Dekorationsartikel gehören nicht zum Leistungsumfang.
Sprache:
Englisch
81,00 €*
Versandkostenfrei per Post / DHL
Aktuell nicht verfügbar
Kategorien:
Beschreibung
International security experts explain the full spectrum of security in systems design
Security can be an intimidating subject area, but this need not be the case. Although time constraints may prevent systems engineers from becoming security specialists, guarding systems against attack is essential. With the growing success of the Internet, computer and software systems have become more and more networked. Written from the heart of the patterns community, the authors address key questions and present corresponding proven solutions, clearly showing you how to build secure systems.
In a time where systems are constantly at risk, it is essential that you arm yourself with the knowledge of different security measures. This pioneering title breaks down security at various levels of the system: the enterprise, architectural and operational layers. It acts as an extension to the larger enterprise contexts and shows you how to integrate security in the broader engineering process.
Essential security topics include:
Enterprise level security - security management, principles, institutional policies (such as need-to-know) and enterprise needs (including confidentiality, integrity, availability, accountability, I&A, access control and audit).
Architectural level security - system level solutions responding to enterprise level policies - and the most important level for facilitating building security into a system.
User level security - concerned with achieving security in operational contexts
Security can be an intimidating subject area, but this need not be the case. Although time constraints may prevent systems engineers from becoming security specialists, guarding systems against attack is essential. With the growing success of the Internet, computer and software systems have become more and more networked. Written from the heart of the patterns community, the authors address key questions and present corresponding proven solutions, clearly showing you how to build secure systems.
In a time where systems are constantly at risk, it is essential that you arm yourself with the knowledge of different security measures. This pioneering title breaks down security at various levels of the system: the enterprise, architectural and operational layers. It acts as an extension to the larger enterprise contexts and shows you how to integrate security in the broader engineering process.
Essential security topics include:
Enterprise level security - security management, principles, institutional policies (such as need-to-know) and enterprise needs (including confidentiality, integrity, availability, accountability, I&A, access control and audit).
Architectural level security - system level solutions responding to enterprise level policies - and the most important level for facilitating building security into a system.
User level security - concerned with achieving security in operational contexts
International security experts explain the full spectrum of security in systems design
Security can be an intimidating subject area, but this need not be the case. Although time constraints may prevent systems engineers from becoming security specialists, guarding systems against attack is essential. With the growing success of the Internet, computer and software systems have become more and more networked. Written from the heart of the patterns community, the authors address key questions and present corresponding proven solutions, clearly showing you how to build secure systems.
In a time where systems are constantly at risk, it is essential that you arm yourself with the knowledge of different security measures. This pioneering title breaks down security at various levels of the system: the enterprise, architectural and operational layers. It acts as an extension to the larger enterprise contexts and shows you how to integrate security in the broader engineering process.
Essential security topics include:
Enterprise level security - security management, principles, institutional policies (such as need-to-know) and enterprise needs (including confidentiality, integrity, availability, accountability, I&A, access control and audit).
Architectural level security - system level solutions responding to enterprise level policies - and the most important level for facilitating building security into a system.
User level security - concerned with achieving security in operational contexts
Security can be an intimidating subject area, but this need not be the case. Although time constraints may prevent systems engineers from becoming security specialists, guarding systems against attack is essential. With the growing success of the Internet, computer and software systems have become more and more networked. Written from the heart of the patterns community, the authors address key questions and present corresponding proven solutions, clearly showing you how to build secure systems.
In a time where systems are constantly at risk, it is essential that you arm yourself with the knowledge of different security measures. This pioneering title breaks down security at various levels of the system: the enterprise, architectural and operational layers. It acts as an extension to the larger enterprise contexts and shows you how to integrate security in the broader engineering process.
Essential security topics include:
Enterprise level security - security management, principles, institutional policies (such as need-to-know) and enterprise needs (including confidentiality, integrity, availability, accountability, I&A, access control and audit).
Architectural level security - system level solutions responding to enterprise level policies - and the most important level for facilitating building security into a system.
