The first guide to tackle security architecture at the software engineering level
Computer security has become a critical business concern, and, as such, the responsibility of all IT professionals. In this groundbreaking book, a security expert with AT&T Business's renowned Network Services organization explores system security architecture from a software engineering perspective. He explains why strong security must be a guiding principle of the development process and identifies a common set of features found in most security products, explaining how they can and should impact the development cycle. The book also offers in-depth discussions of security technologies, cryptography, database security, application and operating system security, and more.
Die Sicherheit von Computersystemen ist entscheidend für das reibungslose, risikoarme Funktionieren von Geschäftsprozessen. Ein ausgewiesener Experte für Computersicherheit bei AT&T untersucht in diesem Buch Sicherheitskonzeptionen aus dem Blickwinkel des Softwareentwicklers. Er erklärt, warum die Sicherheit zu den Leitprinzipien des Entwicklungsprozesses gehören muß, und benennt Merkmale, die den meisten Security-Produkten gemeinsam sind. Darüber hinaus erläutert er, wie diese Aspekte den Entwicklungsprozeß beeinflussen sollen.
Produkt-Info
Auflage
Sprache
Verlagsort
Zielgruppe
Illustrationen
Charts: 9 B&W, 0 Color; Drawings: 79 B&W, 0 Color; Tables: 4 B&W, 0 Color
Maße
Höhe: 23.4 cm
Breite: 19.2 cm
Dicke: 2.5 cm
Gewicht
ISBN-13
978-0-471-20602-6 (9780471206026)
Schweitzer Klassifikation
JAY RAMACHANDRAN is a certified architect and security expert at AT&T, involved in enterprise security architecture and development. Over the past eight years, he has developed software and evaluated tools for security assurance, auditing, and management for many mission-critical network systems. He coordinated architecture reviews for operations support systems for AT&T's core network for two years, and currently teaches workshops on systems architecture and network security. Jay holds a PhD from Ohio State University.
Preface.
Acknowledgments.
PART I: ARCHITECTURE AND SECURITY.
Chapter 1. Architecture Reviews.
Chapter 2. Security Assessments.
Chapter 3. Security Architecture Basics.
Chapter 4. Architecture Patterns in Security.
PART II: LOW-LEVEL ARCHITECTURE.
Chapter 5. Code Review.
Chapter 6. Cryptography.
Chapter 7. Trusted Code.
Chapter 8. Secure Communications.
PART III: MID-LEVEL ARCHITECTURE.
Chapter 9. Middleware Security.
Chapter 10. Web Security.
Chapter 11. Application and OS Security.
Chapter 12. Database Security.
PART IV: HIGH-LEVEL ARCHITECTURE.
Chapter 13. Security Components.
Chapter 14. Security and Other Architectural Goals.
Chapter 15. Enterprise Security Architecture.
PART V: BUSINESS CASES AND SECURITY.
Chapter 16. Building Business Cases for Security.
Conclusion.
Glossary.
Bibliography.
Index.
