Threat modeling: designing for security

Adam Shostack is responsible for security development lifecycle threat modeling at Microsoft and is one of a handful of threat modeling experts in the world. Now, he is sharing his considerable expertise into this unique book. With pages of specific actionable advice, he details how to build better security into the design of systems, software, or services from the outset. You'll explore various threat modeling approaches, find out how to test your designs against threats, and learn effective ways to address threats that have been validated at Microsoft and other top companies. Systems secu

Breaking Up Is Hard To Do: . . .

Smart card systems differ from conventional computer systems in that different aspects of the system are not under a single trust boundary. The processor, I/O, data, programs, and network maybecontrolled by different, and hostile, parties. We discuss the security ramifications of these "splits" in trust, showing that they are fundamental to a proper understanding of the security of systems that include smart cards