Basic Search

Cookie	Provider	Description	Expires
COPAUTH	OCLC	The cookie stores a successful login.	10 years after creation
EU_LAW_INFO	OCLC	Is set when the user has acknowledged the usage of cookies in OPEN.	10 years after creation
.ASPXANONYMOUS	DNN	The cookie stores an unique ID für anonymous users.	approximately 70 days
.DOTNETNUKE	DNN	A DNN cookie which is created during login.	Session
ASP.NET_SessionId	ASP.NET	Identifies the session of ASP.NET.	Session
authentication	OCLC	Saves the registration way of the patron. DNN (= DNN Login), COP (= OPEN Login) "" (= Patron is not logged in)	Session
dnn_IsMobile	DNN	The cookie stores whether the user uses a mobile device (e.g. a smartphone).	Session
languague	DNN	The cookie stores the currently set language (e.g. de-DE).	Session
LastPageId	DNN	The cookie stores the ID (TabID) of the last visited tab.	Session
__RequestVerificationToken	DNN	The cookie offers protection against cross-site attacks.	Session
SplashPageView	DNN	The cookie controls the single display of the welcome page.	Session
RepeaterCategories, RepeaterGroup	DNNGo	Cookies of the DNN module xPlugin, for layout configuration.	Session

Cookie	Provider	Description	Expires
GOOGLE_ANALYTICS_INFO	OCLC	The cookie is set when the user has acknowledged the usage of the tracking tool Google Analytics.	1 year
_ga, _ga__<container-id>	Google Analytics	The cookie _ga saves the Google Analytics-Client-ID in order to distinguish users, _ga__<container-id> is used to persist session state (provided the user has acknowledged the tool, please refer to cookie GOOGLE_ANALYTICS_INFO).	2 years
_Module_359_Survey_0_, AppearanceSecurityOptions, CSVExportOptions	DNN	These cookies are used by the optional 3rd party DNN module Survey.	until 31.12.9999, 20 minutes, 20 minutes

Cookie	Provider	Description	Expires
List of all settings cookies of OPEN:	OCLC	The cookies control the unfolded/closed - status of the different settings sections as well as the visibility of the headers.	Session
StayInEditMode	DNN	The cookie controls the edit mode of the page.	Session
cem_pending, CEM_CallbackData, CEM_ExistingModule, CEM_NewModuleId	DNN	These cookies are saved when adding or duplicating a module during edit mode.	Session

Recent search queries

Letzte Suchanfragen/ Recent seach queries

how to access...

Which media are where to find?

media areas and collections (books., journals, series, final theses etc.)

- how is the printed material organised?

shelf classification of the library

- further details see FAQ

any questions?

Service hours:

Mo - Fr	09:00am - 04:30pm
Phone	(+49)0531/6181-1164 (+49)0531/6181-1160
Mail	bibliothek(at)helmholtz-hzi.de

Your Search

Please note: chapters or articles are not searchable via library catalog -> search for the resource in which it is contained. In case of journals you learn in EZB/ Electronic Journals' Library which volumes we have subscribed to ( more on EZB: > Zeitschriften > Online-Zeitschriften) .

Branch	Locations
Dauerleihe	MA-20 560

Filter further (advanced search)

To results list

Print Permalink E-Mail

Threat modeling

designing for security

0 ratings

Author: Shostack, Adam (author)

Year: [2014]

Publisher: Boulevard, IN, John Wiley & Sons, Inc.

Dauerleihe

not available

Reserve

Copies

Branch	Locations	Status	Reservations	Due date	Barcode	Floor plan	Lending note
Branch: Dauerleihe	Locations: MA-20 560	Status: borrowed	Reservations: 0	Due date: 1/1/2199	Barcode: 00306029	Floor plans: Floor plan	Lending note:

Content

The only security book to be chosen as a Dr. Dobbs Jolt Award Finalist since Bruce Schneier's Secrets and Lies and Applied Cryptography!

Adam Shostack is responsible for security development lifecycle threat modeling at Microsoft and is one of a handful of threat modeling experts in the world. Now, he is sharing his considerable expertise into this unique book. With pages of specific actionable advice, he details how to build better security into the design of systems, software, or services from the outset. You'll explore various threat modeling approaches, find out how to test your designs against threats, and learn effective ways to address threats that have been validated at Microsoft and other top companies.

Systems security managers, you'll find tools and a framework for structured thinking about what can go wrong. Software developers, you'll appreciate the jargon-free and accessible introduction to this essential skill. Security professionals, you'll learn to discern changing threats and discover the easiest ways to adopt a structured approach to threat modeling.

* Provides a unique how-to for security and software developers who need to design secure products and systems and test their designs

* Explains how to threat model and explores various threat modeling approaches, such as asset-centric, attacker-centric and software-centric

* Provides effective approaches and techniques that have been proven at Microsoft and elsewhere

* Offers actionable how-to advice not tied to any specific software, operating system, or programming language

* Authored by a Microsoft professional who is one of the most prominent threat modeling experts in the world

As more software is delivered on the Internet or operates on Internet-connected devices, the design of secure software is absolutely critical. Make sure you're ready with Threat Modeling: Designing for Security.

Ratings

0 ratings

Details

Author: Shostack, Adam (author)

Statement of Responsibility: Adam Shostack

Year: [2014]

Publisher: Boulevard, IN, John Wiley & Sons, Inc.

Classification: MA-20

ISBN: 9781118809990

ISBN (2nd): 1118809998

Description: xxxiii, 590 Seiten, Diagramme

Tags: Datenverarbeitung

Language: Englisch

Original title: Threat modeling

Media group: Dauerleihe

SEARCH STRATEGIES

Use wildcards (in case of to less search results)

You can use a wild-card or truncation (here it's the common: * ) to conduct a search in which you use

the beginning of a word only e.g. cell* --> yields cell, cells, cellular, cell-cell communication...
the word beginning and ending e.g. anti*al --> yields antifungal, antiviral, antibial
the middle e.g. *vir* --> yields coronavirus, environment´, cytomegaloviruses, neurovirology
the word ending e.g. *logical --> yields biological, biotechnological, microbiological, ecological, mechanobiological
or if you wish to define certain letters as variables: behavi*r --> yields behavior, behaviour

Use Sorting and filter options or search suggestions (in case of too many, but less suitable search results)

Sort function (above hit list): Sort by Score, title, author, year - preset Relevance
Filter options (left): for example, Year, languages ...
Search suggestions: "Did you mean ..." - or you use your own alternative concepts / synonyms
Modify your search query via specifying several categories in the Advanced Search: Katalog-Recherche

NOT FOUND DESPITE FOLLOWING THOSE SEARCH STRATEGIES?

Contact us regarding what you need, perhaps we can purchase it or help otherwise.

PURPOSE OF THE SEARCH & EFFORT

The invested effort and which database or portal you could check depends also on what exactly you need:

Aim/ purpose of the literature search	Effort / required material
To be up-to-date in a subject area	4-5 well-founded article for a very first impression
Habilitation, Promotion	Thematic overview/ „sweeping swipe“, to broaden one's horizons
Diploma/ Bachelor/ Master thesis, seminal paper/ report, term paper	Is mostly an academic work for a PhD-student --> See above
To apply for a research fund	Comprehensive systematic review of previous research results
Contract and third party research, cooperation with the Economy, technology transfer, Patent Application	Well-founded and usually complex examination of the state of the art
Speech/ presentation, symposion, conference	Basic literature or latest articles or studies