RESILIENT. SECURE and SOFTWARE. Requirements, Test Cases, and Testing Methods. Mark S. Merkow and Lakshmikanth Raghavan. CRC Press
|
|
- Morris Wilkins
- 8 years ago
- Views:
Transcription
1 SECURE and RESILIENT SOFTWARE Requirements, Test Cases, and Testing Methods Mark S. Merkow and Lakshmikanth Raghavan CRC Press Taylor & Francis Group Boca Raton London New York CRC Press Is an imprint of the Taylor & Francis Group, an informa business AN AUERBACH BOOK
2 Contents Preface xi How This Book Is Organized xii What's On the CD? xv About the Authors xvii Acknowledgements From Mark Merkow From Laksh Raghavan xix xvii xviii Chapter 1 Introduction Secure and Resilient Bad Design Choices Led to the Vulnerable Internet We Know Today HTTP Has Its Problems, Too Design Errors Continue Haunting Us Today Requirements & Design: The Keys to a Successful Project How Design Flaws Play Out DNS Vulnerability The London Stock Exchange Medical Equipment Airbus A Solutions Are In Sight! Notes 13 V
3 vi Contents Chapter 2 Nonfunctional Requirements (NFRs) in Context System Quality Requirements Engineering (SQUARE) Agree on Definitions Identify Assets and Security/Quality Coals Perform Risk Assessments Elicit Security Requirements Prioritize Requirements Characteristics of Good Requirements Summary Notes 23 Chapter 3 Resilience and Quality Considerations for Application Software and the Application Runtime Environment Relationships among Nonfunctional Requirements Considerations for Developing NFRs for your Applications and Runtime Environment Checking Your Work Summary Notes 52 Chapter 4 Security Requirements for Application Software Security Control Types Think Like an Attacker Detailed Security Requirements Identification Requirements Authentication Requirements Authorization Requirements Security Auditing Requirements Confidentiality Requirements Integrity Requirements Availability Requirements Nonrepudiation Requirements Immunity Requirements Survivability Requirements Systems Maintenance Security Requirements Privacy Requirements Summary References 135
4 . Contents vii Chapter 5 Security Services for the Application Operating Environment The Open Group Architecture Framework (TOGAF) Standardizing Tools for an Enterprise Architecture Security Technical Reference Model (TRM) Identification and Authentication System Entry Control Audit Access Control Nonrepudiation Security Management Trusted Recovery Encryption Trusted Communications Summary References 146 Chapter 6 Software Design Considerations for Security and Resilience Design Issues Architecture and Design Considerations Special Security Design Considerations for Payment Applications on Mobile Communications Devices Designing for Integrity Architecture and Design Review Checklist Summary References 165 Chapter 7 Best Practices for Converting Requirements to Secure Software Designs Secure Design Approach Reusable Security APIs/Libraries Security Frameworks Establishing and Following Best Practices for Design Security Requirements Security Recommendations What's an Attack Surface? What Is Managed Code? 173
5 viii Contents 7.9 Understanding Business Requirements for Security Design Summary References 176 Chapter 8 Security Test Cases Standardized Testing Policy Security Test Cases Test Cases for Identification Requirements Test Cases for Authentication Requirements Test Cases for Authorization Requirements Test Cases for Security Auditing Requirements Test Cases for Confidentiality Requirements Test Cases for Integrity Requirements Test Cases for Availability Requirements Test Cases for Nonrepudiation Requirements Test Cases for Immunity Requirements Test Cases for Survivability Requirements Test Cases for Systems Maintenance Security Requirements Summary 215 Chapter 9 Testing Methods and Best Practices Secure Testing Approach OWASP's Application Security Verification Standard (ASVS) Application Security Verification Levels Level 1 Automated Verification Level 2 Manual Verification Level 3 Design Verification Level 4 Internal Verification Security Testing Methods Manual Source Code Review Automated Source Code Analysis 225
