Software security: building security in
Gespeichert in:
1. Verfasser: | |
---|---|
Format: | Buch |
Sprache: | English |
Veröffentlicht: |
Upper Saddle River, NJ ; Munich [u.a.]
Addison-Wesley
2007
|
Ausgabe: | 3. print. |
Schriftenreihe: | Software security library
[3] |
Schlagworte: | |
Online-Zugang: | Inhaltsverzeichnis |
Beschreibung: | XXXVI, 408 S. Ill., graph. Darst. 1 CD-ROM ; (12 cm) |
ISBN: | 0321356705 |
Internformat
MARC
LEADER | 00000nam a2200000 cb4500 | ||
---|---|---|---|
001 | BV023032240 | ||
003 | DE-604 | ||
005 | 20071204 | ||
007 | t | ||
008 | 071203s2007 ad|| |||| 00||| eng d | ||
020 | |a 0321356705 |9 0-321-35670-5 | ||
035 | |a (OCoLC)551943695 | ||
035 | |a (DE-599)BVBBV023032240 | ||
040 | |a DE-604 |b ger |e rakwb | ||
041 | 0 | |a eng | |
049 | |a DE-739 |a DE-384 | ||
082 | 0 | |a 005.8 | |
084 | |a ST 230 |0 (DE-625)143617: |2 rvk | ||
100 | 1 | |a McGraw, Gary |d 1966- |e Verfasser |0 (DE-588)128809868 |4 aut | |
245 | 1 | 0 | |a Software security |b building security in |c Gary McGraw |
250 | |a 3. print. | ||
264 | 1 | |a Upper Saddle River, NJ ; Munich [u.a.] |b Addison-Wesley |c 2007 | |
300 | |a XXXVI, 408 S. |b Ill., graph. Darst. |e 1 CD-ROM ; (12 cm) | ||
336 | |b txt |2 rdacontent | ||
337 | |b n |2 rdamedia | ||
338 | |b nc |2 rdacarrier | ||
490 | 1 | |a Software security library |v [3] | |
490 | 0 | |a Addison-Wesley software security series | |
650 | 4 | |a Computer security | |
650 | 0 | 7 | |a Softwareentwicklung |0 (DE-588)4116522-6 |2 gnd |9 rswk-swf |
650 | 0 | 7 | |a Software Engineering |0 (DE-588)4116521-4 |2 gnd |9 rswk-swf |
650 | 0 | 7 | |a Softwareschutz |0 (DE-588)4131649-6 |2 gnd |9 rswk-swf |
650 | 0 | 7 | |a Computersicherheit |0 (DE-588)4274324-2 |2 gnd |9 rswk-swf |
689 | 0 | 0 | |a Software Engineering |0 (DE-588)4116521-4 |D s |
689 | 0 | 1 | |a Softwareschutz |0 (DE-588)4131649-6 |D s |
689 | 0 | |5 DE-604 | |
689 | 1 | 0 | |a Softwareentwicklung |0 (DE-588)4116522-6 |D s |
689 | 1 | 1 | |a Softwareschutz |0 (DE-588)4131649-6 |D s |
689 | 1 | |5 DE-604 | |
689 | 2 | 0 | |a Software Engineering |0 (DE-588)4116521-4 |D s |
689 | 2 | 1 | |a Computersicherheit |0 (DE-588)4274324-2 |D s |
689 | 2 | |8 1\p |5 DE-604 | |
830 | 0 | |a Software security library |v [3] |w (DE-604)BV021656376 |9 3 | |
856 | 4 | 2 | |m Digitalisierung UB Passau |q application/pdf |u http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=016236092&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA |3 Inhaltsverzeichnis |
999 | |a oai:aleph.bib-bvb.de:BVB01-016236092 | ||
883 | 1 | |8 1\p |a cgwrk |d 20201028 |q DE-101 |u https://d-nb.info/provenance/plan#cgwrk |
Datensatz im Suchindex
_version_ | 1804137257404203008 |
---|---|
adam_text | Contents
Foreword
xix
Preface
xxiii
Acknowledgments
xxxi
About the Author
xxxv
Part I: Software Security Fundamentals
1
1
Defining a Discipline
3
The Security Problem
4
The Trinity of Trouble: Why the Problem Is Growing
5
Basic Science
10
Security Problems in Software
14
Bugs and Flaws and Defects, Oh My!
