90折
Architecting Secure Software Systems
商品資訊
ISBN13:9781420087840
出版社:Auerbach Pub UK
作者:Asoke K. Talukder; Manish Chaitanya
出版日:2008/12/05
裝訂/頁數:精裝/446頁
定價
:NT$ 7800 元優惠價
:90 折 7020 元
若需訂購本書,請電洽客服 02-25006600[分機130、131]。
商品簡介
目次
相關商品
商品簡介
Traditionally, software engineers have defined security as a non-functional requirement. As such, all too often it is only considered as an afterthought, making software applications and services vulnerable to attacks. With the phenomenal growth in cybercrime, it has become imperative that security be an integral part of software engineering so that all software assets are protected and safe. Architecting Secure Software Systems defines how security should be incorporated into basic software engineering at the requirement analysis phase, continuing this sharp focus into security design, secured programming, security testing, and secured deployment.
Outlines Protection Protocols for Numerous Applications
Through the use of examples, this volume defines a myriad of security vulnerabilities and their resultant threats. It details how to do a security requirement analysis and outlines the security development lifecycle. The authors examine security architectures and threat countermeasures for UNIX, .NET, Java, mobile, and Web environments. Finally, they explore the security of telecommunications and other distributed services through Service Oriented Architecture (SOA). The book employs a versatile multi-platform approach that allows users to seamlessly integrate the material into their own programming paradigm regardless of their individual programming backgrounds. The text also provides real-world code snippets for experimentation.
Define a Security Methodology from the Initial Phase of Development
Almost all assets in our lives have a virtual presence and the convergence of computer information and telecommunications makes these assets accessible to everyone in the world. This volume enables developers, engineers, and architects to approach security in a holistic fashion at the beginning of the software development lifecycle. By securing these systems from the project’s inception, the monetary and personal privacy catastrophes caused by weak systems can potentially be avoided.
Outlines Protection Protocols for Numerous Applications
Through the use of examples, this volume defines a myriad of security vulnerabilities and their resultant threats. It details how to do a security requirement analysis and outlines the security development lifecycle. The authors examine security architectures and threat countermeasures for UNIX, .NET, Java, mobile, and Web environments. Finally, they explore the security of telecommunications and other distributed services through Service Oriented Architecture (SOA). The book employs a versatile multi-platform approach that allows users to seamlessly integrate the material into their own programming paradigm regardless of their individual programming backgrounds. The text also provides real-world code snippets for experimentation.
Define a Security Methodology from the Initial Phase of Development
Almost all assets in our lives have a virtual presence and the convergence of computer information and telecommunications makes these assets accessible to everyone in the world. This volume enables developers, engineers, and architects to approach security in a holistic fashion at the beginning of the software development lifecycle. By securing these systems from the project’s inception, the monetary and personal privacy catastrophes caused by weak systems can potentially be avoided.
目次
Security in Software Systems
Need for Computer Security
Vulnerability and Attacks
Various Security Attacks
Computer Security
Counter External Threats
Security Programming
Database Security
Common Criteria
Security Standards
Architecting Secure Software Systems
Building Secured System
Security Requirements Analysis
Threat Modeling
Security Design
Security Coding
Safe Programming
Security Review
Generating the Executable
Security Testing
Secured Deployment
Security Remediation
Security Documentation
Security Response Planning
Safety-Critical Systems
Constructing Secured and Safe C/UNIX Programs
UNIX and Linux History
UNIX and Linux Security
Privileges in UNIX
Secure Network Programming
UNIX Virtualization
UNIX Security Logging
C/C++ Language
Common Security Problems with C/C++
Avoiding Security Risks with C/C++ Code
Some Coding Rules
Constructing Secured Systems in NET
Overview of .NET 3.0
Common Language Runtime
NET Runtime Security
NET Security Architecture
Identity and Principal
Permission
Code Access Security
Role-Based Security
Type Safety and Security
ASP.NET Security
NET Remoting Security
Windows Security
Networking and Service-Oriented Architecture–Based Security
Networking and Open Systems Interconnection Model
Transmission Control Protocol/Internet Protocol Primer
Security Using Sockets
Service-Oriented Architecture
Remote Procedure Call
Remote Method Invocation Security
