[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [Y] [Z] Saltzer, J.H. 2nd Santayana, George Schroeder, M. D. Schwartz, Alan scorecards Secure Coding web site 2nd 3rd Secure Programming for Linux and Unix HOWTO web site Secure Unix Programming FAQ web site Secure, Efficient, and Easy C Programming web site SecuriTeam security architecture complexity and deploying multiple layers design [See security design] education and events history of holistic nature of human resources and implementation [See security implementation] importance just enough mental models and metaphors used in design metrics and multilevel off-the-shelf software and operations patches, installing questions to consider resources risk assessment and sound practices standards and testing and automation vulnerability cycle web sites Security Adequacy Review (SAR) security architecture architectural document common sense and principles of Security At a Glance (SAG) Security Attribute Evaluation Method (SAEM) security design assessing risks bad practices case studies costs versus benefits design flaws evaluating mental model process steps risk mitigation strategy selecting implementation measures settling high-level technical issues special issues why it matters security implementation bad practices case studies checklists good practices Sendmail 2nd 3rd 4th 5th restricted shell case study session hijacking attack killing attack tracking setuid, avoiding Sheinwold, Alfred shells escapes filtering and restricted Shostack, Adam Sibert, W. Olin simplicity Sitaker, Kragen smrsh Unix utility sniffer attack software jail Software Operationally Critical Threat, Asset, and Vulnerability Evaluations (OCTAVE) web site Soo Hoo, Kevin source code Spafford, Eugene H. 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th standard engineering techniques standards security and state 2nd stateless static code checkers Steidl, Jeff Stein, Lincoln D. Stephenson, Peter 2nd Stewart, John N. storing sensitive data Strickland, Karl 2nd structured development methodology, necessity for Sudbury, Andrew W. Sun Microsystems Swanson, Marianne SYN flag SYN flood attacks 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th 14th 15th 16th 17th 18th 19th 20th 21st Systems Security Engineering ‘Capability Maturity Model web site |