14
The Range of Defects
18
The Problem with Application Security
20
Software Security and Operations
23
Solving the Problem: The Three Pillars of Software Security
25
Pillar I: Applied Risk Management
26
Pillar II: Software Security Touchpoints
27
Pillar III: Knowledge
35
The Rise of Security Engineering
37
Software Security Is Everyone s Job
38
2
A Risk Management Framework
39
Putting Risk Management into Practice
40
How to Use This Chapter
41
The Five Stages of Activity
42
Stage
1 :
Understand the Business Context
43
Stage
2:
Identify the Business and Technical Risks
43
Stage
3:
Synthesize and Rank the Risks
44
Stage
4:
Define the Risk Mitigation Strategy
45
Stage
5:
Carry Out Fixes and Validate
45
Measuring and Reporting on Risk
46
The RMF Is a Multilevel Loop
46
Applying the RMF: KillerAppCo s iWare
1.0
Server
48
Understanding the Business Context
49
Identifying the Business and Technical Risks
50
Synthesizing and Ranking the Risks
63
Defining the Risk Mitigation Strategy
69
Carrying Out Fixes and Validating
73
The Importance of Measurement
73
Measuring Return
74
Measurement and Metrics in the RMF
75
The Cigital Workbench
76
Risk Management Is a Framework for Software Security
79
Part II: Seven Touchpoints for Software Security
81
3
Introduction to Software Security Touchpoints
83
Flyover: Seven Terrific Touchpoints
86
1.
Code Review (Tools)
86
2.
Architectural Risk Analysis
86
3.
Penetration Testing
87
4.
Risk-Based Security Testing
87
5.
Abuse Cases
88
6.
Security Requirements
88
7.
Security Operations
88
*.
External Analysis
88
Why Only Seven?
89
Black and White: Two Threads Inextricably Intertwined
89
Moving Left
91
Touchpoints as Best Practices
94
Who Should Do Software Security?
96
Building a Software Security Group
97
Software Security Is a Multidisciplinary Effort
100
Touchpoints to Success
103
4
Code Review with a Tool
105
Catching Implementation Bugs Early (with a Tool)
106
Aim for Good, Not Perfect
108
Ancient History
109
Approaches to Static Analysis
110
The History of Rule Coverage
112
Modern Rules
114
Tools from Researchland
114
Commercial Tool Vendors
123
Commercial Source Code Analyzers
124
Key Characteristics of a Tool
125
Three Characteristics to Avoid
127
The Fortify Source Code Analysis Suite
127
The Fortify Knowledge Base
132
Using Fortify
134
Touchpoint Process: Code Review
135
Use a Tool to Find Security Bugs
137
5
Architectural Risk Analysis
139
Common Themes among Security Risk Analysis Approaches
140
Traditional Risk Analysis Terminology
144
Knowledge Requirement
147
The Necessity of a Forest-Level View
148
A Traditional Example of a Risk Calculation
152
Limitations of Traditional Approaches
153
Modern Risk Analysis
154
Security Requirements
155
A Basic Risk Analysis Approach
156
Touchpoint Process: Architectural Risk Analysis
161
Attack Resistance Analysis
163
Ambiguity Analysis
165
Weakness Analysis
167
Getting Started with Risk Analysis
169
Architectural Risk Analysis Is a Necessity
170
6
Software
Penetration
Testing
171
Penetration
Testing
Today 173
Software Penetration
Testing
—
a Better Approach
178
Make Use of Tools
179
Test More Than Once
182
Incorporating Findings Back into Development
183
Using Penetration Tests to Assess the Application
Landscape
184
Proper Penetration Testing Is Good
185
7
Risk-Based Security Testing
187
What s So Different about Security?
191
Risk Management and Security Testing
192
How to Approach Security Testing
193
Who
193
How
194
Thinking about (Malicious) Input
201
Getting Over Input
203
Leapfrogging the Penetration Test
204
8
Abuse Cases
205
Security Is Not a Set of Features
209
What You Can t Do
210
Creating Useful Abuse Cases
211
But No One Would Ever Do That!
212
Touchpoint Process: Abuse Case Development
213
Creating Anti-Requirements
213
Creating an Attack Model
216
An Abuse Case Example
217
Abuse Cases Are Useful
222
9
Software Security Meets Security Operations
223
Don t Stand So Close to Me
224
Kumbaya (for Software Security)
225
Come Together (Right Now)
232
Future s So Bright, I Gotta Wear Shades
235
Part III: Software Security Grows Up
237
10
An Enterprise Software Security Program
239
The Business Climate
240
Building Blocks of Change
242
Building an Improvement Program
246
Establishing a Metrics Program
247
A Three-Step Enterprise Rollout
248
Continuous Improvement
250
What about COTS (and Existing Software Applications)?
