Software security: building security in
Gespeichert in:
| 1. Verfasser: | |
|---|---|
| Format: | Buch |
| Sprache: | English |
| Veröffentlicht: |
Upper Saddle River, NJ ; Munich [u.a.]
Addison-Wesley
2006
|
| Ausgabe: | 1. printing |
| Schriftenreihe: | Addison-Wesley software security series
|
| Schlagworte: | |
| Online-Zugang: | Inhaltsverzeichnis Inhaltsverzeichnis |
| Beschreibung: | Hier auch später erschienene, unveränderte Nachdrucke |
| Beschreibung: | XXXVI, 408 Seiten Illustrationen, Diagramme CD-ROM (12 cm) |
| ISBN: | 9780321356703 0321356705 |
Internformat
MARC
| LEADER | 00000nam a2200000 c 4500 | ||
|---|---|---|---|
| 001 | BV021675104 | ||
| 003 | DE-604 | ||
| 005 | 20220531 | ||
| 007 | t | ||
| 008 | 060727s2006 a||| |||| 00||| eng d | ||
| 020 | |a 9780321356703 |9 978-0-321-35670-3 | ||
| 020 | |a 0321356705 |9 0-321-35670-5 | ||
| 035 | |a (OCoLC)301089681 | ||
| 035 | |a (DE-599)BVBBV021675104 | ||
| 040 | |a DE-604 |b ger |e rda | ||
| 041 | 0 | |a eng | |
| 049 | |a DE-824 |a DE-M347 |a DE-706 |a DE-522 |a DE-634 | ||
| 050 | 0 | |a QA76.9.A25 | |
| 082 | 0 | |a 005.8 |2 22 | |
| 084 | |a ST 230 |0 (DE-625)143617: |2 rvk | ||
| 100 | 1 | |a McGraw, Gary |d 1966- |e Verfasser |0 (DE-588)128809868 |4 aut | |
| 245 | 1 | 0 | |a Software security |b building security in |c Gary McGraw |
| 250 | |a 1. printing | ||
| 264 | 1 | |a Upper Saddle River, NJ ; Munich [u.a.] |b Addison-Wesley |c 2006 | |
| 300 | |a XXXVI, 408 Seiten |b Illustrationen, Diagramme |e CD-ROM (12 cm) | ||
| 336 | |b txt |2 rdacontent | ||
| 337 | |b n |2 rdamedia | ||
| 338 | |b nc |2 rdacarrier | ||
| 490 | 0 | |a Addison-Wesley software security series | |
| 500 | |a Hier auch später erschienene, unveränderte Nachdrucke | ||
| 650 | 4 | |a Sécurité informatique | |
| 650 | 4 | |a Computer security | |
| 650 | 0 | 7 | |a Softwareschutz |0 (DE-588)4131649-6 |2 gnd |9 rswk-swf |
| 650 | 0 | 7 | |a Computersicherheit |0 (DE-588)4274324-2 |2 gnd |9 rswk-swf |
| 650 | 0 | 7 | |a Softwareentwicklung |0 (DE-588)4116522-6 |2 gnd |9 rswk-swf |
| 650 | 0 | 7 | |a Software Engineering |0 (DE-588)4116521-4 |2 gnd |9 rswk-swf |
| 689 | 0 | 0 | |a Software Engineering |0 (DE-588)4116521-4 |D s |
| 689 | 0 | 1 | |a Softwareschutz |0 (DE-588)4131649-6 |D s |
| 689 | 0 | |5 DE-604 | |
| 689 | 1 | 0 | |a Softwareentwicklung |0 (DE-588)4116522-6 |D s |
| 689 | 1 | 1 | |a Softwareschutz |0 (DE-588)4131649-6 |D s |
| 689 | 1 | |5 DE-604 | |
| 689 | 2 | 0 | |a Software Engineering |0 (DE-588)4116521-4 |D s |
| 689 | 2 | 1 | |a Computersicherheit |0 (DE-588)4274324-2 |D s |
| 689 | 2 | |8 1\p |5 DE-604 | |
| 856 | 4 | 2 | |m HBZ Datenaustausch |q application/pdf |u http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=014889403&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA |3 Inhaltsverzeichnis |
| 856 | 4 | 2 | |m GBV Datenaustausch |q application/pdf |u http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=014889403&sequence=000003&line_number=0002&func_code=DB_RECORDS&service_type=MEDIA |3 Inhaltsverzeichnis |
| 999 | |a oai:aleph.bib-bvb.de:BVB01-014889403 | ||
| 883 | 1 | |8 1\p |a cgwrk |d 20201028 |q DE-101 |u https://d-nb.info/provenance/plan#cgwrk | |
Datensatz im Suchindex
| _version_ | 1804135493164597248 |
|---|---|
| adam_text | Titel: Software security
Autor: McGraw, Gary
Jahr: 2006
