| 000 | 07675nam a22004693i 4500 | ||
|---|---|---|---|
| 001 | EBC1245159 | ||
| 003 | MiAaPQ | ||
| 005 | 20181121170334.0 | ||
| 006 | m o d | | ||
| 007 | cr cnu|||||||| | ||
| 008 | 181113s2013 xx o ||||0 eng d | ||
| 020 |
_a9781119970484 _q(electronic bk.) |
||
| 020 | _z9781119998945 | ||
| 035 | _a(MiAaPQ)EBC1245159 | ||
| 035 | _a(Au-PeEL)EBL1245159 | ||
| 035 | _a(CaPaEBR)ebr11099614 | ||
| 035 | _a(OCoLC)862412155 | ||
| 040 |
_aMiAaPQ _beng _erda _epn _cMiAaPQ _dMiAaPQ |
||
| 050 | 4 | _aTK5105.59 | |
| 082 | 0 | _a005.8 | |
| 100 | 1 | _aFernandez-Buglioni, Eduardo. | |
| 245 | 1 | 0 |
_aSecurity Patterns in Practice : _bDesigning Secure Architectures Using Software Patterns. |
| 250 | _a1st ed. | ||
| 264 | 1 |
_aNew York : _bJohn Wiley & Sons, Incorporated, _c2013. |
|
| 264 | 4 | _c©2013. | |
| 300 | _a1 online resource (959 pages) | ||
| 336 |
_atext _btxt _2rdacontent |
||
| 337 |
_acomputer _bc _2rdamedia |
||
| 338 |
_aonline resource _bcr _2rdacarrier |
||
| 490 | 1 | _aWiley Software Patterns Ser. | |
| 505 | 0 | _aCover -- Half Title page -- Title page -- Copyright page -- Dedication -- About the Author -- About the Foreword Author -- Foreword -- Preface -- Part I: Introduction -- Chapter 1: Motivation and Objectives -- 1.1 Why Do We Need Security Patterns? -- 1.2 Some Basic Definitions -- 1.3 The History of Security Patterns -- 1.4 Industrial Use of Security Patterns -- 1.5 Other Approaches to Building Secure Systems -- Chapter 2: Patterns and Security Patterns -- 2.1 What is a Security Pattern? -- 2.2 The Nature of Security Patterns -- 2.3 Pattern Descriptions and Catalogs -- 2.4 The Anatomy of a Security Pattern -- 2.5 Pattern Diagrams -- 2.6 How Can We Classify Security Patterns? -- 2.7 Pattern Mining -- 2.8 Uses for Security Patterns -- 2.9 How to Evaluate Security Patterns and their Effect on Security -- 2.10 Threat Modeling and Misuse Patterns -- 2.11 Fault Tolerance Patterns -- Chapter 3: A Secure Systems Development Methodology -- 3.1 Adding Information to Patterns -- 3.2 A Lifecyle-Based Methodology -- 3.3 Using Model-Driven Engineering -- Part II: Patterns -- Chapter 4: Patterns for Identity Management -- 4.1 Introduction -- 4.2 Circle of Trust -- 4.3 Identity Provider -- 4.4 Identity Federation -- 4.5 Liberty Alliance Identity Federation -- Chapter 5: Patterns for Authentication -- 5.1 Introduction -- 5.2 Authenticator -- 5.3 Remote Authenticator/Authorizer -- 5.4 Credential -- Chapter 6: Patterns for Access Control -- 6.1 Introduction -- 6.2 Authorization -- 6.3 Role-Based Access Control -- 6.4 Multilevel Security -- 6.5 Policy-Based Access Control -- 6.6 Access Control List -- 6.7 Capability -- 6.8 Reified Reference Monitor -- 6.9 Controlled Access Session -- 6.10 Session-Based Role-Based Access Control -- 6.11 Security Logger and Auditor -- Chapter 7: Patterns for Secure Process Management -- 7.1 Introduction -- 7.2 Secure Process/Thread. | |
| 505 | 8 | _a7.3 Controlled-Process Creator -- 7.4 Controlled-Object Factory -- 7.5 Controlled-Object Monitor -- 7.6 Protected Entry Points -- 7.7 Protection Rings -- Chapter 8: Patterns for Secure Execution and File Management -- 8.1 Introduction -- 8.2 Virtual Address Space Access Control -- 8.3 Execution Domain -- 8.4 Controlled Execution Domain -- 8.5 Virtual Address Space Structure Selection -- Chapter 9: Patterns for Secure OS Architecture and Administration -- 9.1 Introduction -- 9.2 Modular Operating System Architecture -- 9.3 Layered Operating System Architecture -- 9.4 Microkernel Operating System Architecture -- 9.5 Virtual Machine Operating System Architecture -- 9.6 Administrator Hierarchy -- 9.7 File Access Control -- Chapter 10: Security Patterns for Networks -- 10.1 Introduction -- 10.2 Abstract Virtual Private Network -- 10.3 IPSec VPN -- 10.4 TLS Virtual Private Network -- 10.5 Transport Layer Security -- 10.6 