251
An Enterprise Information Architecture
253
Adopting a Secure Development Lifecycle
256
11
Knowledge for Software Security
259
Experience, Expertise, and Security
261
Security Knowledge: A Unified View
262
Security Knowledge and the Touchpoints
268
The Department of Homeland Security Build
Security In Portal
269
Knowledge Management Is Ongoing
274
Software Security Now
275
12
A Taxonomy of Coding Errors
277
On Simplicity: Seven Plus or Minus Two
279
Input Validation and Representation
279
API Abuse
279
Security Features
280
Time and State
280
Error Handling
281
Code Quality
281
Encapsulation
281
Environment
282
The Phyla
282
More Phyla Needed
289
A Complete Example
290
Lists, Piles, and Collections
292
Nineteen Sins Meet Seven Kingdoms
296
Seven Kingdoms and the
О
WASP Ten
297
Go Forth (with the Taxonomy) and Prosper
297
13
Annotated Bibliography and References
299
Annotated Bibliography: An Emerging Literature
299
Required Reading: The Top Five
299
References Cited in Software Security: Building
Security In
300
Government and Standards Publications Cited
312
Other Important References
313
Software Security Puzzle Pieces
318
Basic Science: Open Research Areas
319
Appendices
321
A Fortify Source Code Analysis Suite Tutorial
323
1.
Introducing the Audit Workbench
324
2.
Auditing Source Code Manually
326
3.
Ensuring a Working Build Environment
328
4.
Running the Source Code Analysis Engine
329
5.
Exploring the Basic
SCA
Engine Command Line
Arguments
332
6.
Understanding Raw Analysis Results
333
7.
Integrating with an Automated Build Process
335
8.
Using the Audit Workbench
339
9.
Auditing Open Source Applications
342
В
ITS4 Rules
345
С
An Exercise in Risk Analysis: Smurfware
385
SmurfWare SmurfScanner Risk Assessment Case Study
385
SmurfWare SmurfScanner Design for Security
390
D
Glossary
393
Index
395
|
adam_txt |
Contents
Foreword
xix
Preface
xxiii
Acknowledgments
xxxi
About the Author
xxxv
Part I: Software Security Fundamentals
1
1
Defining a Discipline
3
The Security Problem
4
The Trinity of Trouble: Why the Problem Is Growing
5
Basic Science
10
Security Problems in Software
14
Bugs and Flaws and Defects, Oh My!
14
The Range of Defects
18
The Problem with Application Security
20
Software Security and Operations
23
Solving the Problem: The Three Pillars of Software Security
25
Pillar I: Applied Risk Management
26
Pillar II: Software Security Touchpoints
27
Pillar III: Knowledge
35
The Rise of Security Engineering
37
Software Security Is Everyone's Job
38
2
A Risk Management Framework
39
Putting Risk Management into Practice
40
How to Use This Chapter
41
The Five Stages of Activity
42
Stage
1 :
Understand the Business Context
43
Stage
2:
Identify the Business and Technical Risks
43
Stage
3:
Synthesize and Rank the Risks
44
Stage
4:
Define the Risk Mitigation Strategy
45
Stage
5:
Carry Out Fixes and Validate
45
Measuring and Reporting on Risk
46
The RMF Is a Multilevel Loop
46
Applying the RMF: KillerAppCo's iWare
1.0
Server
48
Understanding the Business Context
49
Identifying the Business and Technical Risks
50
Synthesizing and Ranking the Risks
63
Defining the Risk Mitigation Strategy
69
Carrying Out Fixes and Validating
73
The Importance of Measurement
73
Measuring Return
74
Measurement and Metrics in the RMF
75
The Cigital Workbench
76
Risk Management Is a Framework for Software Security
79
Part II: Seven Touchpoints for Software Security
81
3
Introduction to Software Security Touchpoints
83
Flyover: Seven Terrific Touchpoints
86
1.
Code Review (Tools)
86
2.
Architectural Risk Analysis
86
3.
Penetration Testing
87
4.
Risk-Based Security Testing
87
5.
Abuse Cases
88
6.
Security Requirements
88
7.
Security Operations
88
*.
External Analysis
88
Why Only Seven?
89
Black and White: Two Threads Inextricably Intertwined
89
Moving Left
91
Touchpoints as Best Practices
94
Who Should Do Software Security?