6 Contents ix Automated Reviews Compared with Manual Reviews Automated Source Code Analysis Tools Deployment Strategy IDE Integration for Developers Build Integration for Governance Automated Dynamic Analysis Limitations of Automated Dynamic Analysis Tools Automated Dynamic Analysis Tools Deployment Strategy Developer Testing Centralized Quality Assurance Testing Penetration (Pen) Testing Gray Box Testing Summary References 232 Chapter 10 Connecting the Moving Parts OpenSAMM Security Requirements Level Security Requirements: Security Requirements: Level Security Requirements: Level Security Testing Security Testing: Level Security Testing: Level Security Testing: Level Wrap-Up 10.5 References 249 Index 251
Development. Resilient Software. Secure and. Mark S. Merkow Lakshmikanth Raghavan. CRC Press. Taylor& Francis Croup. Taylor St Francis Group,
Secure and Resilient Software Development Mark S. Merkow Lakshmikanth Raghavan CRC Press Taylor& Francis Croup Boca Raton London New York CRC Press is an imprint of the Taylor St Francis Group, an Informs
More informationDevelopment and Management
Cloud Database Development and Management Lee Chao CRC Press Taylor & Francis Group Boca Raton London New York CRC Press is an imprint of the Taylor & Francis Croup, an Informa business AN AUERBACH BOOK
More informationSOFTWARE TESTING AS A SERVICE
SOFTWARE TESTING AS A SERVICE ASHFAQUE AHMED (g) CRC Press Taylor & Francis Croup Boca Raton London New York CRC Press is an imprint of the Taylor & Francis Group, an informa business AN AUERBACH BOOK
More informationANDROID SECURITY ATTACKS AND DEFENSES ABHISHEK DUBEY I ANMOL MISRA. ( r öc) CRC Press VV J Taylor & Francis Group ^ "^ Boca Raton London New York
ANDROID SECURITY ATTACKS AND DEFENSES ABHISHEK DUBEY I ANMOL MISRA ( r öc) CRC Press VV J Taylor & Francis Group ^ "^ Boca Raton London New York CRC Press is an imprint of the Taylor & Francis Croup, an
More informationManagement. Project. Software. Ashfaque Ahmed. A Process-Driven Approach. CRC Press. Taylor Si Francis Group Boca Raton London New York
Software Project Management A Process-Driven Approach Ashfaque Ahmed CRC Press Taylor Si Francis Group Boca Raton London New York CRC Press is an imprint of the Taylor St Francis Croup, an Informa business
More informationTHE COMPLETE PROJECT MANAGEMENT METHODOLOGY AND TOOLKIT
THE COMPLETE PROJECT MANAGEMENT METHODOLOGY AND TOOLKIT GERARD M. HILL CRC Press Taylor & Francis Group Boca Raton London New York CRC Press is an imprint of the Taylor & Francis Croup, an informa business
More informationSECOND EDITION THE SECURITY RISK ASSESSMENT HANDBOOK. A Complete Guide for Performing Security Risk Assessments DOUGLAS J. LANDOLL
SECOND EDITION THE SECURITY RISK ASSESSMENT HANDBOOK A Complete Guide for Performing Security Risk Assessments DOUGLAS J. LANDOLL CRC Press Taylor & Francis Group Boca Raton London New York CRC Press is
More informationCtfo MANAGEMENT SECURITY PATCH. Felicia M. Nicastro. Second Edition. CRC Press. VC#*' J Taylor & Francis Group / Boca Raton London New York
SECURITY PATCH MANAGEMENT Second Edition Felicia M. Nicastro Ctfo CRC Press VC#*' J Taylor & Francis Group / Boca Raton London New York CRC Press Is an imprint of the Taylor & Francis Croup, an Informa
More informationNetworking. Systems Design and. Development. CRC Press. Taylor & Francis Croup. Boca Raton London New York. CRC Press is an imprint of the
Networking Systems Design and Development Lee Chao CRC Press Taylor & Francis Croup Boca Raton London New York CRC Press is an imprint of the Taylor & Francis Croup, an Informa business AN AUERBACH BOOK
More informationCHAPMAN & HALL/CRC INNOVATIONS IN SOFTWARE ENGINEERING AND SOFTWARE DEVELOPMENT. Software Test Attacks to Break Mobile and Embedded Devices
CHAPMAN & HALL/CRC INNOVATIONS IN SOFTWARE ENGINEERING AND SOFTWARE DEVELOPMENT Software Test Attacks to Break Mobile and Embedded Devices Jon Duncan Hagar (g) CRC Press Taylor & Francis Group Boca Raton
More informationSchneps, Leila; Colmez, Coralie. Math on Trial : How Numbers Get Used and Abused in the Courtroom. New York, NY, USA: Basic Books, 2013. p i.
