REVIEW - Foundations of Security - What Every Programmer Needs to Know


Title:

Foundations of Security

What Every Programmer Needs to Know

Author:

Christoph Kern, Anita Kesavan, Neil Daswani

ISBN:

Publisher:

Apress (2007)

Pages:

290pp

Reviewer:

Mark Easterbrook

Reviewed:

December 2009

Rating:

★★★★★


Now that almost every device for which developers are generating code is connected to a network, and in most cases directly or indirectly to the Internet, it is essential for programmers to understand software security and how to protect against attack. Yet hardly a day goes by without a security incident of some kind, indicating that there is still a severe lack of security understanding in the software world.

This book goes a long way to addressing this shortfall and should be essential reading for every software developer.

Part one covers design principles: setting out the goals and how to design towards them. It also covers the well-intentioned but flawed approaches to security that lead to a false sense of security.

Part two explores all the major forms of attack and describes how to counter them including many examples of secure, and not so secure, code.

Part 3 is an Introduction to Cryptography and covers the subject in enough detail for the diligent designer to choose the correct encryption method.

Finally part 4 contains Appendices and references.

The book is well written and provides a broad subject matter while still containing enough detail to go from beginner to skilled practitioner.


Book cover image courtesy of Open Library.





Your Privacy

By clicking "Accept Non-Essential Cookies" you agree ACCU can store non-essential cookies on your device and disclose information in accordance with our Privacy Policy and Cookie Policy.

Current Setting: Non-Essential Cookies REJECTED


By clicking "Include Third Party Content" you agree ACCU can forward your IP address to third-party sites (such as YouTube) to enhance the information presented on this site, and that third-party sites may store cookies on your device.

Current Setting: Third Party Content EXCLUDED



Settings can be changed at any time from the Cookie Policy page.