> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of Wall, Kevin
> Sent: 24 May 2007 12:45
> To: McGovern, James F (HTSC, IT)
> Cc: SC-L@securecoding.org
> Subject: Re: [SC-L] Tools: Evaluation Criteria
>
> James McGovern wrote...
>
> > Maybe folks a
I recommend "Security Design Patterns" by Bob Blakley and Craig Heath
http://www.opengroup.org/publications/catalog/g031.htm
Like any good patterns work, it makes a number of implicit actions, explicit
and gives you a way to see how they fit together and when you may choose
certain paths. For exa
James McGovern wrote...
> Maybe folks are still building square windows because we haven't
> realized how software fails and can describe it in terms of a pattern.
> The only pattern-oriented book I have ran across in my travels is the
> Core Security Patterns put out by the folks at Sun. Do you t
