Author(s): Markus Schumacher, Eduardo Fernandez-Buglioni, Duane Hybertson, Frank Buschmann, Peter Sommerlad
Publisher: Wiley
Year: Mar 2006
ISBN: 0-470-85884-2
Language: English
File type: PDF
Pages: 603
Size (for download): 5.54 MB
Security has become an important topic for many software systems. With the growing success of the Internet, computer and software systems have become more and more networked. Researchers are already developing scenarios in which millions of devices are connected and cooperatively running web-based commerce, government, health, and other types of security-sensitive systems. Much of the research effort in these scenarios is devoted to security aspects.
What could happen if, in a pervasive health scenario, cardiology data collected by wireless sensors attached to your body and pre-processed by software on your PDA is intercepted and manipulated by an unauthorized person during its transmission to your doctor? Or think of a scenario in which the software in your car is updated remotely because an attacker has compromised the manufacturer’s servers.
What if your car, which has just been ‘updated,’ no longer brakes, but instead activates its drive-by-wire accelerator? What if, in the near future, the control tower that just took over handling of the aircraft in which you are a passenger discovers that the plane no longer does what the pilots or the tower want, but, instead, what some hijackers want it to do? Perhaps worst of all, think about potential for disaster should someone maliciously take over control of a nuclear power plant…
You simply do not want these things to happen! In other words, you require the system to ensure a proper level of confidentiality and integrity before you trust and use it.
TABLE OF CONTENT:
Chapter 01 - The Pattern Approach
Chapter 02 - Security Foundations
Chapter 03 - Security Patterns
Chapter 04 - Patterns Scope and Enterprise Security
Chapter 05 - The Security Pattern Landscape
Chapter 06 - Enterprise Security and Risk Management
Chapter 07 - Identification and Authentication (I&A)
Chapter 08 - Access Control Models
Chapter 09 - System Access Control Architecture
Chapter 10 - Operating System Access Control
Chapter 11 - Accounting
Chapter 12 - Firewall Architectures
Chapter 13 - Secure Internet Applications
Chapter 14 - Case Study: IP Telephony
Chapter 15 - Supplementary Concepts
Chapter 16 - Closing Remarks
No comments:
Post a Comment