Loading [MathJax]/jax/output/HTML-CSS/fonts/TeX/fontdata.js
Kopieren und bearbeiten

Computer Security U9 - Software Security

Beschreibung

Mindmap am Computer Security U9 - Software Security, erstellt von Nick.Bell2013 am 27/04/2013.
Nick.Bell2013
Mindmap von Nick.Bell2013, aktualisiert more than 1 year ago
Nick.Bell2013
Erstellt von Nick.Bell2013 vor etwa 12 Jahre
50
3
0
1 2 3 4 5 (0)

Zusammenfassung der Ressource

Computer Security U9 - Software Security
  1. Need for security
    1. "holes"
      1. poor/sloppy coding
      2. Software trends
        1. greater networking = greater exposure
          1. increasing size/complexity= harder to police
            1. greater flexibility = error prone
              1. lack of environment diversity = only 1 major platform
                1. increasing market pressure = rushed production
        2. Penetrate and patch approach
          1. only fixes known vulnerabiliteis
            1. only quick fixes
              1. users may not use patch
                1. targets symptoms not causes
                  1. users doing testing
                    1. only works on unmodified s/ware
          2. Open source vs Closed source
            1. Security principles
              1. part of design process
                1. use the K.I.S.S. model
                  1. reduce exposure
                    1. ensure "secure failure"
            2. S/ware engineering life cycle
              1. Requirements capture
                1. Design
                  1. Implementation
                    1. Testing
                      1. Support
              2. Languages
                1. C
                  1. C++
                    1. Java
                      1. C#
                        1. LISP
                2. Access controls
                  1. Common security problems
                    1. Principle of Least Privilege
                      1. buffer overflows
                        1. input handling
                          1. naming issues
                            1. race conditions = TOCTTOU
                              1. Firewall issues
                                1. cryptographic issues
                                  1. Bishop's list*
                    2. Managing security
                      1. risk assessment
                        1. Security testing
                          1. black box testing
                            1. red teaming
                            2. Management issues
                              1. distribution (DRM)
                                1. installation
                                  1. maintennance
                                    1. documentation
                                      1. oversight
                                    2. Java security
                                      1. objects
                                        1. inheritance
                                        2. platform independence
                                          1. language features
                                            1. type safety
                                              1. exception handling
                                              2. garbage collection
                                                1. multi-thread
                                              3. Sandbox security model
                                                1. signed applets
                                                  1. Java 2
                                                    1. access control & stack inspection
                                                      1. hostile applets
                                                        1. maicious applets
                                                          1. attack applets
                                                        Zusammenfassung anzeigen Zusammenfassung ausblenden

                                                        0 Kommentare

                                                        There are no comments, be the first and leave one below:

                                                        Möchten Sie kostenlos Ihre eigenen Mindmaps mit GoConqr erstellen? Mehr erfahren.

                                                        ähnlicher Inhalt

                                                        SSCP Domains
                                                        Abdul Issa
                                                        Computer Security Potential Flaws
                                                        Rob Speirs
                                                        VL 11 Synapse & Peripheres Nervensystem
                                                        jules2004
                                                        Pädagogik Abitur 2016: Jean Piaget
                                                        Lena S.
                                                        Quiz zum Basiswissen Europa und Europäische Union
                                                        lea_seelbach
                                                        Oxford Academic Word List Sub1
                                                        torsten fab
                                                        Österreichische Geschichte ll Mesner (ÖG 2)
                                                        Selma Tahirovic
                                                        Forstpolitik Krott
                                                        Ulf Grätz
                                                        Vetie- Innere 2017
                                                        Ju Pi
                                                        Vetie Tierseuchen 2018
                                                        Johanna Müller
                                                        Bibliothek durchsuchen