New York, NY, USA: Basic Books, 2013. p i. http://site.ebrary.com/lib/mcgill/doc?id=10665296&ppg=2 New York, NY, USA: Basic Books, 2013. p ii. http://site.ebrary.com/lib/mcgill/doc?id=10665296&ppg=3 New
More informationSecuring the Cloud. Cloud Computer Security Techniques and Tactics. Vic (J.R.) Winkler. Technical Editor Bill Meine ELSEVIER
Securing the Cloud Cloud Computer Security Techniques and Tactics Vic (J.R.) Winkler Technical Editor Bill Meine ELSEVIER AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO
More informationManagement. ITIL Release. Dave Howard. A Hands-on Guide. CRC Press. Taylor & Francis Group. Taylor St Francis Croup, an Informa business
ITIL Release Management A Hands-on Guide Dave Howard CRC Press Taylor & Francis Group Boca Raton London New York CRC Press is an imprint of the Taylor St Francis Croup, an Informa business AN AUERBACH
More informationEngineering Design. Software. Theory and Practice. Carlos E. Otero. CRC Press. Taylor & Francis Croup. Taylor St Francis Croup, an Informa business
Software Engineering Design Theory and Practice Carlos E. Otero CRC Press Taylor & Francis Croup Boca Raton London New York CRC Press is an imprint of the Taylor St Francis Croup, an Informa business AN
More informationQuality Management. Theory and Application PETER D. MAUCH. Ltfi) CRC Press. \ V J Taylor & Francis Group. ^ ^ Boca Raton London New York
Quality Management Theory and Application PETER D. MAUCH Ltfi) CRC Press \ V J Taylor & Francis Group ^ ^ Boca Raton London New York CRC Press is an imprint of the Taylor & Francis Group, an Informa business
More informationImplementing the Project Management Balanced Scorecard
Implementing the Project Management Balanced Scorecard Jessica Keyes CRC Press Taylor & Francis Group Boca Raton London New York CRC Press is an imprint of the Taylor & Francis Croup, an informa business
More informationComputer Security Literacy
Computer Security Literacy Staying Safe in a Digital World Douglas Jacobson and Joseph Idziorek CRC Press Taylor & Francis Group Boca Raton London New York CRC Press is an imprint of the Taylor & Francis
More informationAdvances in Network Management
Advances in Network Management Jianguo Ding UC) CRC Press >5^ J Taylor & Francis Croup ^""""^ Boca Raton London New York CRC Press is an imprint of the Taylor & Francis Group, an informa business AN AUERBACH
More informationfor Research and Guiding Innovation for Positive R&D Outcomes Lory Mitchell Wingate
Project Management for Research and Development Guiding Innovation for Positive R&D Outcomes Lory Mitchell Wingate CRC Press Taylor & Francis Group BocaRaton London New York CRC Press is an imprint of
More informationSecurity, and Intelligence
Machine Learning Forensics for Law Enforcement, Security, and Intelligence Jesus Mena CRC Press Taylor &. Francis Group Boca Raton London NewYork CRC Press is an imprint of the Taylor & Francis Croup,
More informationEffective Methods for Software and Systems Integration
Effective Methods for Software and Systems Integration Boyd L. Summers CRC Press Taylor & Francis Group 6000 Broken Sound Parkway NW, Suite 300 Boca Raton, FL 33487-2742 CRC Press is an imprint of Taylor
More informationStudy Guide. ScrumMaster. The. James Schiel. CRC Press. Taylor & Francis Croup, an Inform* business AN AUERBACH BOOK. CRC Press (s an imprint of the
The ScrumMaster Study Guide James Schiel CRC Press & Taylor Francis Croup Boca Raton London New York CRC Press (s an imprint of the Taylor & Francis Croup, an Inform* business AN AUERBACH BOOK Contents
More informationInformation Technology and Organizational Learning
Information Technology and Organizational Learning Managing Behavioral Change through Technology and Education Second Edition Arthur M. Langer CRC Press Taylor & Francis Group Boca Raton London New York
More informationGovernance Simplified
Information Security Governance Simplified From the Boardroom to the Keyboard TODD FITZGERALD, cissp; cisa, cism Foreword by Tom Peltier CRC Press Taylor & Francis Croup Boca Raton London NewYork CRC Press
More informationImproving Business Process Performance
Improving Business Process Performance Gain Agility, Create Value, and Achieve Success JOSEPH RAYNUS CRC Press Taylor & Francis Croup Boca Raton London New York CRC Press is an imprint of the Taylor &
More informationNetworking. Cloud and Virtual. Data Storage. Greg Schulz. Your journey. effective information services. to efficient and.
