Objectives of This Book

Our principal goal for this book is to articulate clearly the fundamental security concepts and practices that apply to each phase of software development. We hope to teach others to think about security vulnerabilities in a new way. In matters of style, we have sought to lay an exposition of ideas on a foundation of clear technical examples (and tried to keep it crisp enough that you could work through it over the course of several evenings). We want this book to be read.

In the long run we hope to move the proverbial ball down the field so the next generation of engineers can make the score. After all, a secure Internet is probably not even a single-generation achievement! It may well be (for the same reason that the great Dr. Edgar Dijkstra[1] refused to work with any graduate student who had ever programmed in FORTRAN) that engineers with our experience are not qualified to design a secure Internet and its appliances from the ground up.

[1] In addition to being the recipient of the 1972 ACM Turing Award, Dr. Dijkstra is one of the "grandfathers" of modern programming.

A secure Internet is important. When miscreants perpetrate (and the media plays up) frequent virulent attacks, the result is undermined trust in our information systems. This effect decreases our willingness to deploy Internet technology in business processes and societal settings where it could be of use. We all are deprived of the potential benefits: a sounder economy, more humane prisons, safer roads, even an expansion of personal liberty (for liberty flows from security, as citizens who have little to fear grant their neighbors more freedom). Who can say which admirable human accomplishments are being held back, in part, by the unreliability and skeptical public perception of this technology?

How about you, the reader? What, specifically, will this book help you do?

Understand the holistic nature of an application's security

All too often, software security is treated as prophylaxis. It's a test that gets run prior to the deployment of an application or the installation of a firewall that guards an application's environment. We believe that this notion is dangerously outdated. In its place we present a clearly articulated model and rationale as to why security needs to be an integral component of every phase of an application's life. Security, to be truly successful, can never be an add-on feature of software.

Apply sound security practices

Regardless of the process that you or your organization use in developing software, this book will help you better understand the security decisions and the ramifications of those decisions during the development of software.

Learn about available resources

In elucidating the practices we endorse and describe in this book, we suggest tools you can use to automate many of the actual steps you'll undertake in developing secure software. We talk about old-fashioned checklists, too, and make other procedural recommendations you will be able to apply immediately to software development in the real world.