|
Posted by on May 18, 2005, 3:41 pm
If you were Registered and logged in, you could reply and use other advanced thread options
skip wrote:
> Does anybody know of any tools/techniques/methods for modeling
security
> in web application design? (ie. to allow security to be designed into
> the application)
Well, i think it depends on the tool you are working on. If you are
working on J2EE then you must follow general best practises as provided
by Sun Microsystems i.e. use of proper Design Patterns and other best
practises for builing reliable and scalable web applications. If you
are using .NET then you must follow MSFT's best practises. There is
this reasonable book by Microsoft "Writing Secure Code"...In terms of
following Secure Software Design...im not sure about it but you must
look at ISO-17799
HTH
-Ahmed
| 
XML site map