Web application security engineering
Meier, J.D.
Microsoft, Redmond, WA;
This paper appears in: Security & Privacy, IEEE
Publication Date: July-Aug. 2006
Volume: 4,
Issue: 4
On page(s): 16-24
ISSN: 1540-7993
INSPEC Accession Number: 9023085
Digital Object Identifier: 10.1109/MSP.2006.109
Current Version Published: 2006-08-07
Abstract
Integrating security throughout the life cycle can improve overall Web application security. With a detailed review of the steps involved in applying security-specific activities throughout the software development life cycle, the author walks practitioners through effective, efficient application design, development, and testing. With this article, the author shares a way to improve Web application security by integrating security throughout the life cycle. The ideas he present here are based on empirical evidence from consulting with hundreds of customers - real-world scenarios with real project constraints and security concerns - across a variety of scenarios and putting into practice the security techniques that the experts know. The result is an approach that has evolved and refined itself over time
Index
Terms
Available to subscribers and IEEE members.
References
Available to subscribers and IEEE members.
Citing Documents
Available to subscribers and IEEE members.
Cart