Contents H Foreword xix Preface xxiii Acknowledgments xxxi About the Author xxxv Part I: Software Security Fundamentals 1 1 Defining a Discipline 3 The Security Problem 4 The Trinity of Trouble: Why the Problem Is Growing 5 Basic Science 10 Security Problems in Software 14 Bugs and Flaws and Defects, Oh My! 14 The Range of Defects 18 The Problem with Application Security 20 Software Security and Operations 23 Solving the Problem: The Three Pillars of Software Security 25 Pillar I: Applied Risk Management 26 Pillar II: Software Security Touchpoints 27 Pillar III: Knowledge 35 The Rise of Security Engineering 37 Software Security Is Everyone’s Job 38 xni
XIV Contents 2 A Risk Management Framework 39 Putting Risk Management into Practice 40 How to Use This Chapter 41 The Five Stages of Activity 42 Stage 1: Understand the Business Context 43 Stage 2: Identify the Business and Technical Risks 43 Stage 3: Synthesize and Rank the Risks 44 Stage 4: Define the Risk Mitigation Strategy 45 Stage 5: Carry Out Fixes and Validate 45 Measuring and Reporting on Risk 46 The RMF Is a Multilevel Loop 46 Applying the RMF: KillerAppCo’s iWare 1.0 Server 48 Understanding the Business Context 49 Identifying the Business and Technical Risks 50 Synthesizing and Ranking the Risks 63 Defining the Risk Mitigation Strategy 69 Carrying Out Fixes and Validating 73 The Importance of Measurement 73 Measuring Return 74 Measurement and Metrics in the RMF 75 The Cigital Workbench 76 Risk Management Is a Framework for Software Security 79 Part II: Seven Touchpoints for Software Security 81 3 Introduction to Software Security Touchpoints 83 Flyover: Seven Terrific Touchpoints 86 1. Code Review (Tools) 86 2. Architectural Risk Analysis 86 3. Penetration Testing 87 4. Risk-Based Security Testing 87 5. Abuse Cases 88 6. Security Requirements 88 7. Security Operations 88 *. External Analysis 88 Why Only Seven? 89 Black and White: Two Threads Inextricably Intertwined 89 Moving Left 91 Touchpoints as Best Practices 94
Contents xv Who Should Do Software Security? 96 Building a Software Security Group 97 Software Security Is a Multidisciplinary Effort 100 Touchpoints to Success 103 4 Code Review with a Tool 105 Catching Implementation Bugs Early (with a Tool) 106 Aim for Good, Not Perfect 108 Ancient History 109 Approaches to Static Analysis 110 The History of Rule Coverage 112 Modern Rules 114 Tools from Researchland 114 Commercial Tool Vendors 123 Commercial Source Code Analyzers 124 Key Characteristics of a Tool 125 Three Characteristics to Avoid 127 The Fortify Source Code Analysis Suite 127 The Fortify Knowledge Base 132 Using Fortify 134 Touchpoint Process: Code Review 135 Use a Tool to Find Security Bugs 137 5 Architectural Risk Analysis 139 Common Themes among Security Risk Analysis Approaches 140 Traditional Risk Analysis Terminology 144 Knowledge Requirement 147 The Necessity of a Forest-Level View 148 A Traditional Example of a Risk Calculation 152 Limitations of Traditional Approaches 153 Modern Risk Analysis 154 Security Requirements 155 A Basic Risk Analysis Approach 156 Touchpoint Process: Architectural Risk Analysis 161 Attack Resistance Analysis 163 Ambiguity Analysis 165 Weakness Analysis 167 Getting Started with Risk Analysis 169 Architectural Risk Analysis Is a Necessity 170
