Es de vital importancia tener conocimiento de algunos aspectos que se encuentran día a día en el área de la seguridad informática. Si trabajamos en ella no podemos desconocer los siguientes conceptos y todas las variantes e implicancias que poseen:
Attack
Vulnerabilities
Control
Threat Agent
Algunos links interesantes:
- Saltzer and Schroeder (see section 3)
- Saltzer and Schroeder Applied to Star Wars
- The Six Dumbest Ideas in Computer Security
- Gary McGraw's 10 steps to secure software
- OWASP Development Guide Project
- Engineering Principles for Information Technology Security (EP-ITS), by Gary Stoneburner, Clark Hayden, and Alexis, NIST Special Publication (SP) 800-27 (PDF)
- Secure Design Principles from "Foundations of Security: What Every Programmer Needs To Know" by Neil Daswani, Christoph Kern, and Anita Kesavan (ISBN 1590597842)
- High-Assurance Design by Cliff Berg, 2005, Addison-Wesley. Foreword by Peter G. Neumann. Design principles and patterns for secure and reliable design.
Posts
0 comentarios:
Post a Comment