Skip to Main Content
Prefactoring
book

Prefactoring

by Ken Pugh
September 2005
Intermediate to advanced content levelIntermediate to advanced
240 pages
6h 28m
English
O'Reilly Media, Inc.
Content preview from Prefactoring

4.7. Security

Sam asked me to stop by for a cup of coffee. He sat with a perplexed look on his face. I inquired about the idea that he was mulling over.

He said, "I watched a TV show last night about a guy who broke into a computer system and stole information worth millions of dollars. What happens if someone breaks into my system?"

"Well, how much is the information in your system worth?" I asked.

"OK, not millions, but maybe in the tens of thousands," he replied.

"We should perform a risk analysis, before we get too involved in the detailed design of the system," I responded.

Security encompasses a broad range of issues including access protection, attack prevention, data backup, and data security . You can find a detailed discussion of security issues in Security Engineering: A Guide to Building Dependable Distributed Systems by Ross J. Anderson and Ross Anderson (Wiley, 2001). You should consider security from the start of the design. You should perform a risk analysis to determine the risks, the probability of their occurrence, and the cost if the risks materialize. Once you've identified the risks, you can employ appropriate measures, including structuring the design to meet those risks.

Many books explain how to write secure code. Two are Building Secure Software: How to Avoid Security Problems the Right Way by John Viega and Gary McGraw (Addison-Wesley Professional, 2001) and Secure Coding: Principles and Practices by Mark G. Graff and Kenneth R. Van Wyk (O'Reilly, 2003). ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Understanding Unittest.Mock

Understanding Unittest.Mock

Mario Corchero
Java™ Performance

Java™ Performance

Charlie Hunt, Binu John

Publisher Resources

ISBN: 0596008740Supplemental ContentCatalog PageErrata