{"product_id":"security-patterns-integrating-security-and-systems-engineering-hardback-9780470858844","title":"Security Patterns; Integrating Security and Systems Engineering (Hardback) 9780470858844","description":"\u003cfont face=\"Georgia\"\u003e\r\n\u003cp\u003e\u003cfont size=\"6\"\u003eSecurity Patterns\u003c\/font\u003e\u003cbr\u003e\r\n\u003cfont size=\"5\"\u003eIntegrating Security and Systems Engineering\u003c\/font\u003e\u003c\/p\u003e\r\n\r\n\r\n\r\n\r\n\u003cp\u003e\u003cfont size=\"4\"\u003eMarkus Schumacher (Author), Eduardo Fernandez-Buglioni (Author), Duane Hybertson (Author), Frank Buschmann (Author), Peter Sommerlad (Author)\u003c\/font\u003e\u003c\/p\u003e\r\n\r\n\u003cp\u003e\u003cfont size=\"3\"\u003e9780470858844, Wiley\u003c\/font\u003e\u003c\/p\u003e\r\n\r\n\u003cp\u003e\u003cfont size=\"3\"\u003eHardback, published 21 December 2005\u003c\/font\u003e\u003c\/p\u003e\r\n\r\n\u003cp\u003e\u003cfont size=\"3\"\u003e608 pages\u003cbr\u003e23.8 x 19.4 x 4 cm, 1.361 kg\u003c\/font\u003e\u003c\/p\u003e\r\n\r\n\r\n\r\n\r\n\r\n\u003cp align=\"justify\"\u003e\u003cstrong\u003e\u003cfont size=\"3\"\u003eMost security books are targeted at security engineers and specialists. Few show how build security into software. None breakdown the different concerns facing security at different levels of the system: the enterprise, architectural and operational layers. \u003ci\u003eSecurity Patterns\u003c\/i\u003e addresses the full spectrum of security in systems design, using best practice solutions to show how to integrate security in the broader engineering process.  \u003cul type=\"disc\"\u003e \u003cli\u003eEssential for designers building large-scale systems who want best practice solutions to typical security problems\u003c\/li\u003e \u003cli\u003eReal world case studies illustrate how to use the patterns in specific domains\u003c\/li\u003e \u003c\/ul\u003e \u003cp\u003eFor more information visit www.securitypatterns.org\u003c\/p\u003e\u003c\/font\u003e\u003c\/strong\u003e\u003c\/p\u003e\r\n\r\n\u003cp\u003e\u003cfont size=\"3\"\u003e\u003cp\u003e\u003cb\u003eChapter 1 The Pattern Approach 1\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003ePatterns at a Glance 2\u003c\/p\u003e \u003cp\u003eNo Pattern is an Island 4\u003c\/p\u003e \u003cp\u003ePatterns Everywhere 4\u003c\/p\u003e \u003cp\u003eHumans are the Target 5\u003c\/p\u003e \u003cp\u003ePatterns Resolve Problems and Shape Environments 6\u003c\/p\u003e \u003cp\u003eTowards Pattern Languages 7\u003c\/p\u003e \u003cp\u003eDocumenting Patterns 9\u003c\/p\u003e \u003cp\u003eA Brief Note on The History of Patterns 11\u003c\/p\u003e \u003cp\u003eThe Pattern Community and its Culture 12\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 2 Security Foundations 15\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eOverview 16\u003c\/p\u003e \u003cp\u003eSecurity Taxonomy 17\u003c\/p\u003e \u003cp\u003eGeneral Security Resources 26\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 3 Security Patterns 29\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eThe History of Security Patterns 30\u003c\/p\u003e \u003cp\u003eCharacteristics of Security Patterns 31\u003c\/p\u003e \u003cp\u003eWhy Security Patterns? 34\u003c\/p\u003e \u003cp\u003eSources for Security Pattern Mining 37\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 4 Patterns Scope and Enterprise Security 47\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eThe Scope of Patterns in the Book 48\u003c\/p\u003e \u003cp\u003eOrganization Factors 49\u003c\/p\u003e \u003cp\u003eResulting Organization 51\u003c\/p\u003e \u003cp\u003eMapping to the Taxonomy 53\u003c\/p\u003e \u003cp\u003eOrganization in the Context of an Enterprise Framework 53\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 5 The Security Pattern Landscape 59\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eEnterprise Security and Risk Management Patterns 59\u003c\/p\u003e \u003cp\u003eIdentification \u0026amp; Authentication (I\u0026amp;A) Patterns 62\u003c\/p\u003e \u003cp\u003eAccess Control Model Patterns 67\u003c\/p\u003e \u003cp\u003eSystem Access Control Architecture Patterns 69\u003c\/p\u003e \u003cp\u003eOperating System Access Control Patterns 71\u003c\/p\u003e \u003cp\u003eAccounting Patterns 73\u003c\/p\u003e \u003cp\u003eFirewall Architecture Patterns 77\u003c\/p\u003e \u003cp\u003eSecure Internet Applications Patterns 78\u003c\/p\u003e \u003cp\u003eCryptographic Key Management Patterns 80\u003c\/p\u003e \u003cp\u003eRelated Security Pattern Repositories Patterns 83\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 6 Enterprise Security and Risk Management 85\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eSecurity Needs Identification for Enterprise Assets 89\u003c\/p\u003e \u003cp\u003eAsset Valuation 103\u003c\/p\u003e \u003cp\u003eThreat Assessment 113\u003c\/p\u003e \u003cp\u003eVulnerability Assessment 125\u003c\/p\u003e \u003cp\u003eRisk Determination 