Designing Security Architecture Solutions

0.0

Computer security is quickly becoming the #1 need to have solution for the Fortune 1000. So much has to be done so fast that all levels of technical professionals in an organization are expected to get up to speed on security architecture. Understanding security architecture is vital todeploying successful security solutions in a Fortune 100 company. Without such a fortress of security solution interwoven with existing enterprise software, hackers can easily get in because the basic tenets of security and software integration in the existing infrastructure have not been followed. Special Feature System architects ordinarily represent at least 5% of a Fortune 1000 worldwide technical staff and every large IT project at every Fortune 1000 company has an architecture and systems design leader who is the audience for this book. Author brings expertise from a renowned security group at AT&T. Covers everything from software security basics to cryptography for system architects to application and OS security. Includes discussion of security technologies: SSL, IPsec, secure DNS, PKI-common features.

0.0

Jay Ramachandran is a certified architect and security expert at AT&T, involved in enterprise security architecture and development. Over the past eight years, he has developed software and evaluated tools for security assurance, auditing, and management for many mission-critical network systems. He coordinated architecture reviews for operations support systems for AT&T's core network for two years, and currently teaches workshops on systems architecture and network security. Jay holds a PhD from Ohio State University. Table of Contents Preface Acknowledgments PART I: ARCHITECTURE AND SECURITY           o Chapter 1. Architecture Reviews           o Chapter 2. Security Assessments           o Chapter 3. Security Architecture Basics           o Chapter 4. Architecture Patterns in Security PART II: LOW-LEVEL ARCHITECTURE           o Chapter 5. Code Review           o Chapter 6. Cryptography           o Chapter 7. Trusted Code           o Chapter 8. Secure Communications PART III: MID-LEVEL ARCHITECTURE           o Chapter 9. Middleware Security           o Chapter 10. Web Security           o Chapter 11. Application and OS Security           o Chapter 12. Database Security PART IV: HIGH-LEVEL ARCHITECTURE           o Chapter 13. Security Components           o Chapter 14. Security and Other Architectural Goals           o Chapter 15. Enterprise Security Architecture PART V: BUSINESS CASES AND SECURITY           o Chapter 16. Building Business Cases for Security           o Conclusion           o Glossary           o Bibliography           o Index