Cloud and Virtual Data Storage Networking Your journey to efficient and effective information services Greg Schulz CRC Press Taylor & Francis Group Boca Raton London New York CRC Press is an imprint of
More informationRequirements Engineering for Software
Requirements Engineering for Software and Systems Second Edition Phillip A. Laplante CRC Press Taylor & Francis Group Boca Raton London New York CRC Press is an imprint of the Taylor & Francis Croup, an
More informationOracle Embedded Programming and Application Development
Oracle Embedded Programming and Application Development Lakshman Bulusu ( r oc) CRC Press >V J Taylor &. Francis Group ^* "^^ Boca Raton London New York CRC Press is an imprint of the Taylor & Francis
More informationIntroduction to Supply Chain Management Technologies
Introduction to Supply Chain Management Technologies Second Edition David Frederick Ross CRC Press Taylor & Francis Croup Boca Raton London New York CRC Press is an imprint of the Taylor & Francis Croup,
More informationin Business Technology Management
Best Practices in Business Technology Management Stephen J. Andriole CRC Press Taylor & Francis Group Boca Raton London New York CRC Press is an imprint of the Taylor & Francis Croup, an informa business
More informationCustomer and Business Analytic
Customer and Business Analytic Applied Data Mining for Business Decision Making Using R Daniel S. Putler Robert E. Krider CRC Press Taylor &. Francis Group Boca Raton London New York CRC Press is an imprint
More informationImplementation. Business-Driven IT-Wide Agile (Scrum) and Kanban (Lean) Andrew T. Pham and David K. Pham. An Action Guide for Business and IT Leaders
Business-Driven IT-Wide Agile (Scrum) and Kanban (Lean) Implementation An Action Guide for Business and IT Leaders Andrew T. Pham and David K. Pham Foreword by Jack Bergstrand, Former CFO of the Coca-Cola
More informationContents. xvii. Preface. xxi. Foreword. 1 Introduction 1. Preamble 1. Scope and Structure of the Book 3. Acknowledgments 4 Endnotes 5
Contents Preface Foreword xvii xxi 1 Introduction 1 Preamble 1 Scope and Structure of the Book 3 Acknowledgments 4 Endnotes 5 2 Engineering Systems 7 Introduction 8 Some Initial Observations 8 Deficient
More informationfor Information Technology
Lean Management Principles for Information Technology Gerhard J. Plenert CRC Press Taylor & Francis Croup Boca Raton London New York CRC Press is an imprint of the Taylor & Francis Croup, an Informs business
More informationDesign of Enterprise Systems
Design of Enterprise Systems Theory, Architecture, and Methods Ronald E. Giachetti CRC Press Taylor &. Francis Group Boca Raton London New York CRC Press is an imprint of the Taylor & Francis Group, an
More informationCloud Computing. and Scheduling. Data-Intensive Computing. Frederic Magoules, Jie Pan, and Fei Teng SILKQH. CRC Press. Taylor & Francis Group
Cloud Computing Data-Intensive Computing and Scheduling Frederic Magoules, Jie Pan, and Fei Teng SILKQH CRC Press Taylor & Francis Group Boca Raton London New York CRC Press is an imprint of the Taylor
More informationCloud Computing. Implementation, Management, and Security. John W. Rittinghouse James F. Ransome
Cloud Computing Implementation, Management, and Security John W. Rittinghouse James F. Ransome ( r öc) CRC Press W / Taylor &. Francis Group Boca Raton London New York CRC Press is an imprint of the Taylor
More information1 of 7 31/10/2012 18:34
Regulatory Story Go to market news section Company TIDM Headline Released Number Ironveld PLC IRON Holding(s) in Company 18:01 31-Oct-2012 0348Q18 RNS Number : 0348Q Ironveld PLC 31 October 2012 TR-1:
More informationMS Information Security (MSIS)
MS Information Security (MSIS) Riphah Institute of Systems Engineering (RISE) Riphah International University, Islamabad, Pakistan 1. Program Overview: The program aims to develop core competencies in
More informationOpen Source Data Warehousing and Business Intelligence
Open Source Data Warehousing and Business Intelligence Lakshman Bulusu CRC Press Taylor & Francis Croup Boca Raton London New York CRC Press is an imprint of the Taylor & Francis Croup, an infonna business
More informationCyber Attacks. Protecting National Infrastructure Student Edition. Edward G. Amoroso
Cyber Attacks Protecting National Infrastructure Student Edition Edward G. Amoroso ELSEVIER. AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY TOKYO Butterworth-Heinemann
More informationLean Management System LMS:2OI2
Lean Management System LMS:2OI2 A Framework for Continual Lean Improvement William A. Levinson f r oc) CRC Press \M ^ J Taylor & Francis Croup Boca Raton London New York CRC Press is an imprint of the
More informationDeliuery Networks. A Practical Guide to Content. Gilbert Held. Second Edition. CRC Press. Taylor & Francis Group
A Practical Guide to Content Deliuery Networks Second Edition Gilbert Held CRC Press Taylor & Francis Group Boca Raton London NewYork CRC Press is an imprint of the Taylor & Francis Croup, an informa business
More informationCREATING A THIRD EDITION DAVID MANN
CREATING A LEAN CULTURE Tools to Sustain Lean Conversions THIRD EDITION DAVID MANN CRC Press Taylor & Francis Croup Boca Raton London New York CRC Press is an imprint of the Taylor St Francis Group, an
More informationDesigning and Coding Secure Systems
Designing and Coding Secure Systems Kenneth Ingham and Anil Somayaji September 29, 2009 1 Course overview This class covers secure coding and some design issues from a language neutral approach you can
More informationIntroduction to Financial Models for Management and Planning
CHAPMAN &HALL/CRC FINANCE SERIES Introduction to Financial Models for Management and Planning James R. Morris University of Colorado, Denver U. S. A. John P. Daley University of Colorado, Denver U. S.