XVI Contents 6 Software Penetration Testing 171 Penetration Testing Today 173 Software Penetration Testing—a Better Approach 178 Make Use of Tools 179 Test More Than Once 182 Incorporating Findings Back into Development 183 Using Penetration Tests to Assess the Application Landscape 184 Proper Penetration Testing Is Good 185 7 Risk-Based Security Testing 187 What’s So Different about Security? 191 Risk Management and Security Testing 192 How to Approach Security Testing 193 Who 193 How 194 Thinking about (Malicious) Input 201 Getting Over Input 203 Leapfrogging the Penetration Test 204 8 Abuse Cases 205 Security Is Not a Set of Features 209 What You Can’t Do 210 Creating Useful Abuse Cases 211 But No One Would Ever Do That! 212 Touchpoint Process: Abuse Case Development 213 Creating Anti-Requirements 213 Creating an Attack Model 216 An Abuse Case Example 217 Abuse Cases Are Useful 222 9 Software Security Meets Security Operations 223 Don’t Stand So Close to Me 224 Kumbaya (for Software Security) 225 Come Together (Right Now) 232 Future’s So Bright, I Gotta Wear Shades 235
Contents xvn Part III: Software Security Grows Up 237 10 An Enterprise Software Security Program 239 The Business Climate 240 Building Blocks of Change 242 Building an Improvement Program 246 Establishing a Metrics Program 247 A Three-Step Enterprise Rollout 248 Continuous Improvement 250 What about COTS (and Existing Software Applications)? 251 An Enterprise Information Architecture 253 Adopting a Secure Development Lifecycle 256 11 Knowledge for Software Security 259 Experience, Expertise, and Security 261 Security Knowledge: A Unified View 262 Security Knowledge and the Touchpoints 268 The Department of Homeland Security Build Security In Portal 269 Knowledge Management Is Ongoing 274 Software Security Now 275 12 A Taxonomy of Coding Errors 277 On Simplicity: Seven Plus or Minus Two 279 Input Validation and Representation 279 API Abuse 279 Security Features 280 Time and State 280 Error Handling 281 Code Quality 281 Encapsulation 281 Environment 282 The Phyla 282 More Phyla Needed 289 A Complete Example 290 Lists, Piles, and Collections 292 Nineteen Sins Meet Seven Kingdoms 296 Seven Kingdoms and the OWASP Ten 297 Go Forth (with the Taxonomy) and Prosper 297
xviit ____ 13 Annotated Bibliography and References 299 Annotated Bibliography: An Emerging Literature 299 Required Reading: The Top Five 299 References Cited in Software Security: Building Security In 300 Government and Standards Publications Cited 312 Other Important References 313 Software Security Puzzle Pieces 318 Basic Science: Open Research Areas 319 Contents Appendices 321 A Fortify Source Code Analysis Suite Tutorial 323 1. Introducing the Audit Workbench 324 2. Auditing Source Code Manually 326 3. Ensuring a Working Build Environment 328 4. Running the Source Code Analysis Engine 329 5. Exploring the Basic SCA Engine Command Line Arguments 332 6. Understanding Raw Analysis Results 333 7. Integrating with an Automated Build Process 335 8. Using the Audit Workbench 339 9. Auditing Open Source Applications 342 B ITS4 Rules 345 C An Exercise in Risk Analysis: Smurfware 385 SmurfWare SmurfScanner Risk Assessment Case Study 385 SmurfWare SmurfScanner Design for Security 390 D Glossary 393 Index 395
IMAGE 1
DEFINING A DISCIPLINE
P. 3
A RISK MANAGEMENT FRAMEWORK
P. 39
INTRODUCTION TO SOFTWARE SECURITY TOUCHPOINTS
P. 83
CODE REVIEW WITH A TOOL
P. 105
ARCHITECTURAL RISK ANALYSIS
P. 139
SOFTWARE PENETRATION TESTING
P. 171
RISK-BASED SECURITY TESTING
P. 187
ABUSE CASES
P. 205
SOFTWARE SECURITY MEETS SECURITY OPERATIONS
P. 223
AN ENTERPRISE SOFTWARE SECURITY PROGRAM
P. 239
KNOWLEDGE FOR SOFTWARE SECURITY
P. 259
A TAXONOMY OF CODING ERRORS
P. 277
ANNOTATED BIBLIOGRAPHY AND REFERENCES
P. 299
FORTIFY SOURCE CODE ANALYSIS SUITE TUTORIAL
P. 323
ITS4 RULES
P. 345
AN EXERCISE IN RISK ANALYSIS : SMURFWARE
P. 385