User level security - concerned with achieving security in operational contexts
Über den Autor
Authors
* Markus Schumacher, SAP AG, Germany,
* Eduardo Fernandez-Buglioni, Florida Atlantic University, USA,
* Duane Hybertson, The MITRE Corp, USA,
* Frank Buschmann, Siemens AG, Germany,
* Peter Sommerlad, Hochschule für Technik Rapperswil, Germany
* Markus Schumacher, SAP AG, Germany,
* Eduardo Fernandez-Buglioni, Florida Atlantic University, USA,
* Duane Hybertson, The MITRE Corp, USA,
* Frank Buschmann, Siemens AG, Germany,
* Peter Sommerlad, Hochschule für Technik Rapperswil, Germany
Inhaltsverzeichnis
Chapter 1 The Pattern Approach.
Patterns at a Glance.
No Pattern is an Island.
Patterns Everywhere.
Humans are the Target.
Patterns Resolve Problems and Shape Environments.
Towards Pattern Languages.
Documenting Patterns.
A Brief Note on The History of Patterns.
The Pattern Community and its Culture.
Chapter 2 Security Foundations.
Overview.
Security Taxonomy.
General Security Resources.
Chapter 3 Security Patterns.
The History of Security Patterns.
Characteristics of Security Patterns.
Why Security Patterns?.
Sources for Security Pattern Mining.
Chapter 4 Patterns Scope and Enterprise Security.
The Scope of Patterns in the Book.
Organization Factors.
Resulting Organization.
Mapping to the Taxonomy.
Organization in the Context of an Enterprise Framework.
Chapter 5 The Security Pattern Landscape.
Enterprise Security and Risk Management Patterns.
Identification & Authentication (I&A) Patterns.
Access Control Model Patterns.
System Access Control Architecture Patterns.
Operating System Access Control Patterns.
Audit and Accounting Patterns.
Secure Internet Applications Patterns.
Firewall Architecture Patterns.
Cryptographic Key Management Patterns.
Related Security Pattern Repositories Patterns.
Chapter 6 Enterprise Security and Risk Management.
Security Needs Identification for Enterprise Assets.
Asset Valuation.
Threat Assessment.
Vulnerability Assessment.
Risk Determination.
Enterprise Security Approaches.
Enterprise Security Services.
Enterprise Partner Communication.
Chapter 7 Identification and Authentication (I&A).
I&A Requirements.
Automated I&A Design Alternatives.
Password Design and Use.
Biometrics Design Alternatives.
Chapter 8 Access Control Models.
Authorization.
Role-Based Access Control.
Multilevel Security.
Reference Monitor.
Role Rights Definition.
Chapter 9 System Access Control Architecture.
Access Control Requirements.
Single Access Point.
Check Point.
Security Session.
Full Access with Errors
Limited Access
Chapter 10 Operating System Access Control.
Authenticator.
Controlled Process Creator.
Controlled Object Factory.
Controlled Object Monitor.
Controlled Virtual Address Space.
Execution Domain.
Controlled Execution Environment.
File Authorization.
Chapter 11 Accounting.
Security Accounting Requirements.
Audit Requirements.
Audit Trails and Logging Requirements.
Intrusion Detection Requirements.
Non-Repudiation Requirements.
Chapter 12 Firewall Architectures.
Packet Filter Firewall.
Proxy-Based Firewall.
Stateful Firewall.
Chapter 13 Secure Internet Applications.
Information Obscurity.
Secure Channels.
Known Partners.
Demilitarized Zone.
Protection Reverse Proxy.
Integration Reverse Proxy.
Front Door.
Chapter 14 Case Study: IP Telephony.
IP Telephony at a Glance.
The Fundamentals of IP Telephony.
Vulnerabilities of IP Telephony Components.
IP Telephony Use Cases.
Securing IP telephony with patterns.
Applying Individual Security Patterns.
Conclusion.
Chapter 15 Supplementary Concepts.
Security Principles and Security Patterns.
Enhancing Security Patterns with Misuse Cases.
Chapter 16 Closing Remarks.
References.
Index.
Patterns at a Glance.
No Pattern is an Island.
Patterns Everywhere.
Humans are the Target.
Patterns Resolve Problems and Shape Environments.
Towards Pattern Languages.
Documenting Patterns.
A Brief Note on The History of Patterns.
