ISSE 2013 securing electronic business processes : highlights of the Information Security Solutions Europe 2013 Conference / / Helmut Reimer, Norbert Pohlmann, Wolfgang Schneider (eds.) |
Edizione | [1st ed. 2013.] |
Pubbl/distr/stampa | Weisbaden, Germany : , : Springer Vieweg, , 2013 |
Descrizione fisica | 1 online resource (xv, 282 pages) : illustrations |
Disciplina | 004 |
Collana | Gale eBooks |
Soggetto topico |
Computer networks - Security measures
Business - Data processing Cloud computing |
ISBN | 3-658-03371-1 |
Formato | Materiale a stampa ![]() |
Livello bibliografico | Monografia |
Lingua di pubblicazione | eng |
Nota di contenuto | Cloud Security, Trust Services, eId & Access Management -- Human Factors, Awareness & Privacy, Regulations and Policies -- Security Management -- Cyber Security, Cybercrime, Critical Infrastructures -- Mobile Security & Applications. |
Record Nr. | UNINA-9910437588903321 |
Weisbaden, Germany : , : Springer Vieweg, , 2013 | ||
![]() | ||
Lo trovi qui: Univ. Federico II | ||
|
ISSE 2014 Securing Electronic Business Processes [[electronic resource] ] : Highlights of the Information Security Solutions Europe 2014 Conference / / edited by Helmut Reimer, Norbert Pohlmann, Wolfgang Schneider |
Edizione | [1st ed. 2014.] |
Pubbl/distr/stampa | Wiesbaden : , : Springer Fachmedien Wiesbaden : , : Imprint : Springer Vieweg, , 2014 |
Descrizione fisica | 1 online resource (278 p.) |
Disciplina |
004
005.8 |
Soggetto topico |
Computer security
Systems and Data Security |
ISBN | 3-658-06708-X |
Formato | Materiale a stampa ![]() |
Livello bibliografico | Monografia |
Lingua di pubblicazione | eng |
Nota di contenuto |
""Contents""; ""About this Book""; ""TeleTrusT � IT Security Association Germany""; ""EEMA""; ""SAFECode Whitepaper: Fundamental Practices for Secure Software Development 2nd Edition""; ""1 Secure Design Principles""; ""1.1 Threat Modeling""; ""1.1.1 CWE References1""; ""1.1.2 Verification""; ""1.2 Use Least Privilege""; ""1.2.1 CWE References""; ""1.2.2 Verification""; ""1.3 Implement Sandboxing""; ""1.3.1 CWE References""; ""1.3.2 Verification""; ""2 Secure Coding Practices""; ""2.1 Minimize Use of Unsafe String and Buffer Functions""; ""2.1.1 Automatic use of safer functions""
""2.1.2 CWE References""""2.1.3 Verifikation""; ""2.2 Validate Input and Output to Mitigate Common Vulnerabilities""; ""2.2.1 CWE References""; ""2.2.2 Verification""; ""2.3 Use Robust Integer Operations for Dynamic Memory Allocations and Array Offsets""; ""2.3.1 CWE References""; ""2.3.2 Verification""; ""2.4 Use Anti-Cross Site Scripting (XSS) Libraries""; ""2.4.1 CWE References""; ""2.4.2 Verification""; ""2.5 Use Canonical Data Formats""; ""2.5.1 CWE References""; ""2.5.2 Verification""; ""2.6 Avoid String Concatenation for Dynamic SQL Statements""; ""2.6.1 CWE References"" ""2.6.2 Verification""""2.7 Eliminate Weak Cryptography""; ""2.7.1 CWE References""; ""2.7.2 Verification""; ""2.8 Use Logging and Tracing""; ""2.8.1 CWE References""; ""2.8.2 Verification""; ""3 Testing Recommendations""; ""3.1 Determine Attack Surface""; ""3.2 Use Appropriate Testing Tools""; ""3.3 Perform Fuzz / Robustness Testing""; ""3.4 Perform Penetration Testing""; ""3.4.1 CWE References""; ""3.4.2 Verification""; ""4 Technology Recommendations""; ""4.1 Use a Current Compiler Toolset""; ""4.1.1 CWE References""; ""4.1.2 Verification""; ""4.2 Use Static Analysis Tools"" ""4.2.1 CWE References""""4.2.2 Verification""; ""5 Summary of Practices""; ""6 Moving Industry Forward""; ""About SAFECode""; ""Security Management, CISO Inside""; ""In-House Standardization of Security Measures: Necessity, Benefits and Real-world Obstructions""; ""1 Understanding Standardization""; ""1.1 In-house motivation""; ""1.2 Definition: standards and norms""; ""2 Necessity and benefits""; ""2.1 Necessity: IT service provisioning""; ""2.2 Benefits: quality and cost improvements""; ""2.3 CISO specifics""; ""3 What can be standardized""; ""4 Obstacles and solutions"" ""4.1 Business factors""""4.2 Security factors""; ""4.3 Human factors""; ""5 Summary""; ""References""; ""An Effective Approach for Assessing the Risk of Acquired IT Products""; ""1 Software Vulnerabilities and the Laws of Software Assurance""; ""1.1 What are Software Vulnerabilities?""; ""1.2 What is the Difference between Software Vulnerabilities and Software Errors?""; ""1.3 How do we Address Software Vulnerabilities?""; ""2 Risk Management""; ""2.1 What is the Relationship between Software Vulnerabilities and Risk Management?"" ""2.2 How do Organizations Assess the Risk of Acquired IT Products Today?"" |
Record Nr. | UNINA-9910298992803321 |
Wiesbaden : , : Springer Fachmedien Wiesbaden : , : Imprint : Springer Vieweg, , 2014 | ||
![]() | ||
Lo trovi qui: Univ. Federico II | ||
|
ISSE 2015 [[electronic resource] ] : Highlights of the Information Security Solutions Europe 2015 Conference / / edited by Helmut Reimer, Norbert Pohlmann, Wolfgang Schneider |
Edizione | [1st ed. 2015.] |
Pubbl/distr/stampa | Wiesbaden : , : Springer Fachmedien Wiesbaden : , : Imprint : Springer Vieweg, , 2015 |
Descrizione fisica | 1 online resource (315 p.) |
Disciplina | 004 |
Soggetto topico |
Computer security
Systems and Data Security |
ISBN | 3-658-10934-3 |
Formato | Materiale a stampa ![]() |
Livello bibliografico | Monografia |
Lingua di pubblicazione | eng |
Record Nr. | UNINA-9910299254603321 |
Wiesbaden : , : Springer Fachmedien Wiesbaden : , : Imprint : Springer Vieweg, , 2015 | ||
![]() | ||
Lo trovi qui: Univ. Federico II | ||
|