96
Building a Software Security Group
97
Software Security Is a Multidisciplinary Effort
100
Touchpoints to Success
103
4
Code Review with a Tool
105
Catching Implementation Bugs Early (with a Tool)
106
Aim for Good, Not Perfect
108
Ancient History
109
Approaches to Static Analysis
110
The History of Rule Coverage
112
Modern Rules
114
Tools from Researchland
114
Commercial Tool Vendors
123
Commercial Source Code Analyzers
124
Key Characteristics of a Tool
125
Three Characteristics to Avoid
127
The Fortify Source Code Analysis Suite
127
The Fortify Knowledge Base
132
Using Fortify
134
Touchpoint Process: Code Review
135
Use a Tool to Find Security Bugs
137
5
Architectural Risk Analysis
139
Common Themes among Security Risk Analysis Approaches
140
Traditional Risk Analysis Terminology
144
Knowledge Requirement
147
The Necessity of a Forest-Level View
148
A Traditional Example of a Risk Calculation
152
Limitations of Traditional Approaches
153
Modern Risk Analysis
154
Security Requirements
155
A Basic Risk Analysis Approach
156
Touchpoint Process: Architectural Risk Analysis
161
Attack Resistance Analysis
163
Ambiguity Analysis
165
Weakness Analysis
167
Getting Started with Risk Analysis
169
Architectural Risk Analysis Is a Necessity
170
6
Software
Penetration
Testing
171
Penetration
Testing
Today 173
Software Penetration
Testing
—
a Better Approach
178
Make Use of Tools
179
Test More Than Once
182
Incorporating Findings Back into Development
183
Using Penetration Tests to Assess the Application
Landscape
184
Proper Penetration Testing Is Good
185
7
Risk-Based Security Testing
187
What's So Different about Security?
191
Risk Management and Security Testing
192
How to Approach Security Testing
193
Who
193
How
194
Thinking about (Malicious) Input
201
Getting Over Input
203
Leapfrogging the Penetration Test
204
8
Abuse Cases
205
Security Is Not a Set of Features
209
What You Can't Do
210
Creating Useful Abuse Cases
211
But No One Would Ever Do That!
212
Touchpoint Process: Abuse Case Development
213
Creating Anti-Requirements
213
Creating an Attack Model
216
An Abuse Case Example
217
Abuse Cases Are Useful
222
9
Software Security Meets Security Operations
223
Don't Stand So Close to Me
224
Kumbaya (for Software Security)
225
Come Together (Right Now)
232
Future's So Bright, I Gotta Wear Shades
235
Part III: Software Security Grows Up
237
10
An Enterprise Software Security Program
239
The Business Climate
240
Building Blocks of Change
242
Building an Improvement Program
246
Establishing a Metrics Program
247
A Three-Step Enterprise Rollout
248
Continuous Improvement
250
What about COTS (and Existing Software Applications)?
251
An Enterprise Information Architecture
253
Adopting a Secure Development Lifecycle
256
11
Knowledge for Software Security
259
Experience, Expertise, and Security
261
Security Knowledge: A Unified View
262
Security Knowledge and the Touchpoints
268
The Department of Homeland Security Build
Security In Portal
269
Knowledge Management Is Ongoing
274
Software Security Now
275
12
A Taxonomy of Coding Errors
277
On Simplicity: Seven Plus or Minus Two
279
Input Validation and Representation
279
API Abuse
279
Security Features
280
Time and State
280
Error Handling
281
Code Quality
281
Encapsulation
281
Environment
282
The Phyla
282
More Phyla Needed
289
A Complete Example
290
Lists, Piles, and Collections
292
Nineteen Sins Meet Seven Kingdoms
296
Seven Kingdoms and the
О
WASP Ten
297
Go Forth (with the Taxonomy) and Prosper
297
13
Annotated Bibliography and References
299
Annotated Bibliography: An Emerging Literature
299
Required Reading: The Top Five
299
References Cited in Software Security: Building
Security In
300
Government and Standards Publications Cited
312
Other Important References
313
Software Security Puzzle Pieces
318
Basic Science: Open Research Areas
319
Appendices
321
A Fortify Source Code Analysis Suite Tutorial
323
1.
Introducing the Audit Workbench
324
2.
Auditing Source Code Manually
326
3.
Ensuring a Working Build Environment
328
4.
Running the Source Code Analysis Engine
329
5.
