4. Building Security In
使安全成為軟體開發必要部分
• 微軟
– Security System Development Life Cycle, SSDLC
• Gray McGraw
– 軟體安全接觸點
– Software Security: Building Security In
10. 軟體安全在學術界情況
學校 課程
University of California at Davis Introduction to Computer Security
University of Virginia Computer and Information Security
Johns Hopkins University Computer Security: An Intrusion Detection
Approach
Princeton University
Foundations of Computer and Information
Purdue University
Security
Rice University
Computer Incident Detection and
University of California at Berkeley Response
Stanford University Cryptography and Data Security
Naval Postgraduate School Penetration Analysis
University of Idaho Advanced Topics in Security
Iowa State University
George Washington University
United States Military Academy at West Point
31. 參考資料
• Gary McGraw, "Software Security: Building Security In", 2006
• Microsoft, "Simplified Implementation of the Microsoft SDL",
2010
• Michael Howard and David LeBlanc, "Writing Secure Code,
Second Edition", 2003
• Common Vulnerabilities and Exposures
• PTES: Penetration Testing Execution Standard