Internet security and intrusion detection
Proceedings of the 25th International Conference on Software Engineering
Software Security Checklist for the Software Life Cycle
WETICE '03 Proceedings of the Twelfth International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises
Processes for Producing Secure Software: Summary of US National Cybersecurity Summit Subgroup Report
IEEE Security and Privacy
Misuse and Abuse Cases: Getting Past the Positive
IEEE Security and Privacy
Guest Editors' Introduction: Why Attacking Systems Is a Good Idea
IEEE Security and Privacy
Risk Analysis in Software Design
IEEE Security and Privacy
Knowledge for Software Security
IEEE Security and Privacy
Towards agile security assurance
NSPW '04 Proceedings of the 2004 workshop on New security paradigms
Reasoning about confidentiality at requirements engineering time
Proceedings of the 10th European software engineering conference held jointly with 13th ACM SIGSOFT international symposium on Foundations of software engineering
Risky trust: risk-based analysis of software systems
SESS '05 Proceedings of the 2005 workshop on Software engineering for secure systems—building trustworthy applications
Putting the Tools to Work: How to Succeed with Source Code Analysis
IEEE Security and Privacy
On the design of more secure software-intensive systems by use of attack patterns
Information and Software Technology
Secure software engineering teaching modules
InfoSecCD '06 Proceedings of the 3rd annual conference on Information security curriculum development
Securing Java code: heuristics and an evaluation of static analysis tools
Proceedings of the 2008 workshop on Static analysis
Evolution of the MTA architecture: the impact of security
Software—Practice & Experience
Secure Software Engineering: Learning from the Past to Address Future Challenges
Information Security Journal: A Global Perspective
Automated verification of security pattern compositions
Information and Software Technology
Processing multi-parameter attacktrees with estimated parameter values
IWSEC'07 Proceedings of the Security 2nd international conference on Advances in information and computer security
Serial model for attack tree computations
ICISC'09 Proceedings of the 12th international conference on Information security and cryptology
Addressing software application security issues
ICCOMP'06 Proceedings of the 10th WSEAS international conference on Computers
Protection of components based on a smart-card enhanced security module
CRITIS'06 Proceedings of the First international conference on Critical Information Infrastructures Security
Rational choice of security measures via multi-parameter attack trees
CRITIS'06 Proceedings of the First international conference on Critical Information Infrastructures Security
Agile security using an incremental security architecture
XP'05 Proceedings of the 6th international conference on Extreme Programming and Agile Processes in Software Engineering
Security-typed languages for implementation of cryptographic protocols: a case study
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Assessment of a framework for designing and evaluating security sensitive architecture
EASE'08 Proceedings of the 12th international conference on Evaluation and Assessment in Software Engineering
Hi-index | 0.00 |
Most organizations have a firewall, antivirus software, and intrusion detection systems, all of which are intended to keep attackers out. So why is computer security a bigger problem today than ever before? The answer is simple--bad software lies at the heart of all computer security problems. Traditional solutions simply treat the symptoms, not the problem, and usually do so in a reactive way. This book teaches you how to take a proactive approach to computer security. Building Secure Software cuts to the heart of computer security to help you get security right the first time. If you are serious about computer security, you need to read this book, which includes essential lessons for both security professionals who have come to realize that software is the problem, and software developers who intend to make their code behave. Written for anyone involved in software development and usefrom managers to codersthis book is your first step toward building more secure software. Building Secure Software provides expert perspectives and techniques to help you ensure the security of essential software. If you consider threats and vulnerabilities early in the devel-opment cycle you can build security into your system. With this book you will learn how to determine an acceptable level of risk, develop security tests, and plug security holes before software is even shipped. Inside you'll find the ten guiding principles for software security, as well as detailed coverage of: Software risk management for security Selecting technologies to make your code more secure Security implications of open source and proprietary software How to audit software The dreaded buffer overflow Access control and password authentication Random number generation Applying cryptography Trust management and input Client-side security Dealing with firewalls Only by building secure software can you defend yourself against security breaches and gain the confidence that comes with knowing you won't have to play the "penetrate and patch" game anymore. Get it right the first time. Let these expert authors show you how to properly design your system; save time, money, and credibility; and preserve your customers' trust.