CHAPTER 38
WRITING SECURE CODE
Lester E. Nichols, M. E. Kabay, and Timothy Braithwaite
38.2 POLICY AND MANAGEMENT ISSUES
38.2.1 Software Total Quality Management
38.2.3 Regulatory and Compliance Considerations
38.3 TECHNICAL AND PROCEDURAL ISSUES
38.3.4 Best Practices and Guidelines
38.4.1 Internal Design or Implementation Errors
38.5 ASSURANCE TOOLS AND TECHNIQUES
38.5.2 Code Examination and Application Penetration Testing
38.5.3 Standards and Best Practices
38.1 INTRODUCTION.
The topic of secure coding cannot be adequately addressed in a single chapter. Unfortunately, programs are inherently difficult to secure because of the large number of ways that execution can traverse the code as a result of different input sequences and data values.
This chapter provides a starting point and additional resources for security professionals, system architects, and developers to build a successful and secure development methodology. Writing secure code takes coordination and cooperation of various functional areas within an organization, and may require fundamental changes in the way software development currently is designed, written, tested, and implemented.
38.2 POLICY AND MANAGEMENT ISSUES.
There are countless security hurdles facing those writing code and developing ...
Get Computer Security Handbook, Fifth Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
