1 2
| 1. Secure Coding: Principles Practices |
| 3. Dedication | Dedication |
| 4. Copyright |
| 5. Preface | Preface |
| 6. Objectives of This Book | Objectives of This Book |
| 7. Structure of This Book | Structure of This Book |
| 8. What This Book Does Not Cover | What This Book Does Not Cover |
| 9. Conventions Used in This Book | Conventions Used in This Book |
| 10. About the Examples | About the Examples |
| 11. Comments and Questions | Comments and Questions |
| 12. Acknowledgments | Acknowledgments |
| 13. Chapter 1. No Straight Thing | Chapter 1. No Straight Thing A Fractured Dialogue |
| 14. 1.1 The Vulnerability Cycle | 1.1 The Vulnerability Cycle |
| 15. 1.2 What Is an Attack? | 1.2 What Is an Attack? |
| 16. 1.3 Why Good People Write Bad Code | The Case of the Mouse Driver The Lesson of Y2K 1.3 Why Good People Write Bad Code |
| 17. 1.4 A Call to Arms | 1.4 A Call to Arms |
| 18. 1.5 Summary | Questions 1.5 Summary |
| 19. Chapter 2. Architecture | Chapter 2. Architecture |
| 20. 2.1 What Is Security Architecture? | 2.1 What Is Security Architecture? |
| 21. 2.2 Principles of Security Architecture | 2.2 Principles of Security Architecture |
| 22. 2.3 Case Study: The Java Sandbox | 2.3 Case Study: The Java Sandbox |
| 23. 2.4 Summary | Questions 2.4 Summary |
| 24. Chapter 3. Design | Chapter 3. Design |
| 25. 3.1 Why Does Good Design Matter? | 3.1 Why Does Good Design Matter? |
| 26. 3.2 Secure Design Steps | 3.2 Secure Design Steps |
| 27. 3.3 Special Design Issues | 3.3 Special Design Issues |
| 28. 3.4 Bad Practices | 3.4 Bad Practices |
| 29. 3.5 Case Studies | 3.5 Case Studies |
| 30. 3.6 Summary | Questions 3.6 Summary |
| 31. Chapter 4. Implementation | Chapter 4. Implementation Buffer Overflows |
| 32. 4.1 Good Practices | State on the Web 4.1 Good Practices |
| 33. 4.2 Bad Practices | The Limits of Trust 4.2 Bad Practices |
| 34. 4.3 Case Studies | 4.3 Case Studies |
| 35. 4.4 Summary | Questions 4.4 Summary |
| 36. Chapter 5. Operations | Chapter 5. Operations |
| 37. 5.1 Security Is Everybody s Problem | 5.1 Security Is Everybody s Problem |
| 38. 5.2 Good Practices | Event Logging 5.2 Good Practices |
| 39. 5.3 Bad Practices | 5.3 Bad Practices |
| 40. 5.4 Case Studies | 5.4 Case Studies |
| 41. 5.5 Summary | Questions 5.5 Summary |
| 42. Chapter 6. Automation and Testing | Chapter 6. Automation and Testing |
| 43. 6.1 Why Test? | 6.1 Why Test? |
| 44. 6.2 Good General Practices | 6.2 Good General Practices |
| 45. 6.3 Good Practices Through the Lifecycle | SAG: Twenty Questions 6.3 Good Practices Through the Lifecycle |
| 46. 6.4 Risk Assessment Methodologies | 6.4 Risk Assessment Methodologies |
| 47. 6.5 Case Studies | Legacy Application Review Questions 6.5 Case Studies |
| 48. 6.6 Summary | Questions 6.6 Summary |
| 49. Appendix A. Resources | Appendix A. Resources |
| 50. A.1 Books | A.1 Books |
1 2
|
|
Authors: Graff M. G. Van Wyk K. R. Russell D. Current page: 1 from 81 This World book online are presented on flylib.comOur library present to you materials from book Secure Coding[c] Principles and Practices 2003. Warning! The page Table of content from this book is informational only! Do not print out this page! Do NOT SUBMIT this page as part of your website or work without confirmation from the authors. You can read the contents of the book, but we strongly recommend that you purchase. |