Details

Security Patterns


Security Patterns

Integrating Security and Systems Engineering
Wiley Software Patterns Series 1. Aufl.

von: Markus Schumacher, Eduardo Fernandez-Buglioni, Duane Hybertson, Frank Buschmann, Peter Sommerlad

33,99 €

Verlag: Wiley
Format: EPUB
Veröffentl.: 12.07.2013
ISBN/EAN: 9781118725931
Sprache: englisch
Anzahl Seiten: 608

DRM-geschütztes eBook, Sie benötigen z.B. Adobe Digital Editions und eine Adobe ID zum Lesen.

Beschreibungen

Most security books are targeted at security engineers and specialists. Few show how build security into software. None breakdown the different concerns facing security at different levels of the system: the enterprise, architectural and operational layers. <i>Security Patterns</i> addresses the full spectrum of security in systems design, using best practice solutions to show how to integrate security in the broader engineering process. <ul type="disc"> <li>Essential for designers building large-scale systems who want best practice solutions to typical security problems</li> <li>Real world case studies illustrate how to use the patterns in specific domains</li> </ul> <p>For more information visit www.securitypatterns.org</p>
<p><b>Chapter 1 The Pattern Approach 1</b></p> <p>Patterns at a Glance 2</p> <p>No Pattern is an Island 4</p> <p>Patterns Everywhere 4</p> <p>Humans are the Target 5</p> <p>Patterns Resolve Problems and Shape Environments 6</p> <p>Towards Pattern Languages 7</p> <p>Documenting Patterns 9</p> <p>A Brief Note on The History of Patterns 11</p> <p>The Pattern Community and its Culture 12</p> <p><b>Chapter 2 Security Foundations 15</b></p> <p>Overview 16</p> <p>Security Taxonomy 17</p> <p>General Security Resources 26</p> <p><b>Chapter 3 Security Patterns 29</b></p> <p>The History of Security Patterns 30</p> <p>Characteristics of Security Patterns 31</p> <p>Why Security Patterns? 34</p> <p>Sources for Security Pattern Mining 37</p> <p><b>Chapter 4 Patterns Scope and Enterprise Security 47</b></p> <p>The Scope of Patterns in the Book 48</p> <p>Organization Factors 49</p> <p>Resulting Organization 51</p> <p>Mapping to the Taxonomy 53</p> <p>Organization in the Context of an Enterprise Framework 53</p> <p><b>Chapter 5 The Security Pattern Landscape 59</b></p> <p>Enterprise Security and Risk Management Patterns 59</p> <p>Identification & Authentication (I&A) Patterns 62</p> <p>Access Control Model Patterns 67</p> <p>System Access Control Architecture Patterns 69</p> <p>Operating System Access Control Patterns 71</p> <p>Accounting Patterns 73</p> <p>Firewall Architecture Patterns 77</p> <p>Secure Internet Applications Patterns 78</p> <p>Cryptographic Key Management Patterns 80</p> <p>Related Security Pattern Repositories Patterns 83</p> <p><b>Chapter 6 Enterprise Security and Risk Management 85</b></p> <p>Security Needs Identification for Enterprise Assets 89</p> <p>Asset Valuation 103</p> <p>Threat Assessment 113</p> <p>Vulnerability Assessment 125</p> <p>Risk Determination 137</p> <p>Enterprise Security Approaches 148</p> <p>Enterprise Security Services 161</p> <p>Enterprise Partner Communication 173</p> <p><b>Chapter 7 Identification and Authentication (I&A) 187</b></p> <p>I&A Requirements 192</p> <p>Automated I&A Design Alternatives 207</p> <p>Password Design and Use 217</p> <p>Biometrics Design Alternatives 229</p> <p><b>Chapter 8 Access Control Models 243</b></p> <p>Authorization 245</p> <p>Role-Based Access Control 249</p> <p>Multilevel Security 253</p> <p>Reference Monitor 256</p> <p>Role Rights Definition 259</p> <p><b>Chapter 9 System Access Control Architecture 265</b></p> <p>Access Control Requirements 267</p> <p>Single Access Point 279</p> <p>Check Point 287</p> <p>Security Session 297</p> <p>Full Access with Errors 305</p> <p>Limited Access 312</p> <p><b>Chapter 10 Operating System Access Control 321</b></p> <p>Authenticator 