[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [Y] [Z] Access Control Executive (ACE), case study accountability accounts and users, managing ACK ( acknowledge ) flag ACSM/SAR (Adaptive Countermeasure Selection Mechanism/Security Adequacy Review) Adaptive Countermeasure Selection Mechanism (ACSM) adversary principle Advosys Consulting Al-Herbish, Thamer Aleph1 Anderson, Robert H. Anderson, Ross application deploying with due care holistic approach scanning architectural document architecture, good practices architecture-level attacks assessing risks and threats ASSET (Automated Security Self-Assessment Tool) assumptions, identifying Asynchronous Transfer Mode (ATM) atomic operations attack graphs attacks approaches to defending architecture and design-level back door bit-twiddling buffer overflow business consequences of default accounts defenses and defined denial-of-service eavesdropping graphs how and why implementation-level man-in-the-middle operations-level parsing error password cracking race condition replay session hijacking 2nd session killing 2nd sniffer SYN flood 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th 14th 15th 16th 17th 18th 19th 20th 21st 22nd auditability AusCERT overflow wrapper, case study Secure Programming checklist web site authentication cryptographic errors authority and responsibility, delegating Automated Security Self-Assessment Tool (ASSET) automation and testing case studies good practices risk assessment |