r55 - 05 Dec 2007 - 21:54:20 - HeikkiToivonenYou are here: OSAF > Projects Web > DevelopmentHome > SecurityFramework
Chandler Security
Security is a subset of quality. Security must be built in, because adding it in later is costly and will likely not provide very good security. A bug in any part of the application may be a security vulnerability, so everyone is responsible for writing secure code.People
Project Overview
The Chandler security project encompasses everything from identifying security threats we need to protect against and technologies we will use to counter the threats: cryptography, access control and secure software development methodologies and best practices. We also lump privacy with security. Finally there is a policy and plan for security response when things go wrong.Recommended Reading
- Building Secure Software: How to Avoid Security Problems the Right Way by John Viega and Gary McGraw, ISBN 020172152X. Book site 1.
- Writing Secure Code, 2nd Edition by Michael Howard and David LeBlanc, ISBN 0-7356-1722-8. Errata
- 19 Deadly Sins of Software Security by Michael Howard, David LeBlanc and John Viega, ISBN 0-07-226085-8.
Historical references of interest
- CanogaSecurityDesign
- AgentSecurityIssues
- SecurityIssueSummary
- MailSecurity
- EmailSecurityIssues
- SecurityIssues
- DbContentSecurity
- DataSharing
- Search all Chandler wiki pages that contain regexp "encrypt|auth|identit|securit|decrypt|access|acl"
- Search all Jungle wiki pages that contain regexp "encrypt|auth|identit|securit|decrypt|access|acl"
- Search all Journal wiki pages that contain regexp "encrypt|auth|identit|securit|decrypt|access|acl"
- Search all Main wiki pages that contain regexp "encrypt|auth|identit|securit|decrypt|access|acl"
Log In
Except where otherwise noted, this site and its content are licensed by OSAF under an Creative Commons License, Attribution Only 3.0.
See list of page contributors for attributions.
See list of page contributors for attributions.