137\u003c\/p\u003e \u003cp\u003eEnterprise Security Approaches 148\u003c\/p\u003e \u003cp\u003eEnterprise Security Services 161\u003c\/p\u003e \u003cp\u003eEnterprise Partner Communication 173\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 7 Identification and Authentication (I\u0026amp;A) 187\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eI\u0026amp;A Requirements 192\u003c\/p\u003e \u003cp\u003eAutomated I\u0026amp;A Design Alternatives 207\u003c\/p\u003e \u003cp\u003ePassword Design and Use 217\u003c\/p\u003e \u003cp\u003eBiometrics Design Alternatives 229\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 8 Access Control Models 243\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eAuthorization 245\u003c\/p\u003e \u003cp\u003eRole-Based Access Control 249\u003c\/p\u003e \u003cp\u003eMultilevel Security 253\u003c\/p\u003e \u003cp\u003eReference Monitor 256\u003c\/p\u003e \u003cp\u003eRole Rights Definition 259\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 9 System Access Control Architecture 265\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eAccess Control Requirements 267\u003c\/p\u003e \u003cp\u003eSingle Access Point 279\u003c\/p\u003e \u003cp\u003eCheck Point 287\u003c\/p\u003e \u003cp\u003eSecurity Session 297\u003c\/p\u003e \u003cp\u003eFull Access with Errors 305\u003c\/p\u003e \u003cp\u003eLimited Access 312\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 10 Operating System Access Control 321\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eAuthenticator 323\u003c\/p\u003e \u003cp\u003eControlled Process Creator 328\u003c\/p\u003e \u003cp\u003eControlled Object Factory 331\u003c\/p\u003e \u003cp\u003eControlled Object Monitor 335\u003c\/p\u003e \u003cp\u003eControlled Virtual Address Space 339\u003c\/p\u003e \u003cp\u003eExecution Domain 343\u003c\/p\u003e \u003cp\u003eControlled Execution Environment 346\u003c\/p\u003e \u003cp\u003eFile Authorization 350\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 11 Accounting 355\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eSecurity Accounting Requirements 360\u003c\/p\u003e \u003cp\u003eAudit Requirements 369\u003c\/p\u003e \u003cp\u003eAudit Trails and Logging Requirements 378\u003c\/p\u003e \u003cp\u003eIntrusion Detection Requirements 388\u003c\/p\u003e \u003cp\u003eNon-Repudiation Requirements 396\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 12 Firewall Architectures 403\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003ePacket Filter Firewall 405\u003c\/p\u003e \u003cp\u003eProxy-Based Firewall 411\u003c\/p\u003e \u003cp\u003eStateful Firewall 417\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 13 Secure Internet Applications 423\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eInformation Obscurity 426\u003c\/p\u003e \u003cp\u003eSecure Channels 434\u003c\/p\u003e \u003cp\u003eKnown Partners 442\u003c\/p\u003e \u003cp\u003eDemilitarized Zone 449\u003c\/p\u003e \u003cp\u003eProtection Reverse Proxy 457\u003c\/p\u003e \u003cp\u003eIntegration Reverse Proxy 465\u003c\/p\u003e \u003cp\u003eFront Door 473\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 14 Case Study: IP Telephony 481\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eIP Telephony at a Glance 482\u003c\/p\u003e \u003cp\u003eThe Fundamentals of IP Telephony 483\u003c\/p\u003e \u003cp\u003eVulnerabilities of IP Telephony Components 488\u003c\/p\u003e \u003cp\u003eIP Telephony Use Cases 488\u003c\/p\u003e \u003cp\u003eSecuring IP telephony with patterns 493\u003c\/p\u003e \u003cp\u003eApplying Individual Security Patterns 497\u003c\/p\u003e \u003cp\u003eConclusion 500\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 15 Supplementary Concepts 503\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eSecurity Principles and Security Patterns 504\u003c\/p\u003e \u003cp\u003eEnhancing Security Patterns with Misuse Cases 525\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 16 Closing Remarks 531\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eReferences 535\u003c\/p\u003e \u003cp\u003eIndex 555\u003c\/p\u003e\u003c\/font\u003e\u003c\/p\u003e\r\n\r\n\u003cp\u003e\u003cfont size=\"3\"\u003eSubject Areas: Computer programming \/ software development [\u003ca title=\"See our other books on Computer programming \/ software development\" href=\"https:\/\/freshlyprintedbooks.co.uk\/search?q=%22Computer%20programming%20\/%20software%20development%20%5BUM%5D%22\"\u003eUM\u003c\/a\u003e]\u003c\/font\u003e\u003c\/p\u003e\r\n\r\n\r\n\u003c\/font\u003e","brand":"Wiley","offers":[{"title":"Brand New","offer_id":52278040723736,"sku":"9780470858844","price":24.99,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0730\/2037\/5320\/files\/9780470858844.jpg?v=1781457427","url":"https:\/\/freshlyprintedbooks.co.uk\/products\/security-patterns-integrating-security-and-systems-engineering-hardback-9780470858844","provider":"Freshly Printed Books","version":"1.0","type":"link"}