Data Protection and Security |
|||||
VI |
Operating System Security and Secure Programming |
||||
VI.I |
Motivation |
||||
 |
|||||
You have been given the task of implementing “security” in an IT system. [more] |
|||||
Sessions: [1] |
|||||
VI.II |
Operating System Security |
||||
|
|||||
The reference monitor is an abstract concept, the security kernel is its implementation, and the trusted computing base contains the security kernel among other protection mechanisms. [more] |
|||||
| Sessions: [1] [2] [3] [4] [5] [6] [7] | |||||
VI.III |
Security Evaluation |
||||
|
|||||
Users of secure systems need some kind of assurance that the products they use provide adequate security. [more] |
|||||
| Sessions: [1] [2] [3] [4] [5] [6] [7] [8] [9] | |||||
VI.IV |
Secure Software Development |
||||
|
|||||
No matter what kind of computer system we are talking about, it can be an operating system, a web browser or an accounting application, the biggest problem in computer security today is that many security practitioners don’t know what the problem is. [more] |
|||||
| Sessions: [1] [2] [3] [4] [5] [6] [7] [8] [9] [10] | |||||
VI.V |
Buffer Overflow Attacks |
||||
|
|||||
At the end of this chapter, we look at the secure software problem from the reverse angle or in other words from the attacker’s point of view and we briefly explain how buffer overflow attacks, which is one of the most common software vulnerability in CERT advisories, can be exploited. [more] |
|||||
| Sessions: [1] | |||||
VI.VI |
Summary |
||||
|
|||||
We have four different subjects in this chapter: Operating system security, security evaluation, secure software development and software vulnerabilities.. [more] |
|||||
| Sessions: [1] | |||||
|
|||||