Security for Software Engineers is designed to introduce security concepts to undergraduate software engineering students. The book is divided into four units, each targeting activities that a software engineer will likely be involved in within industry.
The book explores the key areas of attack vectors, code hardening, privacy, and social engineering. Each topic is explored from a theoretical and a practical-application standpoint.
Features:
- Targets software engineering students - one of the only security texts to target this audience.
- Focuses on the white-hat side of the security equation rather than the black-hat side.
- Includes many practical and real-world examples that easily translate into the workplace.
- Covers a one-semester undergraduate course.
- Describes all aspects of computer security as it pertains to the job of a software engineer and presents problems similar to that which an engineer will encounter in the industry.
This text will equip students to make knowledgeable security decisions, be productive members of a security review team, and write code that protects a user’s information assets.
Introduction to Security
0: Security for Software Engineers
1: Roles
Unit 1: Attack Vectors
2: Classification of Attacks
3: Software Weapons
4: Social Engineering
Unit 2: Code Hardening
5: Command Injection
6: Script Injection
7: Memory Injection
8: Threat Modeling
9: Mitigation
Unit 3: Privacy
10: Authentication
11: Access Control
12: Encryption
Appendices
A: Arrays
B: Function Pointers
C: V-Tables
D: Integers
E: The Callstack
F: The Heap
G: Further Reading
H: Works Cited
I: Glossary
J: Index
Biography
James Helfrich earned his BS and MS in Computer Science from the University of Pennsylvania, and his PhD from Idaho State University. After working as a Software Development Engineer and a Program Manager at Microsoft on the Office family of products, he has been teaching Computer Science at BYU-Idaho since 2006. His specialties include software development, humancomputer interaction, and security.
.
