- ホーム
- > 洋書
- > 英文書
- > Computer / General
基本説明
Features - Closely examines the 20% of vulnerabilities that are at the heart of more than 90% of attacks. Not dry, no overly complex jargon, easy to read and understand, lots of examples. Neil Daswani is course instructor at Stanford University's new computer security certificate program for software professionals.
Full Description
"What Every Programmer Needs To Know About Security" introduces software professionals to the mindset and techniques they need to know to build secure software systems. Software has become part of the world's critical infrastructure, but typically is not well protected from attacks. Programmers to date have traditionally been taught to focus on performance and correctness, which is unfortunately not enough in a networked world of constantly-attacking hackers. This book teaches programmers how to also focus on safety, reliability, and security so that software can withstand attack. Once enabled with the knowledge presented in this book, professionals can start to alleviate some of the inherent vulnerabilities that make today's software so susceptible to attack. "What Every Programmer Needs To Know About Security" is designed for professional software programmers, both experienced and novice, as well as for research scientists. It is also suitable as a secondary text for advanced-level students in computer science and software engineering.
Contents
Preface.- The Goals of Computer Security.- Secure Systems Design: Approaches and Trade-offs.- Secure Systems Design: Principles.- An Introduction To Cryptography: Low-Level Primitives.- An Introduction To Cryptography: Higher-Level Primitives.- Threats Against Software.- Buffer Overflow Vulnerabilities.- Other Input Validation Vulnerabilities.- Password Security.- Using Cryptography Correctly.- The Security Review Process.- Summary.- Index.
