Verkauf durch Sack Fachmedien

Melone

Designing Secure Systems

Medium: Buch
ISBN: 978-0-367-70002-7
Verlag: CRC Press
Erscheinungstermin: 04.10.2024
Lieferfrist: bis zu 10 Tage

Modern systems are an intertwined mesh of human process, physical security, and technology. Attackers are aware of this, commonly leveraging a weakness in one form of security to gain control over an otherwise protected operation. To expose these weaknesses, we need a single unified model that can be used to describe all aspects of the system on equal terms.

Designing Secure Systems takes a theory-based approach to concepts underlying all forms of systems – from padlocks, to phishing, to enterprise software architecture. We discuss how weakness in one part of a system creates vulnerability in another, all the while applying standards and frameworks used in the cybersecurity world. Our goal: to analyze the security of the entire system – including people, processes, and technology – using a single model.

We begin by describing the core concepts of access, authorization, authentication, and exploitation. We then break authorization down into five interrelated components and describe how these aspects apply to physical, human process, and cybersecurity. Lastly, we discuss how to operate a secure system based on the NIST Cybersecurity Framework (CSF) concepts of "identify, protect, detect, respond, and recover."

Other topics covered in this book include the NIST National Vulnerability Database (NVD), MITRE Common Vulnerability Scoring System (CVSS), Microsoft’s Security Development Lifecycle (SDL), and the MITRE ATT&CK Framework.


Produkteigenschaften


  • Artikelnummer: 9780367700027
  • Medium: Buch
  • ISBN: 978-0-367-70002-7
  • Verlag: CRC Press
  • Erscheinungstermin: 04.10.2024
  • Sprache(n): Englisch
  • Auflage: 1. Auflage 2024
  • Produktform: Kartoniert
  • Gewicht: 313 g
  • Seiten: 220
  • Format (B x H x T): 156 x 234 x 12 mm
  • Ausgabetyp: Kein, Unbekannt

Themen


Autoren/Hrsg.

Autoren

1. Introduction



Secure System Concepts

2. Access

3. Authorization

4. Authentication

5. Weakness, Vulnerability, and Exploitation

6. Impact



Designing and Operating a Secure System

7. Identify

8. Protect

9. Detect

10. Respond

11. Recover

12. Closing

13. Acknowledgements