The Pattern Community and its Culture.
Chapter 2 Security Foundations.
Overview.
Security Taxonomy.
General Security Resources.
Chapter 3 Security Patterns.
The History of Security Patterns.
Characteristics of Security Patterns.
Why Security Patterns?.
Sources for Security Pattern Mining.
Chapter 4 Patterns Scope and Enterprise Security.
The Scope of Patterns in the Book.
Organization Factors.
Resulting Organization.
Mapping to the Taxonomy.
Organization in the Context of an Enterprise Framework.
Chapter 5 The Security Pattern Landscape.
Enterprise Security and Risk Management Patterns.
Identification & Authentication (I&A) Patterns.
Access Control Model Patterns.
System Access Control Architecture Patterns.
Operating System Access Control Patterns.
Audit and Accounting Patterns.
Secure Internet Applications Patterns.
Firewall Architecture Patterns.
Cryptographic Key Management Patterns.
Related Security Pattern Repositories Patterns.
Chapter 6 Enterprise Security and Risk Management.
Security Needs Identification for Enterprise Assets.
Asset Valuation.
Threat Assessment.
Vulnerability Assessment.
Risk Determination.
Enterprise Security Approaches.
Enterprise Security Services.
Enterprise Partner Communication.
Chapter 7 Identification and Authentication (I&A).
I&A Requirements.
Automated I&A Design Alternatives.
Password Design and Use.
Biometrics Design Alternatives.
Chapter 8 Access Control Models.
Authorization.
Role-Based Access Control.
Multilevel Security.
Reference Monitor.
Role Rights Definition.
Chapter 9 System Access Control Architecture.
Access Control Requirements.
Single Access Point.
Check Point.
Security Session.
Full Access with Errors
Limited Access
Chapter 10 Operating System Access Control.
Authenticator.
Controlled Process Creator.
Controlled Object Factory.
Controlled Object Monitor.
Controlled Virtual Address Space.
Execution Domain.
Controlled Execution Environment.
File Authorization.
Chapter 11 Accounting.
Security Accounting Requirements.
Audit Requirements.
Audit Trails and Logging Requirements.
Intrusion Detection Requirements.
Non-Repudiation Requirements.
Chapter 12 Firewall Architectures.
Packet Filter Firewall.
Proxy-Based Firewall.
Stateful Firewall.
Chapter 13 Secure Internet Applications.
Information Obscurity.
Secure Channels.
Known Partners.
Demilitarized Zone.
Protection Reverse Proxy.
Integration Reverse Proxy.
Front Door.
Chapter 14 Case Study: IP Telephony.
IP Telephony at a Glance.
The Fundamentals of IP Telephony.
Vulnerabilities of IP Telephony Components.
IP Telephony Use Cases.
Securing IP telephony with patterns.
Applying Individual Security Patterns.
Conclusion.
Chapter 15 Supplementary Concepts.
Security Principles and Security Patterns.
Enhancing Security Patterns with Misuse Cases.
Chapter 16 Closing Remarks.
References.
Index.
Details
| Erscheinungsjahr: | 2006 |
|---|---|
| Fachbereich: | Programmiersprachen |
| Genre: | Informatik |
| Rubrik: | Naturwissenschaften & Technik |
| Medium: | Buch |
| Seiten: | 608 |
| Inhalt: | 566 S. |
| ISBN-13: | 9780470858844 |
| ISBN-10: | 0470858842 |
| Sprache: | Englisch |
| Herstellernummer: | 14585884000 |
| Einband: | Gebunden |
| Autor: |
Schumacher, Markus
Fernandez-Buglioni, Eduardo Hybertson, Duane Buschmann, Frank Sommerlad, Peter |
| Hersteller: |
Wiley
John Wiley & Sons |
| Maße: | 241 x 191 x 43 mm |
| Von/Mit: | Markus Schumacher (u. a.) |
| Erscheinungsdatum: | 01.02.2006 |
| Gewicht: | 1,249 kg |
Über den Autor
Authors
* Markus Schumacher, SAP AG, Germany,
* Eduardo Fernandez-Buglioni, Florida Atlantic University, USA,
* Duane Hybertson, The MITRE Corp, USA,
* Frank Buschmann, Siemens AG, Germany,
* Peter Sommerlad, Hochschule für Technik Rapperswil, Germany
* Markus Schumacher, SAP AG, Germany,
* Eduardo Fernandez-Buglioni, Florida Atlantic University, USA,
* Duane Hybertson, The MITRE Corp, USA,
* Frank Buschmann, Siemens AG, Germany,
* Peter Sommerlad, Hochschule für Technik Rapperswil, Germany
Inhaltsverzeichnis
Chapter 1 The Pattern Approach.
