Building secure and reliable systems: best practices for designing, implementing, and maintaining systems
Saved in:
| Other Authors: | , , , , , |
|---|---|
| Format: | Electronic eBook |
| Language: | English |
| Published: |
Beijing
O'Reilly
2020
|
| Edition: | First edition |
| Subjects: | |
| Links: | https://ebookcentral.proquest.com/lib/th-deggendorf/detail.action?docID=6202784 |
| Item Description: | Description based upon print version of record |
| Physical Description: | 1 Online-Ressource (xxxiv, 519 Seiten) |
| ISBN: | 9781492083092 |
Staff View
MARC
| LEADER | 00000nam a2200000 c 4500 | ||
|---|---|---|---|
| 001 | BV047366307 | ||
| 003 | DE-604 | ||
| 005 | 00000000000000.0 | ||
| 007 | cr|uuu---uuuuu | ||
| 008 | 210712s2020 xx o|||| 00||| eng d | ||
| 020 | |a 9781492083092 |9 978-1-492-08309-2 | ||
| 035 | |a (OCoLC)1260143569 | ||
| 035 | |a (DE-599)BVBBV047366307 | ||
| 040 | |a DE-604 |b ger |e rda | ||
| 041 | 0 | |a eng | |
| 049 | |a DE-1050 | ||
| 084 | |a ST 277 |0 (DE-625)143643: |2 rvk | ||
| 245 | 1 | 0 | |a Building secure and reliable systems |b best practices for designing, implementing, and maintaining systems |c Heather Adkins, Betsy Beyer, Paul Blankinship, Piotr Lewandowski, Ana Oprea, and Adam Stubblefield |
| 250 | |a First edition | ||
| 264 | 1 | |a Beijing |b O'Reilly |c 2020 | |
| 300 | |a 1 Online-Ressource (xxxiv, 519 Seiten) | ||
| 336 | |b txt |2 rdacontent | ||
| 337 | |b c |2 rdamedia | ||
| 338 | |b cr |2 rdacarrier | ||
| 500 | |a Description based upon print version of record | ||
| 505 | 8 | |a Intro -- Foreword by Royal Hansen -- Foreword by Michael Wildpaner -- Preface -- Why We Wrote This Book -- Who This Book Is For -- A Note About Culture -- How to Read This Book -- Conventions Used in This Book -- O'Reilly Online Learning -- How to Contact Us -- Acknowledgments -- I. Introductory Material -- 1. The Intersection of Security and Reliability -- On Passwords and Power Drills -- Reliability Versus Security: Design Considerations -- Confidentiality, Integrity, Availability -- Confidentiality -- Integrity -- Availability -- Reliability and Security: Commonalities -- Invisibility | |
| 505 | 8 | |a Assessment -- Simplicity -- Evolution -- Resilience -- From Design to Production -- Investigating Systems and Logging -- Crisis Response -- Recovery -- Conclusion -- 2. Understanding Adversaries -- Attacker Motivations -- Attacker Profiles -- Hobbyists -- Vulnerability Researchers -- Governments and Law Enforcement -- Intelligence gathering -- Military purposes -- Policing domestic activity -- Protecting your systems from nation-state actors -- Activists -- Protecting your systems from hacktivists -- Criminal Actors -- Protecting your systems from criminal actors | |
| 505 | 8 | |a Automation and Artificial Intelligence -- Protecting your systems from automated attacks -- Insiders -- First-party insiders -- Third-party insiders -- Related insiders -- Threat modeling insider risk -- Designing for insider risk -- Attacker Methods -- Threat Intelligence -- Cyber Kill Chains™ -- Tactics, Techniques, and Procedures -- Risk Assessment Considerations -- Conclusion -- II. Designing Systems -- 3. Case Study: Safe Proxies -- Safe Proxies in Production Environments -- Google Tool Proxy -- Conclusion -- 4. Design Tradeoffs -- Design Objectives and Requirements -- Feature Requirements | |
| 505 | 8 | |a Nonfunctional Requirements -- Features Versus Emergent Properties -- Example: Google Design Document -- Balancing Requirements -- Example: Payment Processing -- Security and reliability considerations -- Using a third-party service provider to handle sensitive data -- Benefits -- Costs and nontechnical risks -- Reliability risks -- Security risks -- Managing Tensions and Aligning Goals -- Example: Microservices and the Google Web Application Framework -- Aligning Emergent-Property Requirements -- Initial Velocity Versus Sustained Velocity -- Conclusion -- 5. Design for Least Privilege | |