TABLE OF CONTENTS PROVIDED BY BLACKWELL S BOOK SERVICES AND R.R. BOWKER.
USED WITH PERMISSION.
|
| adam_txt |
Titel: Software security
Autor: McGraw, Gary
Jahr: 2006
Contents H Foreword xix Preface xxiii Acknowledgments xxxi About the Author xxxv Part I: Software Security Fundamentals 1 1 Defining a Discipline 3 The Security Problem 4 The Trinity of Trouble: Why the Problem Is Growing 5 Basic Science 10 Security Problems in Software 14 Bugs and Flaws and Defects, Oh My! 14 The Range of Defects 18 The Problem with Application Security 20 Software Security and Operations 23 Solving the Problem: The Three Pillars of Software Security 25 Pillar I: Applied Risk Management 26 Pillar II: Software Security Touchpoints 27 Pillar III: Knowledge 35 The Rise of Security Engineering 37 Software Security Is Everyone’s Job 38 xni
XIV Contents 2 A Risk Management Framework 39 Putting Risk Management into Practice 40 How to Use This Chapter 41 The Five Stages of Activity 42 Stage 1: Understand the Business Context 43 Stage 2: Identify the Business and Technical Risks 43 Stage 3: Synthesize and Rank the Risks 44 Stage 4: Define the Risk Mitigation Strategy 45 Stage 5: Carry Out Fixes and Validate 45 Measuring and Reporting on Risk 46 The RMF Is a Multilevel Loop 46 Applying the RMF: KillerAppCo’s iWare 1.0 Server 48 Understanding the Business Context 49 Identifying the Business and Technical Risks 50 Synthesizing and Ranking the Risks 63 Defining the Risk Mitigation Strategy 69 Carrying Out Fixes and Validating 73 The Importance of Measurement 73 Measuring Return 74 Measurement and Metrics in the RMF 75 The Cigital Workbench 76 Risk Management Is a Framework for Software Security 79 Part II: Seven Touchpoints for Software Security 81 3 Introduction to Software Security Touchpoints 83 Flyover: Seven Terrific Touchpoints 86 1. Code Review (Tools) 86 2. Architectural Risk Analysis 86 3. Penetration Testing 87 4. Risk-Based Security Testing 87 5. Abuse Cases 88 6. Security Requirements 88 7. Security Operations 88 *. External Analysis 88 Why Only Seven? 89 Black and White: Two Threads Inextricably Intertwined 89 Moving Left 91 Touchpoints as Best Practices 94
Contents xv Who Should Do Software Security? 96 Building a Software Security Group 97 Software Security Is a Multidisciplinary Effort 100 Touchpoints to Success 103 4 Code Review with a Tool 105 Catching Implementation Bugs Early (with a Tool) 106 Aim for Good, Not Perfect 108 Ancient History 109 Approaches to Static Analysis 110 The History of Rule Coverage 112 Modern Rules 114 Tools from Researchland 114 Commercial Tool Vendors 123 Commercial Source Code Analyzers 124 Key Characteristics of a Tool 125 Three Characteristics to Avoid 127 The Fortify Source Code Analysis Suite 127 The Fortify Knowledge Base 132 Using Fortify 134 Touchpoint Process: Code Review 135 Use a Tool to Find Security Bugs 137 5 Architectural Risk Analysis 139 Common Themes among Security Risk Analysis Approaches 140 Traditional Risk Analysis Terminology 144 Knowledge Requirement 147 The Necessity of a Forest-Level View 148 A Traditional Example of a Risk Calculation 152 Limitations of Traditional Approaches 153 Modern Risk Analysis 154 Security Requirements 155 A Basic Risk Analysis Approach 156 Touchpoint Process: Architectural Risk Analysis 161 Attack Resistance Analysis 163 Ambiguity Analysis 165 Weakness Analysis 167 Getting Started with Risk Analysis 169 Architectural Risk Analysis Is a Necessity 170
