Security for Software Engineers is designed to introduce security concepts to undergraduate software engineering students. The book is divided into four units, each targeting activities that a software engineer will likely be involved in within industry.
The book explores the key areas of attack vectors, code hardening, privacy, and social engineering. Each topic is explored from a theoretical and a practical-application standpoint.
- Targets software engineering students - one of the only security texts to target this audience.
- Focuses on the white-hat side of the security equation rather than the black-hat side.
- Includes many practical and real-world examples that easily translate into the workplace.
- Covers a one-semester undergraduate course.
- Describes all aspects of computer security as it pertains to the job of a software engineer and presents problems similar to that which an engineer will encounter in the industry.
This text will equip students to make knowledgeable security decisions, be productive members of a security review team, and write code that protects a user’s information assets.
Table of Contents
Introduction to Security 0: Security for Software Engineers 1: Roles Unit 1: Attack Vectors 2: Classification of Attacks 3: Software Weapons 4: Social Engineering Unit 2: Code Hardening 5: Command Injection 6: Script Injection 7: Memory Injection 8: Threat Modeling 9: Mitigation Unit 3: Privacy 10: Authentication 11: Access Control 12: Encryption Appendices A: Arrays B: Function Pointers C: V-Tables D: Integers E: The Callstack F: The Heap G: Further Reading H: Works Cited I: Glossary J: Index
James Helfrich earned his BS and MS in Computer Science from the University of Pennsylvania, and his PhD from Idaho State University. After working as a Software Development Engineer and a Program Manager at Microsoft on the Office family of products, he has been teaching Computer Science at BYU-Idaho since 2006. His specialties include software development, humancomputer interaction, and security.