| 505 | 8 | |a Concepts and Terminology -- Least Privilege -- Zero Trust Networking -- Zero Touch -- Classifying Access Based on Risk -- Best Practices -- Small Functional APIs -- Breakglass -- Auditing -- Collecting good audit logs -- Choosing an auditor -- Testing and Least Privilege -- Testing of least privilege -- Testing with least privilege -- Diagnosing Access Denials -- Graceful Failure and Breakglass Mechanisms -- Worked Example: Configuration Distribution -- POSIX API via OpenSSH -- Software Update API -- Custom OpenSSH ForceCommand -- Custom HTTP Receiver (Sidecar) | |
| 650 | 4 | |a Computer networks / Security measures | |
| 650 | 4 | |a Computer science | |
| 650 | 4 | |a Information storage and retrieval systems | |
| 650 | 4 | |a Software engineering | |
| 650 | 4 | |a Information technology | |
| 650 | 4 | |a Data protection | |
| 650 | 7 | |a Computer networks / Security measures |2 fast | |
| 650 | 7 | |a Computer science |2 fast | |
| 650 | 7 | |a Data protection |2 fast | |
| 650 | 7 | |a Information storage and retrieval systems |2 fast | |
| 650 | 7 | |a Information technology |2 fast | |
| 650 | 7 | |a Software engineering |2 fast | |
| 650 | 0 | 7 | |a Computersicherheit |0 (DE-588)4274324-2 |2 gnd |9 rswk-swf |
| 650 | 0 | 7 | |a Softwareentwicklung |0 (DE-588)4116522-6 |2 gnd |9 rswk-swf |
| 650 | 0 | 7 | |a Implementierung |g Informatik |0 (DE-588)4026663-1 |2 gnd |9 rswk-swf |
| 689 | 0 | 0 | |a Computersicherheit |0 (DE-588)4274324-2 |D s |
| 689 | 0 | 1 | |a Softwareentwicklung |0 (DE-588)4116522-6 |D s |
| 689 | 0 | 2 | |a Implementierung |g Informatik |0 (DE-588)4026663-1 |D s |
| 689 | 0 | |5 DE-604 | |
| 700 | 1 | |a Adkins, Heather |4 edt | |
| 700 | 1 | |a Beyer, Betsy |0 (DE-588)1112230386 |4 edt | |
| 700 | 1 | |a Blankinship, Paul |4 edt | |
| 700 | 1 | |a Lewandowski, Piotr |4 edt | |
| 700 | 1 | |a Oprea, Ana |4 edt | |
| 700 | 1 | |a Stubblefield, Adam |4 edt | |
| 776 | 0 | 8 | |i Erscheint auch als |n Druck-Ausgabe |z 978-1-492-08312-2 |
| 912 | |a ZDB-30-PQE | ||
| 943 | 1 | |a oai:aleph.bib-bvb.de:BVB01-032768185 | |
| 966 | e | |u https://ebookcentral.proquest.com/lib/th-deggendorf/detail.action?docID=6202784 |l DE-1050 |p ZDB-30-PQE |q FHD01_PQE_Kauf |x Aggregator |3 Volltext | |
Record in the Search Index
| _version_ | 1818988115206864896 |
|---|---|
| any_adam_object | |
| author2 | Adkins, Heather Beyer, Betsy Blankinship, Paul Lewandowski, Piotr Oprea, Ana Stubblefield, Adam |
| author2_role | edt edt edt edt edt edt |
| author2_variant | h a ha b b bb p b pb p l pl a o ao a s as |
| author_GND | (DE-588)1112230386 |
| author_facet | Adkins, Heather Beyer, Betsy Blankinship, Paul Lewandowski, Piotr Oprea, Ana Stubblefield, Adam |
| building | Verbundindex |
| bvnumber | BV047366307 |
| classification_rvk | ST 277 |
| collection | ZDB-30-PQE |
| contents | Intro -- Foreword by Royal Hansen -- Foreword by Michael Wildpaner -- Preface -- Why We Wrote This Book -- Who This Book Is For -- A Note About Culture -- How to Read This Book -- Conventions Used in This Book -- O'Reilly Online Learning -- How to Contact Us -- Acknowledgments -- I. Introductory Material -- 1. The Intersection of Security and Reliability -- On Passwords and Power Drills -- Reliability Versus Security: Design Considerations -- Confidentiality, Integrity, Availability -- Confidentiality -- Integrity -- Availability -- Reliability and Security: Commonalities -- Invisibility Assessment -- Simplicity -- Evolution -- Resilience -- From Design to Production -- Investigating Systems and Logging -- Crisis Response -- Recovery -- Conclusion -- 2. Understanding Adversaries -- Attacker Motivations -- Attacker Profiles -- Hobbyists -- Vulnerability Researchers -- Governments and Law Enforcement -- Intelligence gathering -- Military purposes -- Policing domestic activity -- Protecting your systems from nation-state actors -- Activists -- Protecting your systems from hacktivists -- Criminal Actors -- Protecting your systems from criminal actors Automation and Artificial Intelligence -- Protecting your systems from automated attacks -- Insiders -- First-party insiders -- Third-party insiders -- Related insiders -- Threat modeling insider risk -- Designing for insider risk -- Attacker Methods -- Threat Intelligence -- Cyber Kill Chains™ -- Tactics, Techniques, and Procedures -- Risk Assessment Considerations -- Conclusion -- II. Designing Systems -- 3. Case Study: Safe Proxies -- Safe Proxies in Production Environments -- Google Tool Proxy -- Conclusion -- 4. Design Tradeoffs -- Design Objectives and Requirements -- Feature Requirements Nonfunctional Requirements -- Features Versus Emergent Properties -- Example: Google Design Document -- Balancing Requirements -- Example: Payment Processing -- Security and reliability considerations -- Using a third-party service provider to handle sensitive data -- Benefits -- Costs and nontechnical risks -- Reliability risks -- Security risks -- Managing Tensions and Aligning Goals -- Example: Microservices and the Google Web Application Framework -- Aligning Emergent-Property Requirements -- Initial Velocity Versus Sustained Velocity -- Conclusion -- 5. Design for Least Privilege Concepts and Terminology -- Least Privilege -- Zero Trust Networking -- Zero Touch -- Classifying Access Based on Risk -- Best Practices -- Small Functional APIs -- Breakglass -- Auditing -- Collecting good audit logs -- Choosing an auditor -- Testing and Least Privilege -- Testing of least privilege -- Testing with least privilege -- Diagnosing Access Denials -- Graceful Failure and Breakglass Mechanisms -- Worked Example: Configuration Distribution -- POSIX API via OpenSSH -- Software Update API -- Custom OpenSSH ForceCommand -- Custom HTTP Receiver (Sidecar) |
| ctrlnum | (OCoLC)1260143569 (DE-599)BVBBV047366307 |
| discipline | Informatik |
| edition | First edition |
| format | Electronic eBook |
| fullrecord | <?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>05441nam a2200673 c 4500</leader><controlfield tag="001">BV047366307</controlfield><controlfield tag="003">DE-604</controlfield><controlfield tag="005">00000000000000.0</controlfield><controlfield tag="007">cr|uuu---uuuuu</controlfield><controlfield tag="008">210712s2020 xx o|||| 00||| eng d</controlfield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9781492083092</subfield><subfield code="9">978-1-492-08309-2</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)1260143569</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)BVBBV047366307</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-604</subfield><subfield code="b">ger</subfield><subfield code="e">rda</subfield></datafield><datafield tag="041" ind1="0" ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-1050</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">ST 277</subfield><subfield code="0">(DE-625)143643:</subfield><subfield code="2">rvk</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Building secure and reliable systems</subfield><subfield code="b">best practices for designing, implementing, and maintaining systems</subfield><subfield code="c">Heather Adkins, Betsy Beyer, Paul Blankinship, Piotr Lewandowski, Ana Oprea, and Adam Stubblefield</subfield></datafield><datafield tag="250" ind1=" " ind2=" "><subfield code="a">First edition</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="a">Beijing</subfield><subfield code="b">O'Reilly</subfield><subfield code="c">2020</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">1 Online-Ressource (xxxiv, 519 Seiten)</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="b">c</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="b">cr</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="500" ind1=" " ind2=" "><subfield code="a">Description based upon print version of record</subfield></datafield><datafield tag="505" ind1="8" ind2=" "><subfield code="a">Intro -- Foreword by Royal Hansen -- Foreword by Michael Wildpaner -- Preface -- Why We Wrote This Book -- Who This Book Is For -- A Note About Culture -- How to Read This Book -- Conventions Used in This Book -- O'Reilly Online Learning -- How to Contact Us -- Acknowledgments -- I. Introductory Material -- 1. The Intersection of Security and Reliability -- On Passwords and Power Drills -- Reliability Versus Security: Design Considerations -- Confidentiality, Integrity, Availability -- Confidentiality -- Integrity -- Availability -- Reliability and Security: Commonalities -- Invisibility</subfield></datafield><datafield tag="505" ind1="8" ind2=" "><subfield code="a">Assessment -- Simplicity -- Evolution -- Resilience -- From Design to Production -- Investigating Systems and Logging -- Crisis Response -- Recovery -- Conclusion -- 2. Understanding Adversaries -- Attacker Motivations -- Attacker Profiles -- Hobbyists -- Vulnerability Researchers -- Governments and Law Enforcement -- Intelligence gathering -- Military purposes -- Policing domestic activity -- Protecting your systems from nation-state actors -- Activists -- Protecting your systems from hacktivists -- Criminal Actors -- Protecting your systems from criminal actors</subfield></datafield><datafield tag="505" ind1="8" ind2=" "><subfield code="a">Automation and Artificial Intelligence -- Protecting your systems from automated attacks -- Insiders -- First-party insiders -- Third-party insiders -- Related insiders -- Threat modeling insider risk -- Designing for insider risk -- Attacker Methods -- Threat Intelligence -- Cyber Kill Chains™ -- Tactics, Techniques, and Procedures -- Risk Assessment Considerations -- Conclusion -- II. Designing Systems -- 3. Case Study: Safe Proxies -- Safe Proxies in Production Environments -- Google Tool Proxy -- Conclusion -- 4. Design Tradeoffs -- Design Objectives and Requirements -- Feature Requirements</subfield></datafield><datafield tag="505" ind1="8" ind2=" "><subfield code="a">Nonfunctional Requirements -- Features Versus Emergent Properties -- Example: Google Design Document -- Balancing Requirements -- Example: Payment Processing -- Security and reliability considerations -- Using a third-party service provider to handle sensitive data -- Benefits -- Costs and nontechnical risks -- Reliability risks -- Security risks -- Managing Tensions and Aligning Goals -- Example: Microservices and the Google Web Application Framework -- Aligning Emergent-Property Requirements -- Initial Velocity Versus Sustained Velocity -- Conclusion -- 5. Design for Least Privilege</subfield></datafield><datafield tag="505" ind1="8" ind2=" "><subfield code="a">Concepts and Terminology -- Least Privilege -- Zero Trust Networking -- Zero Touch -- Classifying Access Based on Risk -- Best Practices -- Small Functional APIs -- Breakglass -- Auditing -- Collecting good audit logs -- Choosing an auditor -- Testing and Least Privilege -- Testing of least privilege -- Testing with least privilege -- Diagnosing Access Denials -- Graceful Failure and Breakglass Mechanisms -- Worked Example: Configuration Distribution -- POSIX API via OpenSSH -- Software Update API -- Custom OpenSSH ForceCommand -- Custom HTTP Receiver (Sidecar)</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Computer networks / Security measures</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Computer science</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Information storage and retrieval systems</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Software engineering</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Information technology</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Data protection</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">Computer networks / Security measures</subfield><subfield code="2">fast</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">Computer science</subfield><subfield code="2">fast</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">Data protection</subfield><subfield code="2">fast</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">Information storage and retrieval systems</subfield><subfield code="2">fast</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">Information technology</subfield><subfield code="2">fast</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">Software engineering</subfield><subfield code="2">fast</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Computersicherheit</subfield><subfield code="0">(DE-588)4274324-2</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Softwareentwicklung</subfield><subfield code="0">(DE-588)4116522-6</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Implementierung</subfield><subfield code="g">Informatik</subfield><subfield code="0">(DE-588)4026663-1</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="689" ind1="0" ind2="0"><subfield code="a">Computersicherheit</subfield><subfield code="0">(DE-588)4274324-2</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2="1"><subfield code="a">Softwareentwicklung</subfield><subfield