XVI Contents 6 Software Penetration Testing 171 Penetration Testing Today 173 Software Penetration Testing—a Better Approach 178 Make Use of Tools 179 Test More Than Once 182 Incorporating Findings Back into Development 183 Using Penetration Tests to Assess the Application Landscape 184 Proper Penetration Testing Is Good 185 7 Risk-Based Security Testing 187 What’s So Different about Security? 191 Risk Management and Security Testing 192 How to Approach Security Testing 193 Who 193 How 194 Thinking about (Malicious) Input 201 Getting Over Input 203 Leapfrogging the Penetration Test 204 8 Abuse Cases 205 Security Is Not a Set of Features 209 What You Can’t Do 210 Creating Useful Abuse Cases 211 But No One Would Ever Do That! 212 Touchpoint Process: Abuse Case Development 213 Creating Anti-Requirements 213 Creating an Attack Model 216 An Abuse Case Example 217 Abuse Cases Are Useful 222 9 Software Security Meets Security Operations 223 Don’t Stand So Close to Me 224 Kumbaya (for Software Security) 225 Come Together (Right Now) 232 Future’s So Bright, I Gotta Wear Shades 235
Contents xvn Part III: Software Security Grows Up 237 10 An Enterprise Software Security Program 239 The Business Climate 240 Building Blocks of Change 242 Building an Improvement Program 246 Establishing a Metrics Program 247 A Three-Step Enterprise Rollout 248 Continuous Improvement 250 What about COTS (and Existing Software Applications)? 251 An Enterprise Information Architecture 253 Adopting a Secure Development Lifecycle 256 11 Knowledge for Software Security 259 Experience, Expertise, and Security 261 Security Knowledge: A Unified View 262 Security Knowledge and the Touchpoints 268 The Department of Homeland Security Build Security In Portal 269 Knowledge Management Is Ongoing 274 Software Security Now 275 12 A Taxonomy of Coding Errors 277 On Simplicity: Seven Plus or Minus Two 279 Input Validation and Representation 279 API Abuse 279 Security Features 280 Time and State 280 Error Handling 281 Code Quality 281 Encapsulation 281 Environment 282 The Phyla 282 More Phyla Needed 289 A Complete Example 290 Lists, Piles, and Collections 292 Nineteen Sins Meet Seven Kingdoms 296 Seven Kingdoms and the OWASP Ten 297 Go Forth (with the Taxonomy) and Prosper 297
xviit _ 13 Annotated Bibliography and References 299 Annotated Bibliography: An Emerging Literature 299 Required Reading: The Top Five 299 References Cited in Software Security: Building Security In 300 Government and Standards Publications Cited 312 Other Important References 313 Software Security Puzzle Pieces 318 Basic Science: Open Research Areas 319 Contents Appendices 321 A Fortify Source Code Analysis Suite Tutorial 323 1. Introducing the Audit Workbench 324 2. Auditing Source Code Manually 326 3. Ensuring a Working Build Environment 328 4. Running the Source Code Analysis Engine 329 5. Exploring the Basic SCA Engine Command Line Arguments 332 6. Understanding Raw Analysis Results 333 7. Integrating with an Automated Build Process 335 8. Using the Audit Workbench 339 9. Auditing Open Source Applications 342 B ITS4 Rules 345 C An Exercise in Risk Analysis: Smurfware 385 SmurfWare SmurfScanner Risk Assessment Case Study 385 SmurfWare SmurfScanner Design for Security 390 D Glossary 393 Index 395
IMAGE 1
DEFINING A DISCIPLINE
P. 3
A RISK MANAGEMENT FRAMEWORK
P. 39
INTRODUCTION TO SOFTWARE SECURITY TOUCHPOINTS
P. 83
CODE REVIEW WITH A TOOL
P. 105
ARCHITECTURAL RISK ANALYSIS
P. 139
SOFTWARE PENETRATION TESTING
P. 171
RISK-BASED SECURITY TESTING
P. 187
ABUSE CASES
P. 205
SOFTWARE SECURITY MEETS SECURITY OPERATIONS
