| 000 | 03556cam a22003137a 4500 | ||
|---|---|---|---|
| 001 | vtls000012705 | ||
| 003 | VRT | ||
| 005 | 20250102223307.0 | ||
| 008 | 130529s2012 flua |b 001 0 eng | ||
| 010 | _a2012-405842 | ||
| 020 | _a9781439814468 | ||
| 020 | _a1439814465 | ||
| 039 | 9 |
_a201402040234 _bVLOAD _c201305290832 _dlaila _y201305290832 _zlaila |
|
| 050 | 0 | 0 |
_aQA76.76.D47 _bP3774 2012 |
| 100 | 1 |
_aPaul, Mano. _920534 |
|
| 245 | 1 | 4 |
_aThe 7 qualities of highly secure software / _cMano Paul. |
| 246 | 3 | _aSeven qualities of highly secure software | |
| 260 |
_aBoca Raton, FL : _bCRC Press, _cc2012. |
||
| 300 |
_axvi, 144 p. : _bill. ; _c25 cm. |
||
| 500 | _a"An Auerbach book." | ||
| 504 | _aIncludes bibliographical references and index. | ||
| 505 | 0 | _aMachine generated contents note: 1.Quality #1: Security Is Built In, Not Bolted On -- Prelude: The Ant and the Grasshopper -- Introduction -- Security Myths That Need Busting -- Myth #1 We Have a Firewall -- Myth #2 We Use SSL -- Myth #3 We Have Intrusion Detection Systems and Intrusion Prevention Systems (IDSs/IPSs) -- Myth #4 Our Software Will Not Be Accessible from the Internet -- Myth #5 We Have Never Been Compromised -- Myth #6 Security Is "Not My Job" but the Responsibility of the Service Provider -- Myth #7 Security Adds Little to No Value to the Business -- Build Security In: The Need -- Build Security In: What It Takes -- Build Security In: The Value-Add -- Conclusion -- References -- 2.Quality #2: Functionality Maps to a Security Plan -- Prelude: Breaking the Tape -- Introduction -- What Is a Security Plan? -- Security Plan Development -- Step 1 Identify Security Objectives -- Step 2 Identify Applicable Requirements -- Step 3 Identify Threats -- | |
| 505 | 0 | _aContents note continued: Step 4 Identify Applicable Controls -- Benefits of a Security Plan -- Mapped Software -- Conclusion -- References -- 3.Quality #3: Includes Foundational Assurance Elements -- Prelude: What Lies Beneath? -- Introduction -- Data: The New Frontier -- Data under Siege -- Foundational Assurance Elements -- Confidentiality -- Integrity -- Availability -- Authentication -- Authorization -- Auditing -- Conclusion -- References -- 4.Quality #4: Is Balanced -- Prelude: The Clown Fish and the Anemone -- Introduction -- Balancing Scale: Risk and Reward -- Balancing Scale: Functionality and Assurance -- Balancing Scale: Threats and Controls -- Conclusion -- References -- 5.Quality #5: Incorporates Security Requirements -- Prelude: Lost in Translation -- Introduction -- Types of Software Security Requirements -- Techniques to Elicit Software Security Requirements -- Traceability of Software Security Requirements -- Requirements to Retirement -- Conclusion -- | |
| 505 | 0 | _aContents note continued: References -- 6.Quality #6: Is Developed Collaboratively -- Prelude: There Is No "I" in Team! -- Introduction -- Stakeholders in the Game: Whose Perspective? -- Business -- Security -- Management -- Development -- Legal -- Privacy -- Auditors -- Vendors -- Conclusion -- References -- 7.Quality #7: Is Adaptable -- Prelude: The Shark is a Polyphyodont -- Introduction -- Law of Resiliency Degradation -- Software Adaptability: Technology, Threats, and Talent -- Technology -- Threats -- Talent -- Begin with the Future in Mind -- Secure Software Requires Security-Savvy People -- Conclusion -- References -- 8.Epilogue. | |
| 650 | 0 |
_aComputer software _xDevelopment. _95144 |
|
| 650 | 0 |
_aComputer security. _91265 |
|
| 650 | 0 |
_aSoftware engineering. _92677 |
|
| 942 |
_2lcc _n0 _cBK |
||
| 999 |
_c8274 _d8274 |
||