More informationData Center Storage. Hubbert Smith. Implementation, and Management »C) Cost-Effective Strategies, CRC Press J Taylor & Francis Group
Data Center Storage Cost-Effective Strategies, Implementation, and Management Hubbert Smith»C) CRC Press J Taylor & Francis Group Boca Raton London New York CRC Press is an imprint of the Taylor & Francis
More informationA Simulation-Based lntroduction Using Excel
Quantitative Finance A Simulation-Based lntroduction Using Excel Matt Davison University of Western Ontario London, Canada CRC Press Taylor & Francis Croup Boca Raton London New York CRC Press is an imprint
More informationSupply Chain Risk. An Emerging Discipline. Gregory L. Schlegel. Robert J. Trent
Supply Chain Risk Management An Emerging Discipline Gregory L. Schlegel Robert J. Trent CRC Press Taylors.Francis Group Boca Raton London New York CRC Press is an imprint of the Taylor & Francis Croup,
More informationGFSU Certified Cyber Crime Investigator GFSU-CCCI. Training Partner. Important dates for all batches
GFSU Certified Cyber Crime Investigator GFSU-CCCI 1. Internet Fundamentals 2. Cyber Crime Essentials 3. Cyber Investigation Essentials 4. Digital Evidence in Computer Devices 5. Cyber Forensics Essentials
More informationDetection. Perspective. Network Anomaly. Bhattacharyya. Jugal. A Machine Learning »C) Dhruba Kumar. Kumar KaKta. CRC Press J Taylor & Francis Croup
Network Anomaly Detection A Machine Learning Perspective Dhruba Kumar Bhattacharyya Jugal Kumar KaKta»C) CRC Press J Taylor & Francis Croup Boca Raton London New York CRC Press is an imprint of the Taylor
More informationThe Green and Virtual Data Center
The Green and Virtual Data Center Greg (Schulz CRC Press Taylor & Francis Group Boca Raton London New York CRC Press is an imprint of the Taylor & Francis Croup, an informa business Contents Preface About
More informationProject Management Concepts, Methods, and Techniques
Project Management Concepts, Methods, and Techniques Claude H. Maley Uffi\ CRC Press Taylor & Francis Croup Boca Raton London New York CRC Press is an imprint of the Taylor & Francis Croup, an Informa
More informationExternal Supplier Control Requirements
External Supplier Control s Cyber Security For Suppliers Categorised as Low Cyber Risk 1. Asset Protection and System Configuration Barclays Data and the assets or systems storing or processing it must
More informationEFFECTIVE NON-PROFIT MANAGEMENT
American Society for Public Administration Series in Public Administration and Public Policy Advancing excellence in public service.., EFFECTIVE NON-PROFIT MANAGEMENT Context, Concepts, and Competencies
More informationExpert Oracle Application. Express Security. Scott Spendolini. Apress"
Expert Oracle Application Express Security Scott Spendolini Apress" Contents Foreword About the Author About the Technical Reviewer Acknowledgments Introduction xv xvii xix xxi xxiii BChapter 1: Threat
More informationRegulatory Story. RNS Number : 8343I. DCD Media PLC. 08 July 2013. TR-1: NOTIFICATION OF MAJOR INTEREST IN SHARES i
1 of 7 25/11/2013 11:51 Regulatory Story Go to market news section Company TIDM Headline Released DCD Media PLC DCD Holding(s) in Company 15:19 08-Jul-2013 8343I15 RNS : 8343I DCD Media PLC 08 July 2013
More informationMining. Practical. Data. Monte F. Hancock, Jr. Chief Scientist, Celestech, Inc. CRC Press. Taylor & Francis Group
Practical Data Mining Monte F. Hancock, Jr. Chief Scientist, Celestech, Inc. CRC Press Taylor & Francis Group Boca Raton London New York CRC Press is an imprint of the Taylor Ei Francis Group, an Informs
More informationSecure Code Development
ISACA South Florida 7th Annual WOW! Event Copyright Elevate Consult LLC. All Rights Reserved 1 Agenda i. Background ii. iii. iv. Building a Business Case for Secure Coding Top-Down Approach to Develop
More informationWorkflow Administration of Windchill 10.2
