Modeling security in web design

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Does anybody know of any tools/techniques/methods for modeling security
in web application design? (ie. to allow security to be designed into
the application)

Re: Modeling security in web design

skip wrote:
Quoted text here. Click to load it

Well, i think it depends on the tool you are working on. If you are
working on J2EE then you must follow general best practises as provided
by Sun Microsystems i.e. use of proper Design Patterns and other best
practises for builing reliable and scalable web applications. If you
are using .NET then you must follow MSFT's best practises. There is
this reasonable book by Microsoft "Writing Secure Code"...In terms of
following Secure Software not sure about it but you must
look at ISO-17799

Site Timeline