Datenschutz und Datensicherheit - DuD

, Volume 36, Issue 9, pp 631–634 | Cite as

Prescriptive vs. Descriptive Security

Observations on a growing paradigm shift in development security practices
  • David C. Ladd
  • Steven B. Lipner


Over the past decade, a variety of methods have been created to address security vulnerabilities in application software development. Generally speaking, the methods that have risen to prominence can be categorized in two ways — prescriptive methods that emphasize the use of security practices and techniques as part of a carefully monitored and repeatable security initiative, and descriptive methods that describe a set of security threats that should be addressed.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer Fachmedien Wiesbaden 2012

Authors and Affiliations

  • David C. Ladd
  • Steven B. Lipner

There are no affiliations available

Personalised recommendations