Balancing Scale: Functionality and Assurance -- Balancing Scale: Threats and Controls -- Conclusion -- References -- 5.Quality #5: Incorporates Security Requirements -- Prelude: Lost in Translation -- Introduction -- Types of Software Security Requirements -- Techniques to Elicit Software Security Requirements -- Traceability of Software Security Requirements -- Requirements to Retirement -- Conclusion --
505 0 $aContents note continued: References -- 6.Quality #6: Is Developed Collaboratively -- Prelude: There Is No "I" in Team! -- Introduction -- Stakeholders in the Game: Whose Perspective? -- Business -- Security -- Management -- Development -- Legal -- Privacy -- Auditors -- Vendors -- Conclusion -- References -- 7.Quality #7: Is Adaptable -- Prelude: The Shark is a Polyphyodont -- Introduction -- Law of Resiliency Degradation -- Software Adaptability: Technology, Threats, and Talent -- Technology -- Threats -- Talent -- Begin with the Future in Mind -- Secure Software Requires Security-Savvy People -- Conclusion -- References -- 8.Epilogue.
650 0 $aComputer software$xDevelopment.
650 0 $aComputer security.
650 0 $aSoftware engineering.