Exploring the Basic
SCA
Engine Command Line
Arguments
332
6.
Understanding Raw Analysis Results
333
7.
Integrating with an Automated Build Process
335
8.
Using the Audit Workbench
339
9.
Auditing Open Source Applications
342
В
ITS4 Rules
345
С
An Exercise in Risk Analysis: Smurfware
385
SmurfWare SmurfScanner Risk Assessment Case Study
385
SmurfWare SmurfScanner Design for Security
390
D
Glossary
393
Index
395 |
any_adam_object | 1 |
any_adam_object_boolean | 1 |
author | McGraw, Gary 1966- |
author_GND | (DE-588)128809868 |
author_facet | McGraw, Gary 1966- |
author_role | aut |
author_sort | McGraw, Gary 1966- |
author_variant | g m gm |
building | Verbundindex |
bvnumber | BV023032240 |
classification_rvk | ST 230 |
ctrlnum | (OCoLC)551943695 (DE-599)BVBBV023032240 |
dewey-full | 005.8 |
dewey-hundreds | 000 - Computer science, information, general works |
dewey-ones | 005 - Computer programming, programs, data, security |
dewey-raw | 005.8 |
dewey-search | 005.8 |
dewey-sort | 15.8 |
dewey-tens | 000 - Computer science, information, general works |
discipline | Informatik |
discipline_str_mv | Informatik |
edition | 3. print. |
format | Book |
fullrecord | <?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>02124nam a2200517 cb4500</leader><controlfield tag="001">BV023032240</controlfield><controlfield tag="003">DE-604</controlfield><controlfield tag="005">20071204 </controlfield><controlfield tag="007">t</controlfield><controlfield tag="008">071203s2007 ad|| |||| 00||| eng d</controlfield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">0321356705</subfield><subfield code="9">0-321-35670-5</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)551943695</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)BVBBV023032240</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-604</subfield><subfield code="b">ger</subfield><subfield code="e">rakwb</subfield></datafield><datafield tag="041" ind1="0" ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-739</subfield><subfield code="a">DE-384</subfield></datafield><datafield tag="082" ind1="0" ind2=" "><subfield code="a">005.8</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">ST 230</subfield><subfield code="0">(DE-625)143617:</subfield><subfield code="2">rvk</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">McGraw, Gary</subfield><subfield code="d">1966-</subfield><subfield code="e">Verfasser</subfield><subfield code="0">(DE-588)128809868</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Software security</subfield><subfield code="b">building security in</subfield><subfield code="c">Gary McGraw</subfield></datafield><datafield tag="250" ind1=" " ind2=" "><subfield code="a">3. print.</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="a">Upper Saddle River, NJ ; Munich [u.a.]</subfield><subfield code="b">Addison-Wesley</subfield><subfield code="c">2007</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">XXXVI, 408 S.</subfield><subfield code="b">Ill., graph. Darst.</subfield><subfield code="e">1 CD-ROM ; (12 cm)</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="b">n</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="b">nc</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="490" ind1="1" ind2=" "><subfield code="a">Software security library</subfield><subfield code="v">[3]</subfield></datafield><datafield tag="490" ind1="0" ind2=" "><subfield code="a">Addison-Wesley software security series</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Computer security</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Softwareentwicklung</subfield><subfield code="0">(DE-588)4116522-6</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Software Engineering</subfield><subfield code="0">(DE-588)4116521-4</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Softwareschutz</subfield><subfield code="0">(DE-588)4131649-6</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Computersicherheit</subfield><subfield code="0">(DE-588)4274324-2</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="689" ind1="0" ind2="0"><subfield code="a">Software Engineering</subfield><subfield code="0">(DE-588)4116521-4</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2="1"><subfield code="a">Softwareschutz</subfield><subfield code="0">(DE-588)4131649-6</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2=" "><subfield code="5">DE-604</subfield></datafield><datafield tag="689" ind1="1" ind2="0"><subfield code="a">Softwareentwicklung</subfield><subfield code="0">(DE-588)4116522-6</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="1" ind2="1"><subfield code="a">Softwareschutz</subfield><subfield