| 000 | 03124cam a2200493Mi 4500 | ||
|---|---|---|---|
| 001 | 9781003144182 | ||
| 003 | FlBoTFG | ||
| 005 | 20240213122831.0 | ||
| 006 | m o d | ||
| 007 | cr cnu---unuuu | ||
| 008 | 210806s2022 xx o 0|| 0 eng d | ||
| 040 |
_aOCoLC-P _beng _erda _cOCoLC-P |
||
| 020 |
_a9781000415100 _q(electronic bk.) |
||
| 020 |
_a1000415104 _q(electronic bk.) |
||
| 020 |
_a9781000415148 _q(electronic bk.) |
||
| 020 |
_a1000415147 _q(electronic bk.) |
||
| 020 |
_a9781003144182 _q(electronic bk.) |
||
| 020 |
_a1003144187 _q(electronic bk.) |
||
| 020 | _z0367700018 | ||
| 020 | _z9780367700010 | ||
| 035 | _a(OCoLC)1262964916 | ||
| 035 | _a(OCoLC-P)1262964916 | ||
| 050 | 4 |
_aQA76.9.A25 _bM45 2022 |
|
| 072 | 7 |
_aCOM _x043050 _2bisacsh |
|
| 072 | 7 |
_aCOM _x051240 _2bisacsh |
|
| 072 | 7 |
_aCOM _x053000 _2bisacsh |
|
| 072 | 7 |
_aUR _2bicssc |
|
| 082 | 0 | 4 |
_a005.8 _223 |
| 100 | 1 |
_aMelone, Michael, _eauthor. |
|
| 245 | 1 | 0 | _aDesigning secure systems. |
| 260 |
_a[S.l.] : _bCRC Press, _c2022. |
||
| 300 | _a1 online resource | ||
| 336 |
_atext _btxt _2rdacontent |
||
| 337 |
_acomputer _bc _2rdamedia |
||
| 338 |
_aonline resource _bcr _2rdacarrier |
||
| 520 | _aModern systems are an intertwined mesh of human process, physical security, and technology. Attackers are aware of this, commonly leveraging a weakness in one form of security to gain control over an otherwise protected operation. To expose these weaknesses, we need a single unified model that can be used to describe all aspects of the system on equal terms. Designing Secure Systems takes a theory-based approach to concepts underlying all forms of systems - from padlocks, to phishing, to enterprise software architecture. We discuss how weakness in one part of a system creates vulnerability in another, all the while applying standards and frameworks used in the cybersecurity world. Our goal: to analyze the security of the entire system - including people, processes, and technology -using a single model. We begin by describing the core concepts of access, authorization, authentication, and exploitation. We then break authorization down into five interrelated components and describe how these aspects apply to physical, human process, and cybersecurity. Lastly, we discuss how to operate a secure system based on the NIST Cybersecurity Framework (CSF) concepts of "identify, protect, detect, respond, and recover." Other topics covered in this book include the NIST National Vulnerability Database (NVD), MITRE Common Vulnerability Scoring System (CVSS), Microsoft's Security Development Lifecycle (SDL), and the MITRE ATT&CK Framework. | ||
| 588 | _aOCLC-licensed vendor bibliographic record. | ||
| 650 | 0 | _aComputer security. | |
| 650 | 7 |
_aCOMPUTERS / Networking / Security _2bisacsh |
|
| 650 | 7 |
_aCOMPUTERS / Programming / Systems Analysis & Design _2bisacsh |
|
| 650 | 7 |
_aCOMPUTERS / Security / General _2bisacsh |
|
| 856 | 4 | 0 |
_3Taylor & Francis _uhttps://www.taylorfrancis.com/books/9781003144182 |
| 856 | 4 | 2 |
_3OCLC metadata license agreement _uhttp://www.oclc.org/content/dam/oclc/forms/terms/vbrl-201703.pdf |
| 999 |
_c5893 _d5893 |
||