Skip to content

Security Patterns Integrating Security and Systems Engineering

Best in textbook rentals since 2012!

ISBN-10: 0470858842

ISBN-13: 9780470858844

Edition: 2005

Authors: Markus Schumacher, Eduardo Fernandez-Buglioni, Duane Hybertson, Frank Buschmann, Peter Sommerlad

List price: $80.00
Blue ribbon 30 day, 100% satisfaction guarantee!
what's this?
Rush Rewards U
Members Receive:
Carrot Coin icon
XP icon
You have reached 400 XP and carrot coins. That is the daily max!


Most security books are targeted at security engineers and specialists. Few show how build security into software. None breakdown the different concerns facing security at different levels of the system: the enterprise, architectural and operational layers. Security Patterns addresses the full spectrum of security in systems design, using best practice solutions to show how to integrate security in the broader engineering process. Essential for designers building large-scale systems who want best practice solutions to typical security problems Real world case studies illustrate how to use the patterns in specific domains
Customers also bought

Book details

List price: $80.00
Copyright year: 2005
Publisher: John Wiley & Sons, Incorporated
Publication date: 2/3/2006
Binding: Hardcover
Pages: 608
Size: 7.66" wide x 9.35" long x 1.57" tall
Weight: 2.992
Language: English

The Pattern Approach
Patterns at a Glance
No Pattern is an Island
Patterns Everywhere
Humans are the Target
Patterns Resolve Problems and Shape Environments
Towards Pattern Languages
Documenting Patterns
A Brief Note on The History of Patterns
The Pattern Community and its Culture
Security Foundations
Security Taxonomy
General Security Resources
Security Patterns
The History of Security Patterns
Characteristics of Security Patterns
Why Security Patterns?
Sources for Security Pattern Mining
Patterns Scope and Enterprise Security
The Scope of Patterns in the Book
Organization Factors
Resulting Organization
Mapping to the Taxonomy
Organization in the Context of an Enterprise Framework
The Security Pattern Landscape
Enterprise Security and Risk Management Patterns
Identification & Authentication (I&A) Patterns
Access Control Model Patterns
System Access Control Architecture Patterns
Operating System Access Control Patterns
Accounting Patterns
Firewall Architecture Patterns
Secure Internet Applications Patterns
Cryptographic Key Management Patterns
Related Security Pattern Repositories Patterns
Enterprise Security and Risk Management
Security Needs Identification for Enterprise Assets
Asset Valuation
Threat Assessment
Vulnerability Assessment
Risk Determination
Enterprise Security Approaches
Enterprise Security Services
Enterprise Partner Communication
Identification and Authentication (I&A)
I&A Requirements
Automated I&A Design Alternatives
Password Design and Use
Biometrics Design Alternatives
Access Control Models
Role-Based Access Control
Multilevel Security
Reference Monitor
Role Rights Definition
System Access Control Architecture
Access Control Requirements
Single Access Point
Check Point
Security Session
Full Access with Errors
Limited Access
Operating System Access Control
Controlled Process Creator
Controlled Object Factory
Controlled Object Monitor
Controlled Virtual Address Space
Execution Domain
Controlled Execution Environment
File Authorization
Security Accounting Requirements
Audit Requirements
Audit Trails and Logging Requirements
Intrusion Detection Requirements
Non-Repudiation Requirements
Firewall Architectures
Packet Filter Firewall
Proxy-Based Firewall
Stateful Firewall
Secure Internet Applications
Information Obscurity
Secure Channels
Known Partners
Demilitarized Zone
Protection Reverse Proxy
Integration Reverse Proxy
Front Door
Case Study: IP Telephony
IP Telephony at a Glance
The Fundamentals of IP Telephony
Vulnerabilities of IP Telephony Components
IP Telephony Use Cases
Securing IP telephony with patterns
Applying Individual Security Patterns
Supplementary Concepts
Security Principles and Security Patterns
Enhancing Security Patterns with Misuse Cases
Closing Remarks