323</p> <p>Controlled Process Creator 328</p> <p>Controlled Object Factory 331</p> <p>Controlled Object Monitor 335</p> <p>Controlled Virtual Address Space 339</p> <p>Execution Domain 343</p> <p>Controlled Execution Environment 346</p> <p>File Authorization 350</p> <p><b>Chapter 11 Accounting 355</b></p> <p>Security Accounting Requirements 360</p> <p>Audit Requirements 369</p> <p>Audit Trails and Logging Requirements 378</p> <p>Intrusion Detection Requirements 388</p> <p>Non-Repudiation Requirements 396</p> <p><b>Chapter 12 Firewall Architectures 403</b></p> <p>Packet Filter Firewall 405</p> <p>Proxy-Based Firewall 411</p> <p>Stateful Firewall 417</p> <p><b>Chapter 13 Secure Internet Applications 423</b></p> <p>Information Obscurity 426</p> <p>Secure Channels 434</p> <p>Known Partners 442</p> <p>Demilitarized Zone 449</p> <p>Protection Reverse Proxy 457</p> <p>Integration Reverse Proxy 465</p> <p>Front Door 473</p> <p><b>Chapter 14 Case Study: IP Telephony 481</b></p> <p>IP Telephony at a Glance 482</p> <p>The Fundamentals of IP Telephony 483</p> <p>Vulnerabilities of IP Telephony Components 488</p> <p>IP Telephony Use Cases 488</p> <p>Securing IP telephony with patterns 493</p> <p>Applying Individual Security Patterns 497</p> <p>Conclusion 500</p> <p><b>Chapter 15 Supplementary Concepts 503</b></p> <p>Security Principles and Security Patterns 504</p> <p>Enhancing Security Patterns with Misuse Cases 525</p> <p><b>Chapter 16 Closing Remarks 531</b></p> <p>References 535</p> <p>Index 555</p>
<b>Markus Schumacher</b>, SAP AG, Germany. <p><b>Eduardo Fernandez-Buglioni</b>, Florida Atlantic University, USA.</p> <p><b>Duane Hybertson</b>, The MITRE Corp, USA.</p> <p><b>Frank Buschmann</b>, Siemens AG, Germany.</p> <p><b>Peter Sommerlad</b>, Hochschule für Technik Rapperswil, Germany.</p>
<b>International security experts explain the full spectrum of security in systems design</b> <p>Security can be an intimidating subject area, but this need not be the case. Although time constraints may prevent systems engineers from becoming security specialists, guarding systems against attack is essential. With the growing success of the Internet, computer and software systems have become more and more networked. Written from the heart of the patterns community, the authors address key questions and present corresponding proven solutions, clearly showing you how to build secure systems.</p> <p>In a time where systems are constantly at risk, it is essential that you arm yourself with the knowledge of different security measures. This pioneering title breaks down security at various levels of the system: the enterprise, architectural and operational layers. It acts as an extension to the larger enterprise contexts and shows you how to integrate security in the broader engineering process.</p> <p>Essential security topics include:</p> <p><b><i>Enterprise level security</i></b> – security management, principles, institutional policies (such as need-to-know) and enterprise needs (including confidentiality, integrity, availability, accountability, I&A, access control and audit). </p> <p><b><i>Architectural level security</i></b> – system level solutions responding to enterprise level policies – and the most important level for facilitating building security into a system.</p> <p><b><i>User level security</i></b> – concerned with achieving security in operational contexts</p>

Diese Produkte könnten Sie auch interessieren:

Software Process Modeling
Software Process Modeling
von: Silvia T. Acuna, Natalia Juristo
PDF ebook
96,29 €
A Software Process Model Handbook for Incorporating People's Capabilities
A Software Process Model Handbook for Incorporating People's Capabilities
von: Silvia T. Acuna, Natalia Juristo, Ana Maria Moreno, Alicia Mon
PDF ebook
149,79 €
XML for Bioinformatics
XML for Bioinformatics
von: Ethan Cerami
PDF ebook
53,49 €