code="0">(DE-588)4131649-6</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="1" ind2=" "><subfield code="5">DE-604</subfield></datafield><datafield tag="689" ind1="2" ind2="0"><subfield code="a">Software Engineering</subfield><subfield code="0">(DE-588)4116521-4</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="2" ind2="1"><subfield code="a">Computersicherheit</subfield><subfield code="0">(DE-588)4274324-2</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="2" ind2=" "><subfield code="8">1\p</subfield><subfield code="5">DE-604</subfield></datafield><datafield tag="830" ind1=" " ind2="0"><subfield code="a">Software security library</subfield><subfield code="v">[3]</subfield><subfield code="w">(DE-604)BV021656376</subfield><subfield code="9">3</subfield></datafield><datafield tag="856" ind1="4" ind2="2"><subfield code="m">Digitalisierung UB Passau</subfield><subfield code="q">application/pdf</subfield><subfield code="u">http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=016236092&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA</subfield><subfield code="3">Inhaltsverzeichnis</subfield></datafield><datafield tag="999" ind1=" " ind2=" "><subfield code="a">oai:aleph.bib-bvb.de:BVB01-016236092</subfield></datafield><datafield tag="883" ind1="1" ind2=" "><subfield code="8">1\p</subfield><subfield code="a">cgwrk</subfield><subfield code="d">20201028</subfield><subfield code="q">DE-101</subfield><subfield code="u">https://d-nb.info/provenance/plan#cgwrk</subfield></datafield></record></collection> |
id | DE-604.BV023032240 |
illustrated | Illustrated |
index_date | 2024-07-02T19:17:28Z |
indexdate | 2024-07-09T21:09:25Z |
institution | BVB |
isbn | 0321356705 |
language | English |
oai_aleph_id | oai:aleph.bib-bvb.de:BVB01-016236092 |
oclc_num | 551943695 |
open_access_boolean | |
owner | DE-739 DE-384 |
owner_facet | DE-739 DE-384 |
physical | XXXVI, 408 S. Ill., graph. Darst. 1 CD-ROM ; (12 cm) |
publishDate | 2007 |
publishDateSearch | 2007 |
publishDateSort | 2007 |
publisher | Addison-Wesley |
record_format | marc |
series | Software security library |
series2 | Software security library Addison-Wesley software security series |
spelling | McGraw, Gary 1966- Verfasser (DE-588)128809868 aut Software security building security in Gary McGraw 3. print. Upper Saddle River, NJ ; Munich [u.a.] Addison-Wesley 2007 XXXVI, 408 S. Ill., graph. Darst. 1 CD-ROM ; (12 cm) txt rdacontent n rdamedia nc rdacarrier Software security library [3] Addison-Wesley software security series Computer security Softwareentwicklung (DE-588)4116522-6 gnd rswk-swf Software Engineering (DE-588)4116521-4 gnd rswk-swf Softwareschutz (DE-588)4131649-6 gnd rswk-swf Computersicherheit (DE-588)4274324-2 gnd rswk-swf Software Engineering (DE-588)4116521-4 s Softwareschutz (DE-588)4131649-6 s DE-604 Softwareentwicklung (DE-588)4116522-6 s Computersicherheit (DE-588)4274324-2 s 1\p DE-604 Software security library [3] (DE-604)BV021656376 3 Digitalisierung UB Passau application/pdf http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=016236092&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA Inhaltsverzeichnis 1\p cgwrk 20201028 DE-101 https://d-nb.info/provenance/plan#cgwrk |
spellingShingle | McGraw, Gary 1966- Software security building security in Software security library Computer security Softwareentwicklung (DE-588)4116522-6 gnd Software Engineering (DE-588)4116521-4 gnd Softwareschutz (DE-588)4131649-6 gnd Computersicherheit (DE-588)4274324-2 gnd |
subject_GND | (DE-588)4116522-6 (DE-588)4116521-4 (DE-588)4131649-6 (DE-588)4274324-2 |
title | Software security building security in |
title_auth | Software security building security in |
title_exact_search | Software security building security in |
title_exact_search_txtP | Software security building security in |
title_full | Software security building security in Gary McGraw |
title_fullStr | Software security building security in Gary McGraw |
title_full_unstemmed | Software security building security in Gary McGraw |
title_short | Software security |
title_sort | software security building security in |
title_sub | building security in |
topic | Computer security Softwareentwicklung (DE-588)4116522-6 gnd Software Engineering (DE-588)4116521-4 gnd Softwareschutz (DE-588)4131649-6 gnd Computersicherheit (DE-588)4274324-2 gnd |
topic_facet | Computer security Softwareentwicklung Software Engineering Softwareschutz Computersicherheit |
url | http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=016236092&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA |
volume_link | (DE-604)BV021656376 |
work_keys_str_mv | AT mcgrawgary softwaresecuritybuildingsecurityin |