- 论坛徽章:
- 0
|
|
Microsoft 发布了其\"安全开发生命周期\"白皮书, 参见: http://msdn.microsoft.com/security/sdl\r\n\r\nThe Trustworthy Computing Security Development Lifecycle\r\n\r\nSteve Lipner\r\nMichael Howard\r\nSecurity Engineering and Communications\r\nSecurity Business and Technology Unit\r\nMicrosoft Corporation\r\n\r\n目录\r\n1. Introduction\r\n 1.1 The Baseline Process\r\n 1.2 Security Development Lifecycle Overview\r\n2. The Security Development Lifecycle Process\r\n 2.1 Requirements Phase\r\n 2.2 Design Phase\r\n 2.3 Implementation Phase\r\n 2.4 Verification Phase\r\n 2.5 Release Phase\r\n 2.6 Support and Servicing Phase\r\n3. Implementing the Security Development Lifecycle at Microsoft\r\n 3.1 Mandatory Application of the SDL\r\n 3.2 Mandatory Education\r\n 3.3 Metrics for Product Teams\r\n 3.4 The Central Security Team\r\n4. Results of Implementing the Security Development Lifecycle at Microsoft\r\n5. Observations on Applying the Security Development Lifecycle\r\n 5.1 Effectiveness of Elements of the SDL\r\n 5.2 Tools, Testing, and Code Reviews\r\n 5.3 Investments\r\n 5.4 Outcomes\r\n6. Conclusions\r\n7. Acknowledgements\r\n8. References\r\n9. Notices\r\n\r\nhttp://msdn.microsoft.com/security/sdl |
|
免费注册
发表于 2005-03-24 00:00