Workflow Administration of Windchill 10.2 Overview Course Code Course Length TRN-4339-T 2 Days In this course, you will learn about Windchill workflow features and how to design, configure, and test workflow
More informationAnnex B - Content Management System (CMS) Qualifying Procedure
Page 1 DEPARTMENT OF Version: 1.5 Effective: December 18, 2014 Annex B - Content Management System (CMS) Qualifying Procedure This document is an annex to the Government Web Hosting Service (GWHS) Memorandum
More informationSOFTWARE TESTING. A Craftsmcm's Approach THIRD EDITION. Paul C. Jorgensen. Auerbach Publications. Taylor &. Francis Croup. Boca Raton New York
SOFTWARE TESTING A Craftsmcm's Approach THIRD EDITION Paul C. Jorgensen A Auerbach Publications Taylor &. Francis Croup Boca Raton New York Auerbach Publications is an imprint of the Taylor & Francis Group,
More informationIntroduction. Acknowledgments Support & Feedback Preparing for the Exam. Chapter 1 Plan and deploy a server infrastructure 1
Introduction Acknowledgments Support & Feedback Preparing for the Exam xv xvi xvii xviii Chapter 1 Plan and deploy a server infrastructure 1 Objective 1.1: Design an automated server installation strategy...1
More informationElectronic Payment Schemes Guidelines
BANK OF TANZANIA Electronic Payment Schemes Guidelines Bank of Tanzania May 2007 Bank of Tanzania- Electronic Payment Schemes and Products Guidleness page 1 Bank of Tanzania, 10 Mirambo Street, Dar es
More information! Resident of Kauai, Hawaii
SECURE SDLC Jim Manico @manicode! OWASP Volunteer! Global OWASP Board Member! Manager of several OWASP secure coding projects! Security Instructor, Author! 17 years of web-based, databasedriven software
More informationIt Won t Happen To Me! A Network and PCI Security Webinar Presented By FMS and VendorSafe
It Won t Happen To Me! A Network and PCI Security Webinar Presented By FMS and VendorSafe Agenda Who Is VendorSafe Technologies? It Won t Happen to Me! PCI DSS Overview The VendorSafe Solution Questions
More informationNetwork Security. Windows 2012 Server. Securing Your Windows. Infrastructure. Network Systems and. Derrick Rountree. Richard Hicks, Technical Editor
Windows 2012 Server Network Security Securing Your Windows Network Systems and Infrastructure Derrick Rountree Richard Hicks, Technical Editor AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN
More informationDeveloping. and Securing. the Cloud. Bhavani Thuraisingham CRC. Press. Taylor & Francis Group. Taylor & Francis Croup, an Informs business
Developing and Securing the Cloud Bhavani Thuraisingham @ CRC Press Taylor & Francis Group Boca Raton London New York CRC Press is an imprint of the Taylor & Francis Croup, an Informs business AN AUERBACH
More informationThe Geography of International terrorism
SUB Hamburg A/596060 The Geography of International terrorism An Introduction to Spaces and Places of Violent Non-State Groups Richard M. Medina and George F. Hepner CRC Press Taylor & Francis Croup Boca
More informationSecurity Metrics. A Beginner's Guide. Caroline Wong. Mc Graw Hill. Singapore Sydney Toronto. Lisbon London Madrid Mexico City Milan New Delhi San Juan
Security Metrics A Beginner's Guide Caroline Wong Mc Graw Hill New York Chicago San Francisco Lisbon London Madrid Mexico City Milan New Delhi San Juan Seoul Singapore Sydney Toronto Contents FOREWORD
More informationCISO's Guide to. Penetration Testing. James. S. Tiller. A Framework to Plan, Manage, and Maximize Benefits. CRC Press. Taylor & Francis Group
CISO's Guide to Penetration Testing A Framework to Plan, Manage, and Maximize Benefits James S. Tiller CRC Press Taylor & Francis Group Boca Raton London New York CRC Press is an imprint of the Taylor
More informationSecurity Software Engineering: Do it the right way
Proceedings of the 6th WSEAS Int. Conf. on Software Engineering, Parallel and Distributed Systems, Corfu Island, Greece, February 16-19, 2007 19 Security Software Engineering: Do it the right way Ahmad
More informationOut of the Present Crisis
