Автор: Ransome, James F., Phd, Cism, Cissp Misra, Anmol (cisco Systems, Inc., San Jose, California, Usa) Merkow, Mark S. (technical Security Strategy, Scotts Название: Practical core software security ISBN: 1032276037 ISBN-13(EAN): 9781032276038 Издательство: Taylor&Francis Рейтинг: Цена: 11482.00 р. Наличие на складе: Есть у поставщика Поставка под заказ.
Описание: This textbook explains developer-centric software security, a holistic process to engage security. As long as software is developed by humans, it requires the human element to fix it. It outlines a step-by-step process for software security that is focused on educating graduate and undergraduate students.
Автор: Ransome James, Misra Anmol Название: Core Software Security: Security at the Source ISBN: 103202741X ISBN-13(EAN): 9781032027418 Издательство: Taylor&Francis Рейтинг: Цена: 7654.00 р. Наличие на складе: Есть у поставщика Поставка под заказ.
Описание:
"... an engaging book that will empower readers in both large and small software development and engineering organizations to build security into their products. ... Readers are armed with firm solutions for the fight against cyber threats." -Dr. Dena Haritos Tsamitis. Carnegie Mellon University
"... a must read for security specialists, software developers and software engineers. ... should be part of every security professional's library." -Dr. Larry Ponemon, Ponemon Institute "... the definitive how-to guide for software security professionals. Dr. Ransome, Anmol Misra, and Brook Schoenfield deftly outline the procedures and policies needed to integrate real security into the software development process. ...A must-have for anyone on the front lines of the Cyber War ..." -Cedric Leighton, Colonel, USAF (Ret.), Cedric Leighton Associates "Dr. Ransome, Anmol Misra, and Brook Schoenfield give you a magic formula in this book - the methodology and process to build security into the entire software development life cycle so that the software is secured at the source! " -Eric S. Yuan, Zoom Video Communications There is much publicity regarding network security, but the real cyber Achilles' heel is insecure software. Millions of software vulnerabilities create a cyber house of cards, in which we conduct our digital lives. In response, security people build ever more elaborate cyber fortresses to protect this vulnerable software. Despite their efforts, cyber fortifications consistently fail to protect our digital treasures. Why? The security industry has failed to engage fully with the creative, innovative people who write software. Core Software Security expounds developer-centric software security, a holistic process to engage creativity for security. As long as software is developed by humans, it requires the human element to fix it. Developer-centric security is not only feasible but also cost effective and operationally relevant. The methodology builds security into software development, which lies at the heart of our cyber infrastructure. Whatever development method is employed, software must be secured at the source.
Book Highlights:
Supplies a practitioner's view of the SDL
Considers Agile as a security enabler
Covers the privacy elements in an SDL
Outlines a holistic business-savvy SDL framework that includes people, process, and technology
Highlights the key success factors, deliverables, and metrics for each phase of the SDL
Examines cost efficiencies, optimized performance, and organizational structure of a developer-centric software security program and PSIRT
Includes a chapter by noted security architect Brook Schoenfield who shares his insights and experiences in applying the book's SDL framework
View the authors' website at http: //www.androidinsecurity.com/
Автор: Ransome, James F. Название: Practical Core Software Security ISBN: 1032333146 ISBN-13(EAN): 9781032333144 Издательство: Taylor&Francis Рейтинг: Цена: 30624.00 р. Наличие на складе: Есть у поставщика Поставка под заказ.
Автор: Huang, Dijiang Chowdhary, Ankur Pisharody, Sandeep Название: Software-defined networking and security ISBN: 036778064X ISBN-13(EAN): 9780367780647 Издательство: Taylor&Francis Рейтинг: Цена: 7961.00 р. Наличие на складе: Есть у поставщика Поставка под заказ.
Описание: This book seeks to educate the reader regarding Cyber Maneuver or Adaptive Cyber Defense.
Автор: Das, Ravindra, Название: The science of biometrics : ISBN: 1498761240 ISBN-13(EAN): 9781498761246 Издательство: Taylor&Francis Рейтинг: Цена: 9033.00 р. Наличие на складе: Есть у поставщика Поставка под заказ.
Описание: The Science of Biometrics covers technical aspects of iris and facial recognition, focusing primarily on mathematical and statistical algorithms that run the verification and identification processes in these modalities.
Автор: Tevfik Bultan; Fang Yu; Muath Alkhalaf; Abdulbaki Название: String Analysis for Software Verification and Security ISBN: 3319686682 ISBN-13(EAN): 9783319686684 Издательство: Springer Рейтинг: Цена: 10366.00 р. Наличие на складе: Есть у поставщика Поставка под заказ.
Описание:
This book discusses automated string-analysis techniques, focusing particularly on automata-based static string analysis. It covers the following topics: automata-bases string analysis, computing pre and post-conditions of basic string operations using automata, symbolic representation of automata, forward and backward string analysis using symbolic automata representation, constraint-based string analysis, string constraint solvers, relational string analysis, vulnerability detection using string analysis, string abstractions, differential string analysis, and automated sanitization synthesis using string analysis.
String manipulation is a crucial part of modern software systems; for example, it is used extensively in input validation and sanitization and in dynamic code and query generation. The goal of string-analysis techniques and this book is to determine the set of values that string expressions can take during program execution. String analysis can be used to solve many problems in modern software systems that relate to string manipulation, such as: (1) Identifying security vulnerabilities by checking if a security sensitive function can receive an input string that contains an exploit; (2) Identifying possible behaviors of a program by identifying possible values for dynamically generated code; (3) Identifying html generation errors by computing the html code generated by web applications; (4) Identifying the set of queries that are sent to back-end database by analyzing the code that generates the SQL queries; (5) Patching input validation and sanitization functions by automatically synthesizing repairs illustrated in this book.
