Chapter 13. Ten Steps to Designing a Secure Enterprise System
The key concept in this chapter is:
Designing security into applications
Let’s suppose you’re working for a major player in the field of miniature plastic dinosaur retailing. As part of its information systems overhaul, the company is commissioning the development of new software that will replace its aging systems. At the kick-off meeting for the new software project, the CEO herself gives you the honorable task of "making it secure." Wow, your first real security assignment! For a moment, your chest swells up with pride, your head spins giddily with excitement, and everyone around you appears small and insignificant. Then reality comes crashing down, and you realize you don’t know what ...