WebApp Sec mailing list archives
Re: Security Patterns - Military Models
From: Herman Stevens <herman.stevens () ubizen com>
Date: Fri, 23 Jul 2004 13:15:11 +0200
Some more higher level security patterns (Authoritative Source of Data, Risk Assessment and Management, Enterprise Partner Communication, Security Provider, Layered Security, ...) and some good pointers can be found on http://www.romanosky.net/papers. Another good starting point is http://www.securitypatterns.org. Mark Curphey wrote:
I was introduced to this by some of my Foundstone work colleagues a few weeks ago and I think it's very cool indeed, so thought I would share it. http://www.joeyoder.com/papers/patterns/Security/appsec.doc We teach it as a lab as part of a Building Secure Software training class and its very interesting to see how people relate to real-world scenarios with application architectures. Anyone else have any other gems ?
Current thread:
- Security Patterns - Military Models Mark Curphey (Jul 22)
- Re: Security Patterns - Military Models Peter Conrad (Jul 23)
- Re: Security Patterns - Military Models Herman Stevens (Jul 23)
- RE: Security Patterns - Military Models Mark Curphey (Jul 23)
- RE: Security Patterns - Military Models Mark Curphey (Jul 23)
- Re: Security Patterns - Military Models Ivan Ristic (Jul 25)