| Document Type
|
:
|
BL
|
| Record Number
|
:
|
589859
|
| Doc. No
|
:
|
b419078
|
| Main Entry
|
:
|
Paul, Mano
|
| Title & Author
|
:
|
The 7 qualities of highly secure software /\ Mano Paul
|
| Publication Statement
|
:
|
Boca Raton, FL :: CRC Press,, c2012
|
| Page. NO
|
:
|
xvi, 144 p. :: ill. ;; 25 cm
|
| ISBN
|
:
|
9781439814468
|
|
|
:
|
: 1439814465
|
|
|
:
|
9781439814475
|
|
|
:
|
1439814473
|
| Notes
|
:
|
"An Auerbach book."
|
| Bibliographies/Indexes
|
:
|
Includes bibliographical references and index
|
| Contents
|
:
|
Machine generated contents note: 1.Quality #1: Security Is Built In, Not Bolted On -- Prelude: The Ant and the Grasshopper -- Introduction -- Security Myths That Need Busting -- Myth #1 We Have a Firewall -- Myth #2 We Use SSL -- Myth #3 We Have Intrusion Detection Systems and Intrusion Prevention Systems (IDSs/IPSs) -- Myth #4 Our Software Will Not Be Accessible from the Internet -- Myth #5 We Have Never Been Compromised -- Myth #6 Security Is "Not My Job" but the Responsibility of the Service Provider -- Myth #7 Security Adds Little to No Value to the Business -- Build Security In: The Need -- Build Security In: What It Takes -- Build Security In: The Value-Add -- Conclusion -- References -- 2.Quality #2: Functionality Maps to a Security Plan -- Prelude: Breaking the Tape -- Introduction -- What Is a Security Plan? -- Security Plan Development -- Step 1 Identify Security Objectives -- Step 2 Identify Applicable Requirements -- Step 3 Identify Threats --
|
|
|
:
|
Contents note continued: Step 4 Identify Applicable Controls -- Benefits of a Security Plan -- Mapped Software -- Conclusion -- References -- 3.Quality #3: Includes Foundational Assurance Elements -- Prelude: What Lies Beneath? -- Introduction -- Data: The New Frontier -- Data under Siege -- Foundational Assurance Elements -- Confidentiality -- Integrity -- Availability -- Authentication -- Authorization -- Auditing -- Conclusion -- References -- 4.Quality #4: Is Balanced -- Prelude: The Clown Fish and the Anemone -- Introduction -- Balancing Scale: Risk and Reward -- Balancing Scale: Functionality and Assurance -- Balancing Scale: Threats and Controls -- Conclusion -- References -- 5.Quality #5: Incorporates Security Requirements -- Prelude: Lost in Translation -- Introduction -- Types of Software Security Requirements -- Techniques to Elicit Software Security Requirements -- Traceability of Software Security Requirements -- Requirements to Retirement -- Conclusion --
|
|
|
:
|
Contents note continued: References -- 6.Quality #6: Is Developed Collaboratively -- Prelude: There Is No "I" in Team! -- Introduction -- Stakeholders in the Game: Whose Perspective? -- Business -- Security -- Management -- Development -- Legal -- Privacy -- Auditors -- Vendors -- Conclusion -- References -- 7.Quality #7: Is Adaptable -- Prelude: The Shark is a Polyphyodont -- Introduction -- Law of Resiliency Degradation -- Software Adaptability: Technology, Threats, and Talent -- Technology -- Threats -- Talent -- Begin with the Future in Mind -- Secure Software Requires Security-Savvy People -- Conclusion -- References -- 8.Epilogue
|
| Abstract
|
:
|
In this book, Mano Paul takes a Covey-like approach to what is needed to develop and deliver secure software. He outlines 7 specific qualities required of hack-resilient software, which include collaborative development, fundamental necessities, and continuous improvement
|
| Subject
|
:
|
Computer software-- Development
|
| Subject
|
:
|
Computer security
|
| Subject
|
:
|
Software engineering
|
| Parallel Title
|
:
|
Seven qualities of highly secure software
|