Out of the Present Crisis Rediscovering Improvement in the New Economy Terence T. Burton CRC Press Taylor & Francis Group Boca Raton London New York CRC Press is an imprint of the Taylor & Francis Croup,
More informationStratex International Plc ('Stratex' or 'the Company') Holdings in Company
Regulatory Story Go to market news section Company TIDM Headline Released Stratex International PLC STI Holding(s) in Company 17:30 04-Feb-2010 7233G17 RNS : 7233G Stratex International PLC 04 February
More informationExpert PHP and MySQL. Application Desscpi and Development. Apress" Marc Rochkind
Expert PHP and MySQL Application Desscpi and Development Marc Rochkind Apress" Contents About the Author About the Technical Reviewer Acknowledgments Introduction xvii xix xxi xxiii -Chapter 1: Project
More informationGreen Project Management
Green Project Management Richard Maltzman David Shirley CRC Press Taylor & Francis Group Boca Raton London New York CRC Press Is an imprint of the Taylor & Francis Croup, an Infonna business AN AUERBACH
More informationTHE MODERN THEORY OF THE TOYOTA PRODUCTION SYSTEM
THE MODERN THEORY OF THE TOYOTA PRODUCTION SYSTEM A SYSTE Phillip Marksberry, PhD, PE /O\ CRC Press yc**" J Taylor & Francis Group V^_,/ Boca Raton London NewYork CRC Press is an imprint of the Taylor
More informationTelephone and Electronic Account Wagering Rules and Regulations
State of Colorado Colorado Racing Commission Telephone and Electronic Account Wagering Rules and Regulations All rules, regulations, procedures and mandates as defined in governing simulcast wagering are
More informationPractical Hadoop. Security. Bhushan Lakhe
Practical Hadoop Security Bhushan Lakhe Contents J About the Author About the Technical Reviewer Acknowledgments Introduction xiii xv xvii xix Part I: Introducing Hadoop and Its Security 1 Chapter 1: Understanding
More informationSHARED ASSESSMENTS PROGRAM STANDARD INFORMATION GATHERING (SIG) QUESTIONNAIRE 2014 MAPPING TO OCC GUIDANCE (2013-29) ON THIRD PARTY RELATIONSHIPS
SHARED ASSESSMENTS PROGRAM STANDARD INFORMATION GATHERING (SIG) QUESTIONNAIRE 2014 MAPPING TO OCC GUIDANCE (2013-29) ON THIRD PARTY RELATIONSHIPS An overview of how the Shared Assessments Program SIG 2014
More information^H 3RD EDITION ITGOVERNANCE A MANAGER'S GUIOE TO OATA SECURITY ANO DS 7799/IS017799 ALAN CALDER STEVE WATKINS. KOGAN PAGE London and Sterling, VA
^H 3RD EDITION ITGOVERNANCE A MANAGER'S GUIOE TO OATA SECURITY ANO DS 7799/IS017799 ALAN CALDER STEVE WATKINS KOGAN PAGE London and Sterling, VA Contents Foreword by Nigel Turnbull How to use this book
More informationComputer Security Basics
Computer Security Basics Deborah Russell and G.T. Gangemi Sr. Techniscbe Universitai O^misiadt FAGHBERFJCH INFORMATJK BIBLIOTHEK Inventar-Nr.: Sachgebiete: Standort: Cambridge ' Koln O'Reilly & Associates,
More information15 Organisation/ICT/02/01/15 Back- up
15 Organisation/ICT/02/01/15 Back- up 15.1 Description Backup is a copy of a program or file that is stored separately from the original. These duplicated copies of data on different storage media or additional
More information"Charting the Course... ... to Your Success!" MOC 50331 D Windows 7 Enterprise Desktop Support Technician Course Summary
Description Course Summary This course provides students with the knowledge and skills needed to isolate, document and resolve problems on a Windows 7 desktop or laptop computer. It will also help test
More informationPAPER-6 PART-5 OF 5 CA A.RAFEQ, FCA
Chapter-4: Business Continuity Planning and Disaster Recovery Planning PAPER-6 PART-5 OF 5 CA A.RAFEQ, FCA Learning Objectives 2 To understand the concept of Business Continuity Management To understand
More informationProject Management Theory and Practice
Project Management Theory and Practice Gary L. Richardson CRC Press Taylor& Francis Group Boca Raton London New York CRC Press is an imprint of the Taylor & Francis Group, an informa business AN AUERBACH
More informationCustomer Relationship Management
