掃一掃
關注中圖網
官方微博
本類五星書更多>
-
>
闖進數學世界――探秘歷史名題
-
>
中醫基礎理論
-
>
當代中國政府與政治(新編21世紀公共管理系列教材)
-
>
高校軍事課教程
-
>
思想道德與法治(2021年版)
-
>
毛澤東思想和中國特色社會主義理論體系概論(2021年版)
-
>
中醫內科學·全國中醫藥行業高等教育“十四五”規劃教材
軟件安全理論與實踐 版權信息
- ISBN:9787121476082
- 條形碼:9787121476082 ; 978-7-121-47608-2
- 裝幀:平塑
- 冊數:暫無
- 重量:暫無
- 所屬分類:>
軟件安全理論與實踐 內容簡介
本書以軟件生命周期為脈絡,以軟件安全風險評估、風險控制技術及軟件安全評估指標、軟件安全能力成熟度指標為引領,將安全理念、安全模型、安全方法與常見的軟件過程模型相融合,系統介紹在軟件開發的每個環節保障軟件安全的原理和方法,包括安全需求分析、安全設計、安全編碼、安全測試及軟件部署運維中安全配置與軟件加固等各環節的流程與常用方法,用于全面指導軟件安全開發,樹立軟件開發人員的安全意識,以期減少或杜絕軟件的安全問題,提高軟件的抗攻擊能力和安全可信度,助力軟件在各領域、各行業的推廣應用。本書適用于高等院校的計算機科學與技術、軟件工程、網絡空間安全、信息安全專業的本科生,也適用于與軟件開發相關的其他各類學生或軟件開發從業者。
軟件安全理論與實踐 目錄
第1 章 軟件與軟件安全······································································································1
1.1 軟件安全范疇········································································································1
1.1.1 軟件與軟件安全的定義····················································································1
1.1.2 軟件缺陷與漏洞·····························································································3
1.1.3 軟件漏洞分類································································································6
1.1.4 軟件安全與其他安全的關系···········································································.12
1.2 軟件安全現狀·····································································································.15
1.2.1 軟件安全總體情況·······················································································.15
1.2.2 系統軟件安全現狀·······················································································.17
1.2.3 應用軟件安全現狀·······················································································.18
1.2.4 開源軟件安全現狀·······················································································.19
1.3 安全事件的根源··································································································.21
1.3.1 軟件漏洞是安全問題的焦點···········································································.21
1.3.2 產生軟件漏洞的原因····················································································.24
1.4 緩解軟件安全問題的途徑與方法··········································································.27
1.4.1 緩解軟件安全問題的基本策略········································································.27
1.4.2 緩解軟件安全問題的工程化方法·····································································.28
1.4.3 軟件安全問題的標準化、規范化解決之路·························································.29
1.4.4 緩解軟件安全問題的技術探索與舉措·······························································.31
實踐任務···················································································································.34
任務1:相對路徑攻擊···························································································.34
任務2:SQL 注入攻擊··························································································.35
思考題······················································································································.35
第2 章 軟件的工程化安全方法·························································································.36
2.1 軟件工程概述·····································································································.36
2.1.1 軟件的發展過程··························································································.36
2.1.2 軟件危機···································································································.37
2.1.3 軟件工程···································································································.38
2.1.4 軟件生命周期·····························································································.40
2.2 軟件過程模型·····································································································.43
2.2.1 瀑布模型···································································································.44
2.2.2 快速原型模型·····························································································.45
2.2.3 增量模型···································································································.46
2.2.4 螺旋模型···································································································.47
2.2.5 微軟MSF 過程模型······················································································.48
2.3 軟件質量與軟件的安全特性·················································································.49
2.3.1 軟件質量···································································································.50
2.3.2 軟件的安全特性··························································································.52
2.3.3 軟件安全特性與軟件質量的關系······
1.1 軟件安全范疇········································································································1
1.1.1 軟件與軟件安全的定義····················································································1
1.1.2 軟件缺陷與漏洞·····························································································3
1.1.3 軟件漏洞分類································································································6
1.1.4 軟件安全與其他安全的關系···········································································.12
1.2 軟件安全現狀·····································································································.15
1.2.1 軟件安全總體情況·······················································································.15
1.2.2 系統軟件安全現狀·······················································································.17
1.2.3 應用軟件安全現狀·······················································································.18
1.2.4 開源軟件安全現狀·······················································································.19
1.3 安全事件的根源··································································································.21
1.3.1 軟件漏洞是安全問題的焦點···········································································.21
1.3.2 產生軟件漏洞的原因····················································································.24
1.4 緩解軟件安全問題的途徑與方法··········································································.27
1.4.1 緩解軟件安全問題的基本策略········································································.27
1.4.2 緩解軟件安全問題的工程化方法·····································································.28
1.4.3 軟件安全問題的標準化、規范化解決之路·························································.29
1.4.4 緩解軟件安全問題的技術探索與舉措·······························································.31
實踐任務···················································································································.34
任務1:相對路徑攻擊···························································································.34
任務2:SQL 注入攻擊··························································································.35
思考題······················································································································.35
第2 章 軟件的工程化安全方法·························································································.36
2.1 軟件工程概述·····································································································.36
2.1.1 軟件的發展過程··························································································.36
2.1.2 軟件危機···································································································.37
2.1.3 軟件工程···································································································.38
2.1.4 軟件生命周期·····························································································.40
2.2 軟件過程模型·····································································································.43
2.2.1 瀑布模型···································································································.44
2.2.2 快速原型模型·····························································································.45
2.2.3 增量模型···································································································.46
2.2.4 螺旋模型···································································································.47
2.2.5 微軟MSF 過程模型······················································································.48
2.3 軟件質量與軟件的安全特性·················································································.49
2.3.1 軟件質量···································································································.50
2.3.2 軟件的安全特性··························································································.52
2.3.3 軟件安全特性與軟件質量的關系······
展開全部
軟件安全理論與實踐 作者簡介
張仁斌,合肥工業大學計算機與信息學院副教授,2004年參與合肥工業大學新成立的信息安全專業的專業建設,并承擔《計算機病毒與反病毒》課程教學工作,此后陸續承擔《計算機網絡系統實踐》《網絡工程師綜合實訓》、《軟件安全》《信息安全專業導論》《系統與軟件安全綜合設計》等多門課程的主講或實踐指導;主編國家"十一·五”規劃教材1部(計算機病毒與反病毒技術,第1主編)、安徽省"十一·五”規劃教材1部(網絡與信息安全系列課程實踐教程,第2主編),參編教材2部。主持安徽省教育廳教學研究課題《計算機病毒與網絡攻防教學研究與實踐》、虛擬仿真實驗教學項目《工控網絡攻防虛擬仿真實驗教學》;主持安徽省年度重點項目8項;參與省市科技攻關項目、863項目13項;公開發表學術論文20余篇。
書友推薦
- >
李白與唐代文化
- >
龍榆生:詞曲概論/大家小書
- >
羅庸西南聯大授課錄
- >
月亮與六便士
- >
有舍有得是人生
- >
羅曼·羅蘭讀書隨筆-精裝
- >
名家帶你讀魯迅:朝花夕拾
- >
中國人在烏蘇里邊疆區:歷史與人類學概述
本類暢銷
