A book or tutorial about secure user management and privileges [closed]

流过昼夜 提交于 2019-12-21 22:30:12

问题


I'm looking for a book or tutorial about secure user management and privileges. I have O'Reilly's Essential PHP Security. When I'm starting a project, I'm never sure that it's secure, or if I'm doing security the right way. Because this, I'm looking for a case study.


回答1:


A very good paper on this topic has to be the Authentication Cheat Sheet. I like this paper because it covers just about everything and its to the point.

For the user access control side of things I would look at existing code such as CakePHP's Auth component or phpGACL. Looking at existing implementations is indescribable when creating your own. In general its not a good idea to re-invent the wheal, but on the other hand building a system like this is an amazing learning experience that cannot be obtained though other means.




回答2:


Try this. Video tutorials about security from google code university. Also this:

http://code.google.com/edu/submissions/daswani/index.html

http://www.cs.uiuc.edu/homes/kingst/Research_files/grier08.pdf

http://www.webappsec.org/




回答3:


Since you keep keep refering to PHP, then I can only assume you are talking about security models in general and how to implement them, rather than understanding how Unix or NT security systems work.

You could do worse than start by reading the various wikipedia articles about security models, access controls and security models



来源:https://stackoverflow.com/questions/3087483/a-book-or-tutorial-about-secure-user-management-and-privileges

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!