Overview

Most security books are targeted at security engineers and specialists. Few show how build security into software. None breakdown the different concerns facing security at different levels of the system: the enterprise, architectural and operational layers. Security Patterns addresses the full spectrum of security in systems design, using best practice solutions to show how to integrate security in the broader engineering process.
  • Essential for designers building ...
See more details below
Security Patterns: Integrating Security and Systems Engineering

Available on NOOK devices and apps  
  • NOOK Devices
  • NOOK HD/HD+ Tablet
  • NOOK
  • NOOK Color
  • NOOK Tablet
  • Tablet/Phone
  • NOOK for Windows 8 Tablet
  • NOOK for iOS
  • NOOK for Android
  • NOOK Kids for iPad
  • PC/Mac
  • NOOK for Windows 8
  • NOOK for PC
  • NOOK for Mac
  • NOOK Study
  • NOOK for Web

Want a NOOK? Explore Now

NOOK Book (eBook)
$45.99
BN.com price
(Save 42%)$80.00 List Price
Note: This NOOK Book can be purchased in bulk. Please email us for more information.

Overview

Most security books are targeted at security engineers and specialists. Few show how build security into software. None breakdown the different concerns facing security at different levels of the system: the enterprise, architectural and operational layers. Security Patterns addresses the full spectrum of security in systems design, using best practice solutions to show how to integrate security in the broader engineering process.
  • Essential for designers building large-scale systems who want best practice solutions to typical security problems
  • Real world case studies illustrate how to use the patterns in specific domains

For more information visit securitypatterns.org

Read More Show Less

Product Details

  • ISBN-13: 9781118725931
  • Publisher: Wiley, John & Sons, Incorporated
  • Publication date: 7/12/2013
  • Series: Wiley Software Patterns Series
  • Sold by: Barnes & Noble
  • Format: eBook
  • Edition number: 1
  • Pages: 448
  • File size: 6 MB

Meet the Author

Authors
  • Markus Schumacher, SAP AG, Germany,
  • Eduardo Fernandez-Buglioni, Florida Atlantic University, USA,
  • Duane Hybertson, The MITRE Corp, USA,
  • Frank Buschmann, Siemens AG, Germany,
  • Peter Sommerlad, Hochschule für Technik Rapperswil, Germany
Read More Show Less

Table of Contents

Chapter 1: The Pattern Approach.

Patterns at a Glance.

No Pattern is an Island.

Patterns Everywhere.

Humans are the Target.

Patterns Resolve Problems and Shape Environments.

Towards Pattern Languages.

Documenting Patterns.

A Brief Note on The History of Patterns.

The Pattern Community and its Culture.

Chapter 2: Security Foundations.

Overview.

Security Taxonomy.

General Security Resources.

Chapter 3: Security Patterns.

The History of Security Patterns.

Characteristics of Security Patterns.

Why Security Patterns?

Sources for Security Pattern Mining.

Chapter 4: Patterns Scope and Enterprise Security.

The Scope of Patterns in the Book.

Organization Factors.

Resulting Organization.

Mapping to the Taxonomy.

Organization in the Context of an Enterprise Framework.

Chapter 5: The Security Pattern Landscape.

Enterprise Security and Risk Management Patterns.

Identification & Authentication (I&A) Patterns.

Access Control Model Patterns.

System Access Control Architecture Patterns.

Operating System Access Control Patterns.

Accounting Patterns.

Firewall Architecture Patterns.

Secure Internet Applications Patterns.

Cryptographic Key Management Patterns.

Related Security Pattern Repositories Patterns.

Chapter 6: Enterprise Security and Risk Management.

Security Needs Identification for Enterprise Assets.

Asset Valuation.

Threat Assessment.

Vulnerability Assessment.

Risk Determination.

Enterprise Security Approaches.

Enterprise Security Services.

Enterprise Partner Communication.

Chapter 7: Identification and Authentication (I&A).

I&A Requirements.

Automated I&A Design Alternatives.

Password Design and Use.

Biometrics Design Alternatives.

Chapter 8: Access Control Models.

Authorization.

Role-Based Access Control.

Multilevel Security.

Reference Monitor.

Role Rights Definition.

Chapter 9: System Access Control Architecture.

Access Control Requirements.

Single Access Point.

Check Point.

Security Session.

Full Access with Errors.

Limited Access.

Chapter 10: Operating System Access Control.

Authenticator.

Controlled Process Creator.

Controlled Object Factory.

Controlled Object Monitor.

Controlled Virtual Address Space.

Execution Domain.

Controlled Execution Environment.

File Authorization.

Chapter 11: Accounting.

Security Accounting Requirements.

Audit Requirements.

Audit Trails and Logging Requirements.

Intrusion Detection Requirements.

Non-Repudiation Requirements.

Chapter 12: Firewall Architectures.

Packet Filter Firewall.

Proxy-Based Firewall.

Stateful Firewall.

Chapter 13: Secure Internet Applications.

Information Obscurity.

Secure Channels.

Known Partners.

Demilitarized Zone.

Protection Reverse Proxy.

Integration Reverse Proxy.

Front Door.

Chapter 14: Case Study: IP Telephony.

IP Telephony at a Glance.

The Fundamentals of IP Telephony.

Vulnerabilities of IP Telephony Components.

IP Telephony Use Cases.

Securing IP telephony with patterns.

Applying Individual Security Patterns.

Conclusion.

Chapter 15: Supplementary Concepts.

Security Principles and Security Patterns.

Enhancing Security Patterns with Misuse Cases.

Chapter 16: Closing Remarks.

References.

Index.

Read More Show Less

Customer Reviews

Be the first to write a review
( 0 )
Rating Distribution

5 Star

(0)

4 Star

(0)

3 Star

(0)

2 Star

(0)

1 Star

(0)

Your Rating:

Your Name: Create a Pen Name or

Barnes & Noble.com Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & Noble.com that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & Noble.com does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at BN.com or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation

Reminder:

  • - By submitting a review, you grant to Barnes & Noble.com and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Noble.com Terms of Use.
  • - Barnes & Noble.com reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & Noble.com also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on BN.com. It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

 
Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously

    If you find inappropriate content, please report it to Barnes & Noble
    Why is this product inappropriate?
    Comments (optional)