4. Building Security In
使安全成為軟體開發必要部分
• 微軟
– Security System Development Life Cycle, SSDLC
• Gray McGraw
– 軟體安全接觸點
– Software Security: Building Security In
10. 軟體安全在學術界情況
學校
University of California at Davis
University of Virginia
Johns Hopkins University
Princeton University
Purdue University
Rice University
University of California at Berkeley
Stanford University
Naval Postgraduate School
University of Idaho
Iowa State University
George Washington University
United States Military Academy at West Point
課程
Introduction to Computer Security
Computer and Information Security
Computer Security: An Intrusion Detection
Approach
Foundations of Computer and Information
Security
Computer Incident Detection and
Response
Cryptography and Data Security
Penetration Analysis
Advanced Topics in Security
31. 參考資料
• Gary McGraw, "Software Security: Building Security In", 2006
• Microsoft, "Simplified Implementation of the Microsoft SDL",
2010
• Michael Howard and David LeBlanc, "Writing Secure Code,
Second Edition", 2003
• Common Vulnerabilities and Exposures
• PTES: Penetration Testing Execution Standard