The first guide to tackle security architecture at the software engineering level
Computer security has become a critical business concern, and, as such, the responsibility of all IT professionals. In this groundbreaking book, a security expert with AT&T Business's renowned Network Services organization explores system security architecture from a software engineering perspective. He explains why strong security must be a guiding principle of the development process and identifies a common set of features found in most security products, explaining how they can and should impact the development cycle. The book also offers in-depth discussions of security technologies, cryptography, database security, application and operating system security, and more.

Table of Contents

Preface.

Acknowledgments.

PART I: ARCHITECTURE AND SECURITY.

Chapter 1. Architecture Reviews.

Chapter 2. Security Assessments.

Chapter 3. Security Architecture Basics.

Chapter 4. Architecture Patterns in Security.

PART II: LOW-LEVEL ARCHITECTURE.

Chapter 5. Code Review.

Chapter 6. Cryptography.

Chapter 7. Trusted Code.

Chapter 8. Secure Communications.

PART III: MID-LEVEL ARCHITECTURE.

Chapter 9. Middleware Security.

Chapter 10. Web Security.

Chapter 11. Application and OS Security.

Chapter 12. Database Security.

PART IV: HIGH-LEVEL ARCHITECTURE.

Chapter 13. Security Components.

Chapter 14. Security and Other Architectural Goals.

Chapter 15. Enterprise Security Architecture.

PART V: BUSINESS CASES AND SECURITY.

Chapter 16. Building Business Cases for Security.

Conclusion.

Glossary.

Bibliography.

Index.