Secure Coding[c] Principles and Practices 2003

Access Control Executive (ACE), case study  

accountability  

accounts and users, managing  

ACK ( acknowledge ) flag  

ACSM/SAR (Adaptive Countermeasure Selection Mechanism/Security Adequacy Review)  

Adaptive Countermeasure Selection Mechanism (ACSM)  

adversary principle  

Advosys Consulting  

Al-Herbish, Thamer  

Aleph1  

Anderson, Robert H.  

Anderson, Ross  

application

       deploying with due care  

       holistic approach  

       scanning  

architectural document  

architecture, good practices  

architecture-level attacks  

assessing risks and threats  

ASSET (Automated Security Self-Assessment Tool)  

assumptions, identifying  

Asynchronous Transfer Mode (ATM)  

atomic operations  

attack graphs  

attacks

       approaches to defending  

       architecture and design-level  

       back door  

       bit-twiddling  

       buffer overflow  

       business consequences of  

       default accounts  

       defenses and  

       defined  

       denial-of-service  

       eavesdropping  

       graphs  

       how and why  

       implementation-level  

       man-in-the-middle  

       operations-level  

       parsing error  

       password cracking  

       race condition  

       replay  

       session hijacking   2nd  

       session killing   2nd  

       sniffer  

       SYN flood   2nd   3rd   4th   5th   6th   7th   8th   9th   10th   11th   12th   13th   14th   15th   16th   17th   18th   19th   20th   21st   22nd  

auditability  

AusCERT  

       overflow wrapper, case study  

       Secure Programming checklist web site  

authentication  

       cryptographic errors  

authority and responsibility, delegating  

Automated Security Self-Assessment Tool (ASSET)  

automation and testing  

       case studies  

       good practices  

       risk assessment