P. 223
AN ENTERPRISE SOFTWARE SECURITY PROGRAM
P. 239
KNOWLEDGE FOR SOFTWARE SECURITY
P. 259
A TAXONOMY OF CODING ERRORS
P. 277
ANNOTATED BIBLIOGRAPHY AND REFERENCES
P. 299
FORTIFY SOURCE CODE ANALYSIS SUITE TUTORIAL
P. 323
ITS4 RULES
P. 345
AN EXERCISE IN RISK ANALYSIS : SMURFWARE
P. 385
TABLE OF CONTENTS PROVIDED BY BLACKWELL'S BOOK SERVICES AND R.R. BOWKER.
USED WITH PERMISSION. |
| any_adam_object | 1 |
| any_adam_object_boolean | 1 |
| author | McGraw, Gary 1966- |
| author_GND | (DE-588)128809868 |
| author_facet | McGraw, Gary 1966- |
| author_role | aut |
| author_sort | McGraw, Gary 1966- |
| author_variant | g m gm |
| building | Verbundindex |
| bvnumber | BV021675104 |
| callnumber-first | Q - Science |
| callnumber-label | QA76 |
| callnumber-raw | QA76.9.A25 |
| callnumber-search | QA76.9.A25 |
| callnumber-sort | QA 276.9 A25 |
| callnumber-subject | QA - Mathematics |
| classification_rvk | ST 230 |
| ctrlnum | (OCoLC)301089681 (DE-599)BVBBV021675104 |
| dewey-full | 005.8 |
| dewey-hundreds | 000 - Computer science, information, general works |
| dewey-ones | 005 - Computer programming, programs, data, security |
| dewey-raw | 005.8 |
| dewey-search | 005.8 |
| dewey-sort | 15.8 |
| dewey-tens | 000 - Computer science, information, general works |
| discipline | Informatik |
| discipline_str_mv | Informatik |
| edition | 1. printing |
| format | Book |
| fullrecord | <?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>02467nam a2200553 c 4500</leader><controlfield tag="001">BV021675104</controlfield><controlfield tag="003">DE-604</controlfield><controlfield tag="005">20220531 </controlfield><controlfield tag="007">t</controlfield><controlfield tag="008">060727s2006 a||| |||| 00||| eng d</controlfield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9780321356703</subfield><subfield code="9">978-0-321-35670-3</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">0321356705</subfield><subfield code="9">0-321-35670-5</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)301089681</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)BVBBV021675104</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-604</subfield><subfield code="b">ger</subfield><subfield code="e">rda</subfield></datafield><datafield tag="041" ind1="0" ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-824</subfield><subfield code="a">DE-M347</subfield><subfield code="a">DE-706</subfield><subfield code="a">DE-522</subfield><subfield code="a">DE-634</subfield></datafield><datafield tag="050" ind1=" " ind2="0"><subfield code="a">QA76.9.A25</subfield></datafield><datafield tag="082" ind1="0" ind2=" "><subfield code="a">005.8</subfield><subfield code="2">22</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">ST 230</subfield><subfield code="0">(DE-625)143617:</subfield><subfield code="2">rvk</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">McGraw, Gary</subfield><subfield code="d">1966-</subfield><subfield code="e">Verfasser</subfield><subfield code="0">(DE-588)128809868</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Software security</subfield><subfield code="b">building security in</subfield><subfield code="c">Gary McGraw</subfield></datafield><datafield tag="250" ind1=" " ind2=" "><subfield code="a">1. printing</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="a">Upper Saddle River, NJ ; Munich [u.a.]