[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [Y] [Z] Saltzer, J.H.  2nd  Santayana, George  Schroeder, M. D.  Schwartz, Alan  scorecards  Secure Coding web site  2nd  3rd  Secure Programming for Linux and Unix HOWTO web site  Secure Unix Programming FAQ web site  Secure, Efficient, and Easy C Programming web site  SecuriTeam  security     architecture      complexity and      deploying multiple layers      design  [See security design]     education and      events      history of      holistic nature of      human resources and      implementation  [See security implementation]     importance      just enough      mental models and      metaphors used in design      metrics and      multilevel      off-the-shelf software and      operations      patches, installing      questions to consider      resources      risk assessment and      sound practices      standards and      testing and automation      vulnerability cycle      web sites  Security Adequacy Review (SAR)  security architecture      architectural document      common sense and      principles of  Security At a Glance (SAG)  Security Attribute Evaluation Method (SAEM)  security design      assessing risks      bad practices      case studies      costs versus benefits      design flaws      evaluating      mental model      process steps      risk mitigation strategy      selecting implementation measures      settling high-level technical issues      special issues      why it matters  security implementation      bad practices      case studies      checklists      good practices  Sendmail  2nd  3rd  4th  5th      restricted shell case study  session     hijacking          attack      killing          attack      tracking  setuid, avoiding  Sheinwold, Alfred  shells     escapes      filtering and      restricted  Shostack, Adam  Sibert, W. Olin  simplicity  Sitaker, Kragen  smrsh Unix utility  sniffer attack  software jail  Software Operationally Critical Threat, Asset, and Vulnerability Evaluations (OCTAVE) web site  Soo Hoo, Kevin  source code  Spafford, Eugene H.  2nd  3rd  4th  5th  6th  7th  8th  9th  10th  11th  standard engineering techniques  standards      security and  state  2nd  stateless  static code checkers  Steidl, Jeff  Stein, Lincoln D.  Stephenson, Peter  2nd  Stewart, John N.  storing sensitive data  Strickland, Karl  2nd  structured development methodology, necessity for  Sudbury, Andrew W.  Sun Microsystems  Swanson, Marianne  SYN flag  SYN flood      attacks  2nd  3rd  4th  5th  6th  7th  8th  9th  10th  11th  12th  13th  14th  15th  16th  17th  18th  19th  20th  21st  Systems Security EngineeringÑCapability Maturity Model web site