Foundations of security : what every programmer needs to know

Software developers need to worry about security as never before. They need clear guidance on safe coding practices, and that's exactly what this book delivers. The book does not delve deep into theory, or rant about the politics of security. Instead, it clearly and simply lays out the most common threats that programmers need to defend against. It then shows programmers how to make their defense. The book takes a broad focus, ranging over SQL injection, worms and buffer overflows, password security, and more. It sets programmers on the path towards successfully defending against the entire gamut of security threats that they might face.

Security Goals Secure Systems Design Secure Design Principles Exercises for Part 1 Worms and Other Malware Buffer Overflows Client-State Manipulation SQL Injection Password Security Cross-Domain Security in Web Applications Exercises for Part 2 Symmetric Key Cryptography Asymmetric Key Cryptography Key Management and Exchange MACs and Signatures Exercises for Part 3