</subfield><subfield code="b">Addison-Wesley</subfield><subfield code="c">2006</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">XXXVI, 408 Seiten</subfield><subfield code="b">Illustrationen, Diagramme</subfield><subfield code="e">CD-ROM (12 cm)</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="b">n</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="b">nc</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="490" ind1="0" ind2=" "><subfield code="a">Addison-Wesley software security series</subfield></datafield><datafield tag="500" ind1=" " ind2=" "><subfield code="a">Hier auch später erschienene, unveränderte Nachdrucke</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Sécurité informatique</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Computer security</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Softwareschutz</subfield><subfield code="0">(DE-588)4131649-6</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Computersicherheit</subfield><subfield code="0">(DE-588)4274324-2</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Softwareentwicklung</subfield><subfield code="0">(DE-588)4116522-6</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Software Engineering</subfield><subfield code="0">(DE-588)4116521-4</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="689" ind1="0" ind2="0"><subfield code="a">Software Engineering</subfield><subfield code="0">(DE-588)4116521-4</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2="1"><subfield code="a">Softwareschutz</subfield><subfield code="0">(DE-588)4131649-6</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2=" "><subfield code="5">DE-604</subfield></datafield><datafield tag="689" ind1="1" ind2="0"><subfield code="a">Softwareentwicklung</subfield><subfield code="0">(DE-588)4116522-6</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="1" ind2="1"><subfield code="a">Softwareschutz</subfield><subfield code="0">(DE-588)4131649-6</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="1" ind2=" "><subfield code="5">DE-604</subfield></datafield><datafield tag="689" ind1="2" ind2="0"><subfield code="a">Software Engineering</subfield><subfield code="0">(DE-588)4116521-4</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="2" ind2="1"><subfield code="a">Computersicherheit</subfield><subfield code="0">(DE-588)4274324-2</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="2" ind2=" "><subfield code="8">1\p</subfield><subfield code="5">DE-604</subfield></datafield><datafield tag="856" ind1="4" ind2="2"><subfield code="m">HBZ Datenaustausch</subfield><subfield code="q">application/pdf</subfield><subfield code="u">http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=014889403&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA</subfield><subfield code="3">Inhaltsverzeichnis</subfield></datafield><datafield tag="856" ind1="4" ind2="2"><subfield code="m">GBV Datenaustausch</subfield><subfield code="q">application/pdf</subfield><subfield code="u">http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=014889403&sequence=000003&line_number=0002&func_code=DB_RECORDS&service_type=MEDIA</subfield><subfield code="3">Inhaltsverzeichnis</subfield></datafield><datafield tag="999" ind1=" " ind2=" "><subfield code="a">oai:aleph.bib-bvb.de:BVB01-014889403</subfield></datafield><datafield tag="883" ind1="1" ind2=" "><subfield code="8">1\p</subfield><subfield code="a">cgwrk</subfield><subfield code="d">20201028</subfield><subfield code="q">DE-101</subfield><subfield code="u">https://d-nb.info/provenance/plan#cgwrk</subfield></datafield></record></collection> |
| id | DE-604.BV021675104 |