code="0">(DE-588)4116522-6</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2="2"><subfield code="a">Implementierung</subfield><subfield code="g">Informatik</subfield><subfield code="0">(DE-588)4026663-1</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2=" "><subfield code="5">DE-604</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Adkins, Heather</subfield><subfield code="4">edt</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Beyer, Betsy</subfield><subfield code="0">(DE-588)1112230386</subfield><subfield code="4">edt</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Blankinship, Paul</subfield><subfield code="4">edt</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Lewandowski, Piotr</subfield><subfield code="4">edt</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Oprea, Ana</subfield><subfield code="4">edt</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Stubblefield, Adam</subfield><subfield code="4">edt</subfield></datafield><datafield tag="776" ind1="0" ind2="8"><subfield code="i">Erscheint auch als</subfield><subfield code="n">Druck-Ausgabe</subfield><subfield code="z">978-1-492-08312-2</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">ZDB-30-PQE</subfield></datafield><datafield tag="943" ind1="1" ind2=" "><subfield code="a">oai:aleph.bib-bvb.de:BVB01-032768185</subfield></datafield><datafield tag="966" ind1="e" ind2=" "><subfield code="u">https://ebookcentral.proquest.com/lib/th-deggendorf/detail.action?docID=6202784</subfield><subfield code="l">DE-1050</subfield><subfield code="p">ZDB-30-PQE</subfield><subfield code="q">FHD01_PQE_Kauf</subfield><subfield code="x">Aggregator</subfield><subfield code="3">Volltext</subfield></datafield></record></collection> |
| id | DE-604.BV047366307 |
| illustrated | Not Illustrated |
| indexdate | 2024-12-20T19:17:27Z |
| institution | BVB |
| isbn | 9781492083092 |
| language | English |
| oai_aleph_id | oai:aleph.bib-bvb.de:BVB01-032768185 |
| oclc_num | 1260143569 |
| open_access_boolean | |
| owner | DE-1050 |
| owner_facet | DE-1050 |
| physical | 1 Online-Ressource (xxxiv, 519 Seiten) |
| psigel | ZDB-30-PQE ZDB-30-PQE FHD01_PQE_Kauf |
| publishDate | 2020 |
| publishDateSearch | 2020 |
| publishDateSort | 2020 |
| publisher | O'Reilly |
| record_format | marc |
| spelling | Building secure and reliable systems best practices for designing, implementing, and maintaining systems Heather Adkins, Betsy Beyer, Paul Blankinship, Piotr Lewandowski, Ana Oprea, and Adam Stubblefield First edition Beijing O'Reilly 2020 1 Online-Ressource (xxxiv, 519 Seiten) txt rdacontent c rdamedia cr rdacarrier Description based upon print version of record Intro -- Foreword by Royal Hansen -- Foreword by Michael Wildpaner -- Preface -- Why We Wrote This Book -- Who This Book Is For -- A Note About Culture -- How to Read This Book -- Conventions Used in This Book -- O'Reilly Online Learning -- How to Contact Us -- Acknowledgments -- I. Introductory Material -- 1. The Intersection of Security and Reliability -- On Passwords and Power Drills -- Reliability Versus Security: Design Considerations -- Confidentiality, Integrity, Availability -- Confidentiality -- Integrity -- Availability -- Reliability and Security: Commonalities -- Invisibility Assessment -- Simplicity -- Evolution -- Resilience -- From Design to Production -- Investigating Systems and Logging -- Crisis Response -- Recovery -- Conclusion -- 2. Understanding Adversaries -- Attacker Motivations -- Attacker Profiles -- Hobbyists -- Vulnerability Researchers -- Governments and Law Enforcement -- Intelligence gathering -- Military purposes -- Policing domestic activity -- Protecting your systems from nation-state actors -- Activists -- Protecting your systems from hacktivists -- Criminal Actors -- Protecting your systems from criminal actors Automation and Artificial Intelligence -- Protecting your systems from automated attacks -- Insiders -- First-party insiders -- Third-party insiders -- Related insiders -- Threat modeling insider risk -- Designing for insider risk -- Attacker Methods -- Threat Intelligence -- Cyber Kill Chains™ -- Tactics, Techniques, and Procedures -- Risk Assessment Considerations -- Conclusion -- II. Designing