Patterns at a Glance.
No Pattern is an Island.
Patterns Everywhere.
Humans are the Target.
Patterns Resolve Problems and Shape Environments.
Towards Pattern Languages.
Documenting Patterns.
A Brief Note on The History of Patterns.
The Pattern Community and its Culture.
Chapter 2 Security Foundations.
Overview.
Security Taxonomy.
General Security Resources.
Chapter 3 Security Patterns.
The History of Security Patterns.
Characteristics of Security Patterns.
Why Security Patterns?.
Sources for Security Pattern Mining.
Chapter 4 Patterns Scope and Enterprise Security.
The Scope of Patterns in the Book.
Organization Factors.
Resulting Organization.
Mapping to the Taxonomy.
Organization in the Context of an Enterprise Framework.
Chapter 5 The Security Pattern Landscape.
Enterprise Security and Risk Management Patterns.
Identification & Authentication (I&A) Patterns.
Access Control Model Patterns.
System Access Control Architecture Patterns.
Operating System Access Control Patterns.
Audit and Accounting Patterns.
Secure Internet Applications Patterns.
Firewall Architecture Patterns.
Cryptographic Key Management Patterns.
Related Security Pattern Repositories Patterns.
Chapter 6 Enterprise Security and Risk Management.
Security Needs Identification for Enterprise Assets.
Asset Valuation.
Threat Assessment.
Vulnerability Assessment.
Risk Determination.
Enterprise Security Approaches.
Enterprise Security Services.
Enterprise Partner Communication.
Chapter 7 Identification and Authentication (I&A).
I&A Requirements.
Automated I&A Design Alternatives.
Password Design and Use.
Biometrics Design Alternatives.
Chapter 8 Access Control Models.
Authorization.
Role-Based Access Control.
Multilevel Security.
Reference Monitor.
Role Rights Definition.
Chapter 9 System Access Control Architecture.
Access Control Requirements.
Single Access Point.
Check Point.
Security Session.
Full Access with Errors
Limited Access
Chapter 10 Operating System Access Control.
Authenticator.
Controlled Process Creator.
Controlled Object Factory.
Controlled Object Monitor.
Controlled Virtual Address Space.
Execution Domain.
Controlled Execution Environment.
File Authorization.
Chapter 11 Accounting.
Security Accounting Requirements.
Audit Requirements.
Audit Trails and Logging Requirements.
Intrusion Detection Requirements.
Non-Repudiation Requirements.
Chapter 12 Firewall Architectures.
Packet Filter Firewall.
Proxy-Based Firewall.
Stateful Firewall.
Chapter 13 Secure Internet Applications.
Information Obscurity.
Secure Channels.
Known Partners.
Demilitarized Zone.
Protection Reverse Proxy.
Integration Reverse Proxy.
Front Door.
Chapter 14 Case Study: IP Telephony.
IP Telephony at a Glance.
The Fundamentals of IP Telephony.
Vulnerabilities of IP Telephony Components.
IP Telephony Use Cases.
Securing IP telephony with patterns.
Applying Individual Security Patterns.
Conclusion.
Chapter 15 Supplementary Concepts.
Security Principles and Security Patterns.
Enhancing Security Patterns with Misuse Cases.
Chapter 16 Closing Remarks.
References.
Index.
Patterns at a Glance.
No Pattern is an Island.
Patterns Everywhere.
Humans are the Target.
Patterns Resolve Problems and Shape Environments.
Towards Pattern Languages.
Documenting Patterns.
A Brief Note on The History of Patterns.
The Pattern Community and its Culture.
Chapter 2 Security Foundations.
Overview.
Security Taxonomy.
General Security Resources.