| illustrated | Illustrated |
| index_date | 2024-07-02T15:09:48Z |
| indexdate | 2024-07-09T20:41:23Z |
| institution | BVB |
| isbn | 9780321356703 0321356705 |
| language | English |
| oai_aleph_id | oai:aleph.bib-bvb.de:BVB01-014889403 |
| oclc_num | 301089681 |
| open_access_boolean | |
| owner | DE-824 DE-M347 DE-706 DE-522 DE-634 |
| owner_facet | DE-824 DE-M347 DE-706 DE-522 DE-634 |
| physical | XXXVI, 408 Seiten Illustrationen, Diagramme CD-ROM (12 cm) |
| publishDate | 2006 |
| publishDateSearch | 2006 |
| publishDateSort | 2006 |
| publisher | Addison-Wesley |
| record_format | marc |
| series2 | Addison-Wesley software security series |
| spelling | McGraw, Gary 1966- Verfasser (DE-588)128809868 aut Software security building security in Gary McGraw 1. printing Upper Saddle River, NJ ; Munich [u.a.] Addison-Wesley 2006 XXXVI, 408 Seiten Illustrationen, Diagramme CD-ROM (12 cm) txt rdacontent n rdamedia nc rdacarrier Addison-Wesley software security series Hier auch später erschienene, unveränderte Nachdrucke Sécurité informatique Computer security Softwareschutz (DE-588)4131649-6 gnd rswk-swf Computersicherheit (DE-588)4274324-2 gnd rswk-swf Softwareentwicklung (DE-588)4116522-6 gnd rswk-swf Software Engineering (DE-588)4116521-4 gnd rswk-swf Software Engineering (DE-588)4116521-4 s Softwareschutz (DE-588)4131649-6 s DE-604 Softwareentwicklung (DE-588)4116522-6 s Computersicherheit (DE-588)4274324-2 s 1\p DE-604 HBZ Datenaustausch application/pdf http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=014889403&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA Inhaltsverzeichnis GBV Datenaustausch application/pdf http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=014889403&sequence=000003&line_number=0002&func_code=DB_RECORDS&service_type=MEDIA Inhaltsverzeichnis 1\p cgwrk 20201028 DE-101 https://d-nb.info/provenance/plan#cgwrk |
| spellingShingle | McGraw, Gary 1966- Software security building security in Sécurité informatique Computer security Softwareschutz (DE-588)4131649-6 gnd Computersicherheit (DE-588)4274324-2 gnd Softwareentwicklung (DE-588)4116522-6 gnd Software Engineering (DE-588)4116521-4 gnd |
| subject_GND | (DE-588)4131649-6 (DE-588)4274324-2 (DE-588)4116522-6 (DE-588)4116521-4 |
| title | Software security building security in |
| title_auth | Software security building security in |
| title_exact_search | Software security building security in |
| title_exact_search_txtP | Software security building security in |
| title_full | Software security building security in Gary McGraw |
| title_fullStr | Software security building security in Gary McGraw |
| title_full_unstemmed | Software security building security in Gary McGraw |
| title_short | Software security |
| title_sort | software security building security in |
| title_sub | building security in |
| topic | Sécurité informatique Computer security Softwareschutz (DE-588)4131649-6 gnd Computersicherheit (DE-588)4274324-2 gnd Softwareentwicklung (DE-588)4116522-6 gnd Software Engineering (DE-588)4116521-4 gnd |
| topic_facet | Sécurité informatique Computer security Softwareschutz Computersicherheit Softwareentwicklung Software Engineering |
| url | http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=014889403&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=014889403&sequence=000003&line_number=0002&func_code=DB_RECORDS&service_type=MEDIA |
| work_keys_str_mv | AT mcgrawgary softwaresecuritybuildingsecurityin |
Es ist kein Print-Exemplar vorhanden.
Inhaltsverzeichnis