Systems -- 3. Case Study: Safe Proxies -- Safe Proxies in Production Environments -- Google Tool Proxy -- Conclusion -- 4. Design Tradeoffs -- Design Objectives and Requirements -- Feature Requirements Nonfunctional Requirements -- Features Versus Emergent Properties -- Example: Google Design Document -- Balancing Requirements -- Example: Payment Processing -- Security and reliability considerations -- Using a third-party service provider to handle sensitive data -- Benefits -- Costs and nontechnical risks -- Reliability risks -- Security risks -- Managing Tensions and Aligning Goals -- Example: Microservices and the Google Web Application Framework -- Aligning Emergent-Property Requirements -- Initial Velocity Versus Sustained Velocity -- Conclusion -- 5. Design for Least Privilege Concepts and Terminology -- Least Privilege -- Zero Trust Networking -- Zero Touch -- Classifying Access Based on Risk -- Best Practices -- Small Functional APIs -- Breakglass -- Auditing -- Collecting good audit logs -- Choosing an auditor -- Testing and Least Privilege -- Testing of least privilege -- Testing with least privilege -- Diagnosing Access Denials -- Graceful Failure and Breakglass Mechanisms -- Worked Example: Configuration Distribution -- POSIX API via OpenSSH -- Software Update API -- Custom OpenSSH ForceCommand -- Custom HTTP Receiver (Sidecar) Computer networks / Security measures Computer science Information storage and retrieval systems Software engineering Information technology Data protection Computer networks / Security measures fast Computer science fast Data protection fast Information storage and retrieval systems fast Information technology fast Software engineering fast Computersicherheit (DE-588)4274324-2 gnd rswk-swf Softwareentwicklung (DE-588)4116522-6 gnd rswk-swf Implementierung Informatik (DE-588)4026663-1 gnd rswk-swf Computersicherheit (DE-588)4274324-2 s Softwareentwicklung (DE-588)4116522-6 s Implementierung Informatik (DE-588)4026663-1 s DE-604 Adkins, Heather edt Beyer, Betsy (DE-588)1112230386 edt Blankinship, Paul edt Lewandowski, Piotr edt Oprea, Ana edt Stubblefield, Adam edt Erscheint auch als Druck-Ausgabe 978-1-492-08312-2 |
| spellingShingle | Building secure and reliable systems best practices for designing, implementing, and maintaining systems Intro -- Foreword by Royal Hansen -- Foreword by Michael Wildpaner -- Preface -- Why We Wrote This Book -- Who This Book Is For -- A Note About Culture -- How to Read This Book -- Conventions Used in This Book -- O'Reilly Online Learning -- How to Contact Us -- Acknowledgments -- I. Introductory Material -- 1. The Intersection of Security and Reliability -- On Passwords and Power Drills -- Reliability Versus Security: Design Considerations -- Confidentiality, Integrity, Availability -- Confidentiality -- Integrity -- Availability -- Reliability and Security: Commonalities -- Invisibility Assessment -- Simplicity -- Evolution -- Resilience -- From Design to Production -- Investigating Systems and Logging -- Crisis Response -- Recovery -- Conclusion -- 2. Understanding Adversaries -- Attacker Motivations -- Attacker Profiles -- Hobbyists -- Vulnerability Researchers -- Governments and Law Enforcement -- Intelligence gathering -- Military purposes -- Policing domestic activity -- Protecting your systems from nation-state actors -- Activists -- Protecting your systems from hacktivists -- Criminal Actors -- Protecting your systems from criminal actors Automation and Artificial Intelligence -- Protecting your systems from automated attacks -- Insiders -- First-party insiders -- Third-party insiders -- Related insiders -- Threat modeling insider risk -- Designing for insider risk -- Attacker Methods -- Threat Intelligence -- Cyber Kill Chains™ -- Tactics, Techniques, and Procedures -- Risk Assessment Considerations -- Conclusion -- II. Designing Systems -- 3. Case Study: Safe Proxies -- Safe Proxies in Production Environments -- Google Tool Proxy -- Conclusion -- 4. Design Tradeoffs -- Design Objectives and Requirements -- Feature Requirements Nonfunctional Requirements -- Features Versus Emergent Properties -- Example: Google Design Document -- Balancing Requirements -- Example: Payment Processing -- Security and reliability considerations -- Using a third-party service provider to handle sensitive data -- Benefits -- Costs and nontechnical risks -- Reliability risks -- Security risks -- Managing Tensions and Aligning Goals -- Example: Microservices and the Google Web Application Framework -- Aligning Emergent-Property Requirements -- Initial Velocity Versus Sustained Velocity -- Conclusion -- 5. Design for Least Privilege Concepts and Terminology -- Least Privilege -- Zero Trust Networking -- Zero Touch -- Classifying Access Based on Risk -- Best Practices -- Small Functional APIs -- Breakglass -- Auditing -- Collecting good audit logs -- Choosing an auditor -- Testing and Least Privilege -- Testing of least privilege -- Testing with least privilege -- Diagnosing Access Denials -- Graceful Failure and Breakglass Mechanisms -- Worked Example: Configuration Distribution -- POSIX API via OpenSSH -- Software Update API -- Custom OpenSSH ForceCommand -- Custom HTTP Receiver (Sidecar) Computer networks / Security measures Computer science Information storage and retrieval systems Software engineering Information technology Data protection Computer networks / Security measures fast Computer science fast Data protection fast Information storage and retrieval systems fast Information technology fast Software engineering fast Computersicherheit (DE-588)4274324-2 gnd Softwareentwicklung (DE-588)4116522-6 gnd Implementierung Informatik (DE-588)4026663-1 gnd |
| subject_GND | (DE-588)4274324-2 (DE-588)4116522-6 (DE-588)4026663-1 |
| title | Building secure and reliable systems best practices for designing, implementing, and maintaining systems |
| title_auth | Building secure and reliable systems best practices for designing, implementing, and maintaining systems |
| title_exact_search | Building secure and reliable systems best practices for designing, implementing, and maintaining systems |
| title_full | Building secure and reliable systems best practices for designing, implementing, and maintaining systems Heather Adkins, Betsy Beyer, Paul Blankinship, Piotr Lewandowski, Ana Oprea, and Adam Stubblefield |
| title_fullStr | Building secure and reliable systems best practices for designing, implementing, and maintaining systems Heather Adkins, Betsy Beyer, Paul Blankinship, Piotr Lewandowski, Ana Oprea, and Adam Stubblefield |
| title_full_unstemmed | Building secure and reliable systems best practices for designing, implementing, and maintaining systems Heather Adkins, Betsy Beyer, Paul Blankinship, Piotr Lewandowski, Ana Oprea, and Adam Stubblefield |
| title_short | Building secure and reliable systems |
| title_sort | building secure and reliable systems best practices for designing implementing and maintaining systems |
| title_sub | best practices for designing, implementing, and maintaining systems |
| topic | Computer networks / Security measures Computer science Information storage and retrieval systems Software engineering Information technology Data protection Computer networks / Security measures fast Computer science fast Data protection fast Information storage and retrieval systems fast Information technology fast Software engineering fast Computersicherheit (DE-588)4274324-2 gnd Softwareentwicklung (DE-588)4116522-6 gnd Implementierung Informatik (DE-588)4026663-1 gnd |
| topic_facet | Computer networks / Security measures Computer science Information storage and retrieval systems Software engineering Information technology Data protection Computersicherheit Softwareentwicklung Implementierung Informatik |
| work_keys_str_mv | AT adkinsheather buildingsecureandreliablesystemsbestpracticesfordesigningimplementingandmaintainingsystems AT beyerbetsy buildingsecureandreliablesystemsbestpracticesfordesigningimplementingandmaintainingsystems AT blankinshippaul buildingsecureandreliablesystemsbestpracticesfordesigningimplementingandmaintainingsystems AT lewandowskipiotr buildingsecureandreliablesystemsbestpracticesfordesigningimplementingandmaintainingsystems AT opreaana buildingsecureandreliablesystemsbestpracticesfordesigningimplementingandmaintainingsystems AT stubblefieldadam buildingsecureandreliablesystemsbestpracticesfordesigningimplementingandmaintainingsystems |