Common Object Request Broker Architecture Security
Securing ActiveX Control
Distributed Component Object Model Security
Java Client-Side Security
Java Framework
Java Platform Security
The Java Cryptography Application Programming Interface
Java Secure Sockets Extension
Authentication and Access Control
Java Sandbox
Java Applets Security
Java Swing
Security in Mobile Applications
Mobile Computing
Networks
Next Generation Networks
Next Generation Network Security
Mobile Applications
Security in Mobile Computing Scenario
Java 2 Micro Edition Security
Java Card and Universal Subscriber Identity Module Security
Wireless Application Protocol Security
Security Implementation in Windows Mobile
Mobile Agents
Mobile Ad Hoc Network Security
Digital Rights Management
Security in Web-Facing Applications
Overview of Web Security
Identity Management
Public Key Infrastructure
Trust in Service
Emerging Security Technologies
Code Injection
Parameter Tampering
Cross-Site Scripting
File Disclosure
Next Generation Webs
Next Generation Web Security
Secured Web Programming
Application Vulnerability Description Language
Server-Side Java Security
Server-Side Java
Servlet Security
Securing Java Server Pages
Java Struts Security
Java Server Faces Security
Web Application Development Rules
Securing Enterprise JavaBeans
Constructing Secured Web Services
Web Services Security
Threat Profile and Risk Analysis
Web Service Security Model
Web Services Security Standards
Servlet Security for Web Services
Secure Sockets Layer Security for Web Services
WS Security with Apache AXIS
XML and XPath Injection Attack Through SOAP-Based Web Services
Federated Identity Management and Web Services Security
Index
Need for Computer Security
Vulnerability and Attacks
Various Security Attacks
Computer Security
Counter External Threats
Security Programming
Database Security
Common Criteria
Security Standards
Architecting Secure Software Systems
Building Secured System
Security Requirements Analysis
Threat Modeling
Security Design
Security Coding
Safe Programming
Security Review
Generating the Executable
Security Testing
Secured Deployment
Security Remediation
Security Documentation
Security Response Planning
Safety-Critical Systems
Constructing Secured and Safe C/UNIX Programs
UNIX and Linux History
UNIX and Linux Security
Privileges in UNIX
Secure Network Programming
UNIX Virtualization
UNIX Security Logging
C/C++ Language
Common Security Problems with C/C++
Avoiding Security Risks with C/C++ Code
Some Coding Rules
Constructing Secured Systems in NET
Overview of .NET 3.0
Common Language Runtime
NET Runtime Security
NET Security Architecture
Identity and Principal
Permission
Code Access Security
Role-Based Security
Type Safety and Security
ASP.NET Security
NET Remoting Security
Windows Security
Networking and Service-Oriented Architecture–Based Security
Networking and Open Systems Interconnection Model
Transmission Control Protocol/Internet Protocol Primer
Security Using Sockets
Service-Oriented Architecture
Remote Procedure Call
Remote Method Invocation Security
Common Object Request Broker Architecture Security
Securing ActiveX Control
Distributed Component Object Model Security
Java Client-Side Security
Java Framework
Java Platform Security
The Java Cryptography Application Programming Interface
Java Secure Sockets Extension
Authentication and Access Control
Java Sandbox
Java Applets Security
Java Swing
Security in Mobile Applications
Mobile Computing
Networks
Next Generation Networks
Next Generation Network Security
Mobile Applications
Security in Mobile Computing Scenario
Java 2 Micro Edition Security
Java Card and Universal Subscriber Identity Module Security
Wireless Application Protocol Security
Security Implementation in Windows Mobile
Mobile Agents
Mobile Ad Hoc Network Security
Digital Rights Management
Security in Web-Facing Applications
Overview of Web Security
Identity Management
Public Key Infrastructure
Trust in Service
Emerging Security Technologies
Code Injection
Parameter Tampering
Cross-Site Scripting
File Disclosure
Next Generation Webs
Next Generation Web Security
Secured Web Programming
Application Vulnerability Description Language
Server-Side Java Security
Server-Side Java
Servlet Security
Securing Java Server Pages
Java Struts Security
Java Server Faces Security
Web Application Development Rules
Securing Enterprise JavaBeans
Constructing Secured Web Services
Web Services Security
Threat Profile and Risk Analysis
Web Service Security Model
Web Services Security Standards
Servlet Security for Web Services
Secure Sockets Layer Security for Web Services
WS Security with Apache AXIS
XML and XPath Injection Attack Through SOAP-Based Web Services
Federated Identity Management and Web Services Security
Index
您曾經瀏覽過的商品
購物須知
外文書商品之書封,為出版社提供之樣本。實際出貨商品,以出版社所提供之現有版本為主。部份書籍,因出版社供應狀況特殊,匯率將依實際狀況做調整。
無庫存之商品,在您完成訂單程序之後,將以空運的方式為你下單調貨。為了縮短等待的時間,建議您將外文書與其他商品分開下單,以獲得最快的取貨速度,平均調貨時間為1~2個月。
為了保護您的權益,「三民網路書店」提供會員七日商品鑑賞期(收到商品為起始日)。
若要辦理退貨,請在商品鑑賞期內寄回,且商品必須是全新狀態與完整包裝(商品、附件、發票、隨貨贈品等)否則恕不接受退貨。