Secure programming cookbook for C and C++
Résumé
Password sniffing, spoofing, buffer overflows, and denial of service: these are only a few of the attacks on today's computer systems and networks. At the root of this epidemic is poorly written, poorly tested, and insecure code that puts everyone at risk. Clearly, today's developers need help figuring out how to write code that attackers won't be able to exploit. But writing such code is surprisingly difficult.
Secure Programming Cookbook for C and C++ is an important new resource for developers serious about writing secure code. It contains a wealth of solutions to problems faced by those who care about the security of their applications. It covers a wide range of topics, including safe initialization, access control, input validation, symmetric and public key cryptography, cryptographic hashes and MACs, authentication and key exchange, PKI, random numbers, and anti-tampering. The rich set of code samples provided in the book's more than 200 recipes will help programmers secure the C and C++ programs they write for both Unix® (including Linux®) and Windows® environments. Readers will learn:
- How to avoid common programming errors, such as buffer overflows, race conditions, and format string problems
- How to properly SSL-enable applications
- How to create secure channels for client-server communication without SSL
- How to integrate Public Key Infrastructure (PKI) into applications
- Best practices for using cryptography properly
- Techniques and strategies for properly validating input to programs
- How to launch programs securely
- How to use file access mechanisms properly
- Techniques for protecting applications from reverse engineering
The book's web site supplements the book by providing a place to post new recipes, including those written in additional languages like Perl, Java, and Python. Monthly prizes will reward the best recipes submitted by readers.
Secure Programming Cookbook for C and C++ is destined to become an essential part of any developer's library, a code companion developers will turn to again and again as they seek to protect their systems from attackers and reduce the risks they face in today's dangerous world.
Contents
- Safe Initialization
- Access Control
- Input Validation
- Symmetric Cryptography Fundamentals
- Symmetric Encryption
- Hashes and Message Authentication
- Public Key Cryptography
- Authentication and Key Exchange
- Networking
- Public Key Infrastructure
- Random Numbers
- Anti-Tampering
- Other Topics
- Index
L'auteur - John Viega
John Viega, Founder and Chief Scientist of Secure Software (www.securesoftware.com), is a well-known security expert, and coauthor of Building Secure Software (Addison-Wesley) and Network Security with OpenSSL (O'Reilly). John is responsible for numerous software security tools, and is the original author of Mailman, the GNU mailing list manager. He holds a B.A. and M.S. in Computer Science from the University of Virginia. Mr. Viega is also an Adjunct Professor of Computer Science at Virginia Tech (Blacksburg, VA) and a Senior Policy Researcher at the Cyberspace Policy Institute, and he serves on the Technical Advisory Board for the Open Web Applications Security Project. He also founded a Washington, D.C. area security interest group that conducts monthly lectures presented by leading experts in the field. He is the author or coauthor of nearly 80 technical publications, including numerous refereed research papers and trade articles.
L'auteur - Matt Messier
Matt Messier, Director of Engineering at Secure Software, is a security authority who has been programming for nearly two decades. Besides coauthoring Network Security with OpenSSL, Matt coauthored the Safe C String Library, RATS, and EGADS, an Entropy Gathering and Distribution System used for securely seeding pseudo-random number generators. Prior to joining Secure Software, Matt worked for IBM and Lotus, on source and assembly level debugging techniques, and operating system concepts.
Caractéristiques techniques
PAPIER | |
Éditeur(s) | O'Reilly |
Auteur(s) | John Viega, Matt Messier |
Parution | 01/09/2003 |
Nb. de pages | 788 |
Format | 17,7 x 23,3 |
Couverture | Broché |
Poids | 1115g |
Intérieur | Noir et Blanc |
EAN13 | 9780596003944 |
ISBN13 | 978-0-596-00394-4 |
Avantages Eyrolles.com
Nos clients ont également acheté
Consultez aussi
- Les meilleures ventes en Graphisme & Photo
- Les meilleures ventes en Informatique
- Les meilleures ventes en Construction
- Les meilleures ventes en Entreprise & Droit
- Les meilleures ventes en Sciences
- Les meilleures ventes en Littérature
- Les meilleures ventes en Arts & Loisirs
- Les meilleures ventes en Vie pratique
- Les meilleures ventes en Voyage et Tourisme
- Les meilleures ventes en BD et Jeunesse
- Informatique Développement d'applications Techniques de programmation Structures de données
- Informatique Développement d'applications Algorithmique et informatique appliquée Initiation à l'algorithmique et la programmation
- Informatique Développement d'applications Programmation UNIX / Linux C sous Unix
- Informatique Développement d'applications Langages C