Like many other program-analysis problems, it is not possible to solve the string analysis problem precisely (i.e., it is not possible to precisely determine the set of string values that can reach a program point). However, one can compute over- or under-approximations of possible string values. If the approximations are precise enough, they can enable developers to demonstrate existence or absence of bugs in string manipulating code. String analysis has been an active research area in the last decade, resulting in a wide variety of string-analysis techniques.
This book will primarily target researchers and professionals working in computer security, software verification, formal methods, software engineering and program analysis. Advanced level students or instructors teaching or studying courses in computer security, software verification or program analysis will find this book useful as a secondary text.
Описание: The projects tackled by the software development industry have grown in scale and complexity. Costs are increasing along with the number of developers. Power bills for distributed projects have reached the point where optimisations pay literal dividends. Over the last 10 years, a software development movement has gained traction, a movement founded in games development. The limited resources and complexity of the software and hardware needed to ship modern game titles demanded a different approach.Data-oriented design is inspired by high-performance computing techniques, database design, and functional programming values. It provides a practical methodology that reduces complexity while improving performance of both your development team and your product. Understand the goal, understand the data, understand the hardware, develop the solution.This book presents foundations and principles helping to build a deeper understanding of data-oriented design. It provides instruction on the thought processes involved when considering data as the primary detail of any project.
Автор: Gallina Название: Computer Safety, Reliability, and Security ISBN: 3319991299 ISBN-13(EAN): 9783319991290 Издательство: Springer Рейтинг: Цена: 6097.00 р. Наличие на складе: Есть у поставщика Поставка под заказ.
Описание:
This book constitutes the refereed proceedings of the 37th International Conference on Computer Safety, Reliability, and Security, SAFECOMP 2018, held in V ster s, Sweden, in September 2018.
The 19 revised full papers and 1 short paper presented together with three abstracts of keynotes were carefully reviewed and selected from 63 submissions. The papers are organized in topical sections on Automotive Safety Standards and Cross-domain Reuse Potential; Autonomous Driving and Safety Analysis; Verification; Multi-concern Assurance; Fault Tolerance; and Safety and Security Risk.
Автор: Larsen Per, Sadeghi Ahmad-Reza Название: The Continuing Arms Race: Code-Reuse Attacks and Defenses ISBN: 1970001801 ISBN-13(EAN): 9781970001808 Издательство: Mare Nostrum (Eurospan) Рейтинг: Цена: 10352.00 р. Наличие на складе: Есть у поставщика Поставка под заказ.
Описание: As human activities moved to the digital domain, so did all the well-known malicious behaviors including fraud, theft, and other trickery. There is no silver bullet, and each security threat calls for a specific answer. One specific threat is that applications accept malformed inputs, and in many cases it is possible to craft inputs that let an intruder take full control over the target computer system.The nature of systems programming languages lies at the heart of the problem. Rather than rewriting decades of well-tested functionality, this book examines ways to live with the (programming) sins of the past while shoring up security in the most efficient manner possible. We explore a range of different options, each making significant progress towards securing legacy programs from malicious inputs.The solutions explored include enforcement-type defenses, which excludes certain program executions because they never arise during normal operation. Another strand explores the idea of presenting adversaries with a moving target that unpredictably changes its attack surface thanks to randomization. We also cover tandem execution ideas where the compromise of one executing clone causes it to diverge from another thus revealing adversarial activities. The main purpose of this book is to provide readers with some of the most influential works on run-time exploits and defenses. We hope that the material in this book will inspire readers and generate new ideas and paradigms.
Автор: Das Название: The Science of Biometrics ISBN: 1138594423 ISBN-13(EAN): 9781138594425 Издательство: Taylor&Francis Рейтинг: Цена: 28327.00 р. Наличие на складе: Есть у поставщика Поставка под заказ.
Описание: The Science of Biometrics covers technical aspects of iris and facial recognition, focusing primarily on mathematical and statistical algorithms that run the verification and identification processes in these modalities.
Автор: Marcus Handte, Pedro Jose Marron, Gregor Schiele, Manuel Serrano Matoses Название: Adaptive Middleware for the Internet of Things: The GAMBAS Approach ISBN: 8793519788 ISBN-13(EAN): 9788793519787 Издательство: Taylor&Francis Рейтинг: Цена: 14086.00 р. Наличие на складе: Есть у поставщика Поставка под заказ.
Описание: Over the past years, a considerable amount of effort has been devoted, both in industry and academia, towards the development of basic technology as well as innovative applications for the Internet of Things. Adaptive Middleware for the Internet of Things introduces a scalable, interoperable and privacy-preserving approach to realize IoT applications and discusses abstractions and mechanisms at the middleware level that simplify the realization of services that can adapt autonomously to the behavior of their users. Technical topics discussed in the book include: Behavior-driven Autonomous Services GAMBAS Middleware Architecture Generic and Efficient Data Acquisition Interoperable and Scalable Data Processing Automated Privacy Preservation Adaptive Middleware for the Internet of Things summarizes the results of the GAMBAS research project funded by the European Commission under Framework Programme 7. It provides an in-depth description of the middleware system developed by the project consortium. In addition, the book describes several innovative mobility and monitoring applications that have been built, deployed and operated to evaluate the middleware under realistic conditions with a large number of users. Adaptive Middleware for the Internet of Things is ideal for personnel in the computer and communication industries as well as academic staff and research students in computer science interested in the development of systems and applications for the Internet of Things.
Описание: Based on their experience at Google, software engineers Titus Winters and Hyrum Wright, along with technical writer Tom Manshreck, present a candid and insightful look at how some of the world`s leading practitioners construct and maintain software.
ООО "Логосфера " Тел:+7(495) 980-12-10 www.logobook.ru
