WebApp Sec mailing list archives

Re: Security Patterns - Military Models

From: Herman Stevens <herman.stevens () ubizen com>
Date: Fri, 23 Jul 2004 13:15:11 +0200

Some more higher level security patterns (Authoritative Source of Data, Risk
Assessment and Management, Enterprise Partner Communication, Security
Provider, Layered Security, ...) and some good pointers can be found on
http://www.romanosky.net/papers.

Another good starting point is http://www.securitypatterns.org.

Mark Curphey wrote:

I was introduced to this by some of my Foundstone work colleagues a few
weeks ago and I think it's very cool indeed, so thought I would share it.

http://www.joeyoder.com/papers/patterns/Security/appsec.doc

We teach it as a lab as part of a Building Secure Software training class
and its very interesting to see how people relate to real-world scenarios
with application architectures.

Anyone else have any other gems ?

Current thread:

Security Patterns - Military Models Mark Curphey (Jul 22)
- Re: Security Patterns - Military Models Peter Conrad (Jul 23)
- Re: Security Patterns - Military Models Herman Stevens (Jul 23)
  - RE: Security Patterns - Military Models Mark Curphey (Jul 23)
  - RE: Security Patterns - Military Models Mark Curphey (Jul 23)
- Re: Security Patterns - Military Models Ivan Ristic (Jul 25)