Abstract IDS -- 10.7 Signature-Based IDS -- 10.8 Behavior-Based IDS -- Chapter 11: Patterns for Web Services Security -- 11.1 Introduction -- 11.2 Application Firewall -- 11.3 XML Firewall -- 11.4 XACML Authorization -- 11.5 XACML Access Control Evaluation -- 11.6 Web Services Policy Language -- 11.7 WS-Policy -- 11.8 WS-Trust -- 11.9 SAML Assertion -- Chapter 12: Patterns for Web Services Cryptography -- 12.1 Introduction -- 12.2 Symmetric Encryption -- 12.3 Asymmetric Encryption -- 12.4 Digital Signature with Hashing -- 12.5 XML Encryption -- 12.6 XML Signature -- 12.7 WS-Security -- Chapter 13: Patterns for Secure Middleware -- 13.1 Introduction -- 13.2 Secure Broker -- 13.3 Secure Pipes and Filters -- 13.4 Secure Blackboard -- 13.5 Secure Adapter -- 13.6 Secure Three-Tier Architecture -- 13.7 Secure Enterprise Service Bus -- 13.8 Secure Distributed Publish/Subscribe -- 13.9 Secure Model-View-Controller -- Chapter 14: Misuse Patterns. | |
| 505 | 8 | _a14.1 Introduction -- 14.2 Worm -- 14.3 Denial-of-Service in VoIP -- 14.4 Spoofing Web Services -- Chapter 15: Patterns for Cloud Computing Architecture -- 15.1 Introduction -- 15.2 Infrastructure-as-a-Service -- 15.3 Platform-as-a-Service -- 15.4 Software-as-a-Service -- Part III: Use of the Patterns -- Chapter 16: Building Secure Architectures -- 16.1 Enumerating Threats -- 16.2 The Analysis Stage -- 16.3 The Design Stage -- 16.4 Secure Handling of Legal Cases -- 16.5 SCADA Systems -- 16.6 Medical Applications -- 16.7 Conclusions -- Chapter 17: Summary and the Future of Security Patterns -- 17.1 Summary of Patterns -- 17.2 Future Research Directions for Security Patterns -- 17.3 Security Principles -- 17.4 The Future -- Appendix A: Pseudocode for XACML Access Control Evaluation -- A.1 Pseudocode for retrieveApplicablePolicy() -- A.2 Pseudocode for evaluateApplicablePolicy() -- Glossary -- References -- Index of Patterns -- Index. | |
| 520 | _aLearn to combine security theory and code to produce secure systems Security is clearly a crucial issue to consider during the design and implementation of any distributed software architecture. Security patterns are increasingly being used by developers who take security into serious consideration from the creation of their work. Written by the authority on security patterns, this unique book examines the structure and purpose of security patterns, illustrating their use with the help of detailed implementation advice, numerous code samples, and descriptions in UML. Provides an extensive, up-to-date catalog of security patterns Shares real-world case studies so you can see when and how to use security patterns in practice Details how to incorporate security from the conceptual stage Highlights tips on authentication, authorization, role-based access control, firewalls, wireless networks, middleware, VoIP, web services security, and more Author is well known and highly respected in the field of security and an expert on security patterns Security Patterns in Practice shows you how to confidently develop a secure system step by step. | ||
| 588 | _aDescription based on publisher supplied metadata and other sources. | ||
| 590 | _aElectronic reproduction. Ann Arbor, Michigan : ProQuest Ebook Central, 2018. Available via World Wide Web. Access may be limited to ProQuest Ebook Central affiliated libraries. | ||
| 650 | 0 | _aComputer architecture. | |
| 655 | 4 | _aElectronic books. | |
| 776 | 0 | 8 |
_iPrint version: _aFernandez-Buglioni, Eduardo _tSecurity Patterns in Practice : Designing Secure Architectures Using Software Patterns _dNew York : John Wiley & Sons, Incorporated,c2013 _z9781119998945 |
| 797 | 2 | _aProQuest (Firm) | |
| 830 | 0 | _aWiley Software Patterns Ser. | |
| 856 | 4 | 0 |
_uhttps://ebookcentral.proquest.com/lib/buse-ebooks/detail.action?docID=1245159 _zClick to View |
| 999 |
_c110493 _d110493 |
||