Customer Relationship Management Concepts and Technologies Second edition Francis Buttle xlloillvlcjx. AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY
More informationBUSINESS ANALYSIS FDR INTELLIGENCE
BUSINESS ANALYSIS FDR BUSINESS INTELLIGENCE BERT BRIJS CRC Press Taylor & Francis Group Boca Raton London New York CRC Press is an imprint of the Taylor & Francis Croup, an informa business AN AUERBACH
More informationContents. Foreword. Acknowledgments
Foreword Preface Acknowledgments xv xvii xviii CHAPTER 1 Introduction 1 1.1 What Is Mission Critical? 1 1.2 Purpose of the Book 2 1.3 Network Continuity Versus Disaster Recovery 2 1.4 The Case for Mission-Critical
More informationLearn AX: A Beginner s Guide to Microsoft Dynamics AX. Managing Users and Role Based Security in Microsoft Dynamics AX 2012. Dynamics101 ACADEMY
Learn AX: A Beginner s Guide to Microsoft Dynamics AX Managing Users and Role Based Security in Microsoft Dynamics AX 2012 About.com is a Rand Group Knowledge Center intended to provide our clients, and
More informationINFORMATION SECURITY A MULTIDISCIPLINARY. Stig F. Mjolsnes INTRODUCTION TO. Norwegian University ofscience & Technology. CRC Press
DISCRETE MATHEMATICS AND ITS APPLICATIONS Series Editor KENNETH H. ROSEN A MULTIDISCIPLINARY INTRODUCTION TO INFORMATION SECURITY Stig F. Mjolsnes Norwegian University ofscience & Technology Trondheim
More informationGODADDY INC. CORPORATE GOVERNANCE GUIDELINES. Adopted as of February 3, 2015
GODADDY INC. CORPORATE GOVERNANCE GUIDELINES Adopted as of February 3, 2015 The following corporate governance guidelines have been adopted by the Board of Directors (the Board ) of GoDaddy Inc. (the Company
More informationWest African Minerals Corporation ("West African" or the "Company") Holding in Company
Regulatory Story Go to market news section West African Minerals Corporation - WAFM Holding(s) in Company Released 17:04 23-Apr-2015 RNS Number : 1876L West African Minerals Corporation 23 April 2015 For
More informationCUSTOMER RELATIONSHIP MANAGEMENT. Concepts and technologies. Third edition FRANCIS BUTTLE AND STAN MAKLAN
CUSTOMER RELATIONSHIP MANAGEMENT Concepts and technologies Third edition FRANCIS BUTTLE AND STAN MAKLAN Routledge R Taylor & Francis Group LONDON AND NEW YORK List offigures List oftables About the authors
More informationFINAL JOINT PRETRIAL ORDER. This matter is before the Court on a Final Pretrial Conference pursuant to R. 4:25-1.
SUPERIOR COURT OF NEW JERSEY MIDDLESEX COUNTY:LAW DIVISION Docket No. Plaintiff(s), v. Defendant(s). FINAL JOINT PRETRIAL ORDER This matter is before the Court on a Final Pretrial Conference pursuant to
More informationKenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data
Kenna Platform Security A technical overview of the comprehensive security measures Kenna uses to protect your data V2.0, JULY 2015 Multiple Layers of Protection Overview Password Salted-Hash Thank you
More informationMETHODS IN MEDICAL INFORMATICS
Chapman & Hall/CRC Mathematical and Computational Biology Series METHODS IN MEDICAL INFORMATICS Fundamentals of Healthcare Programming in Perln Pythoni and Ruby Jules J- Berman TECHNISCHE INFORMATION SBIBLIOTHEK
More informationBusiness Information Systems and Technology
Business Information Systems and Technology A primer Brian Lehaney, Phil Lovett and Mahmood Shah Routledge Taylor & Francis Group LONDON AND NEW YORK Contents List of case studies xii List of figures xiii
More informationContents. Intended Audience for This Book How This Book Is Structured. Acknowledgements
Preface Intended Audience for This Book How This Book Is Structured xvii xviii xix Acknowledgements xxi 1 Open Source Software: Definitions and History 1 1.1 Definition of Terms 1 1.1.1 What Is Free Software?
More informationAutomatic vs. Manual Code Analysis
Automatic vs. Manual Code Analysis 2009-11-17 Ari Kesäniemi Senior Security Architect Nixu Oy ari.kesaniemi@nixu.com Copyright The Foundation Permission is granted to copy, distribute and/or modify this
More information