Ebooks

Software Security Engineering A Guide for Project Managers~tqw~ darksiderg

• 
• 
• 
• 
• 
• Rate this torrent +  |  -

Torrent info

Torrent Files List

Torrent description

*******************************************************************************
Software Security Engineering: A Guide for Project Managers
*******************************************************************************

-------------------------------------------------------------------------------
General Information
-------------------------------------------------------------------------------
Type.................: Ebook
Part Size............: 1,808,763 bytes




-------------------------------------------------------------------------------
Post Information
-------------------------------------------------------------------------------
Posted by............: ~tqw~

-------------------------------------------------------------------------------
Release Notes
-------------------------------------------------------------------------------
Everybody knows that software is riddled with security flaws. At first blush,
this is surprising. We know how to write software in a way that provides a
moderately high level of security and robustness. So why don\'t software
developers practice these techniques?

This book deals with two of the myriad answers to this question. The first is
the meaning of secure software. In fact, the term \"secure software\" is a
misnomer. Security is a product of software plus environment. How a program is
used, under what conditions it is used, and what security requirements it must
meet determine whether the software is secure. A term like \"security-enabled
software\" captures the idea that the software was designed and written to meet
specific security requirements, but in other environments where the assumptions
underlying the software—and any implied requirements—do not hold, the software
may not be secure. In a way that is easy to understand, this book presents the
need for accurate and meaningful security requirements, as well as approaches
for developing them. Unlike many books on the subject of secure software, this
book does not assume the requirements are given a priori, but instead discusses
requirements derivation and analysis. Equally important, it describes their
validation.

The second answer lies in the roles of the executives, managers, and technical
leaders of projects. They must support the introduction of security enhancements
in software, as well as robust coding practices (which is really a type of
security enhancement). Moreover, they must understand the processes and make
allowances for it in their scheduling, budgeting, and staffing plans. This book
does an excellent job of laying out the process for the people in these roles,
so they can realistically assess its impact. Additionally, the book points out
where the state of the art is too new or lacks enough experience to have
approaches that are proven to work, or are not generally accepted to work. In
those cases, the authors suggest ways to think about the issues in order to
develop effective approaches. Thus, executives, managers, and technical leaders
can figure out what should work best in their environment.

Table of Contents

Preface
Acknowledgments
Chapter 1: Why Is Security a Software Issue?
Chapter 2: What Makes Software Secure?
Chapter 3: Requirements Engineering for Secure Software
Chapter 4: Secure Software Architecture and Design
Chapter 5: Considerations for Secure Coding and Testing
Chapter 6: Security and Complexity: System Development Challenges
Chapter 7: Governing and Managing for More Secure Software
Chapter 8: Getting Started
Glossary
Build Security In Web Site References
References
Index

Product Details

* ISBN: 032150917X
* ISBN-13: 9780321509178
* Format: Paperback, 368pp
* Publisher: Addison-Wesley
* Pub. Date: May 2008

-------------------------------------------------------------------------------
Install Notes
-------------------------------------------------------------------------------
CHM Reader

related torrents

comments (0)