Software Security
Table of Contents
1 - About
Security regroups many subject area round:
- user management such as:
- authentication (user/password) and its method (ldap, table, …)
- authorization (group, privileges and role, object and information access)
- and data secrecy:
Provide mechanism rather than policy. In particular, place user interface policy in the clients hands
Shorthand guide:
- Identification: Who are you?
- authentication: Prove it.
- authorization: Here is what you are allowed to do.
2 - Articles Related
Advertising
3 - Principles
Kerckhoffs's_principle A cryptosystem should be secure even if everything about the system, except the key, is public knowledge.
4 - Characters
Alice and Bob are fictional characters commonly used as placeholder names in cryptology.
5 - Illustrations
The most effective picture to explain software security.
Everything I try to teach my freshman about security, in one photo:
6 - Data Lost
Data Lost or downtime. http://www.emc.com/microsites/emc-global-data-protection-index/index.htm
7 - First Rule
Advertising
8 - Security / Privacy
En Twitter
9 - Security and bug
The security industry is largely obsessed by finding (and selling / using / patching / reporting / showcasing / stockpiling / detecting / stealing) these “dangerous/useful” variety of bugs. And this obsession is continually fulfilled because bugs keep happening – which is just the nature of software development –…………