Chapter 3 Security Patterns.
The History of Security Patterns.
Characteristics of Security Patterns.
Why Security Patterns?.
Sources for Security Pattern Mining.
Chapter 4 Patterns Scope and Enterprise Security.
The Scope of Patterns in the Book.
Organization Factors.
Resulting Organization.
Mapping to the Taxonomy.
Organization in the Context of an Enterprise Framework.
Chapter 5 The Security Pattern Landscape.
Enterprise Security and Risk Management Patterns.
Identification & Authentication (I&A) Patterns.
Access Control Model Patterns.
System Access Control Architecture Patterns.
Operating System Access Control Patterns.
Audit and Accounting Patterns.
Secure Internet Applications Patterns.
Firewall Architecture Patterns.
Cryptographic Key Management Patterns.
Related Security Pattern Repositories Patterns.
Chapter 6 Enterprise Security and Risk Management.
Security Needs Identification for Enterprise Assets.
Asset Valuation.
Threat Assessment.
Vulnerability Assessment.
Risk Determination.
Enterprise Security Approaches.
Enterprise Security Services.
Enterprise Partner Communication.
Chapter 7 Identification and Authentication (I&A).
I&A Requirements.
Automated I&A Design Alternatives.
Password Design and Use.
Biometrics Design Alternatives.
Chapter 8 Access Control Models.
Authorization.
Role-Based Access Control.
Multilevel Security.
Reference Monitor.
Role Rights Definition.
Chapter 9 System Access Control Architecture.
Access Control Requirements.
Single Access Point.
Check Point.
Security Session.
Full Access with Errors
Limited Access
Chapter 10 Operating System Access Control.
Authenticator.
Controlled Process Creator.
Controlled Object Factory.
Controlled Object Monitor.
Controlled Virtual Address Space.
Execution Domain.
Controlled Execution Environment.
File Authorization.
Chapter 11 Accounting.
Security Accounting Requirements.
Audit Requirements.
Audit Trails and Logging Requirements.
Intrusion Detection Requirements.
Non-Repudiation Requirements.
Chapter 12 Firewall Architectures.
Packet Filter Firewall.
Proxy-Based Firewall.
Stateful Firewall.
Chapter 13 Secure Internet Applications.
Information Obscurity.
Secure Channels.
Known Partners.
Demilitarized Zone.
Protection Reverse Proxy.
Integration Reverse Proxy.
Front Door.
Chapter 14 Case Study: IP Telephony.
IP Telephony at a Glance.
The Fundamentals of IP Telephony.
Vulnerabilities of IP Telephony Components.
IP Telephony Use Cases.
Securing IP telephony with patterns.
Applying Individual Security Patterns.
Conclusion.
Chapter 15 Supplementary Concepts.
Security Principles and Security Patterns.
Enhancing Security Patterns with Misuse Cases.
Chapter 16 Closing Remarks.
References.
Index.
Details
| Erscheinungsjahr: | 2006 |
|---|---|
| Fachbereich: | Programmiersprachen |
| Genre: | Informatik |
| Rubrik: | Naturwissenschaften & Technik |
| Medium: | Buch |
| Seiten: | 608 |
| Inhalt: | 566 S. |
| ISBN-13: | 9780470858844 |
| ISBN-10: | 0470858842 |
| Sprache: | Englisch |
| Herstellernummer: | 14585884000 |
| Einband: | Gebunden |
| Autor: |
Schumacher, Markus
Fernandez-Buglioni, Eduardo Hybertson, Duane Buschmann, Frank Sommerlad, Peter |
| Hersteller: |
Wiley
John Wiley & Sons |
| Maße: | 241 x 191 x 43 mm |
| Von/Mit: | Markus Schumacher (u. a.) |
| Erscheinungsdatum: | 01.02.2006 |
| Gewicht: | 1,249 kg |
Warnhinweis
Ähnliche Produkte
Taschenbuch
Lieferzeit 1-2 Wochen
Taschenbuch
Lieferzeit 1-2 Werktage
Taschenbuch
Taschenbuch
Lieferzeit 4-7 Werktage
Taschenbuch
Lieferzeit 1-2 Wochen
Taschenbuch
