|
Application security encompasses measures taken throughout the code's life-cycle to prevent gaps in the security policy of an application or the underlying system (vulnerabilities) through flaws in the design, development, deployment, upgrade, or maintenance of the application. Applications only control the kind of resources granted to them, and not ''which'' resources are granted to them. They, in turn, determine the use of these resources by users of the application through application security. == Methodology == According to the patterns & practices ''Improving Web Application Security'' book, a principle-based approach for application security includes:〔(Improving Web Application Security: Threats and Countermeasures ), published by Microsoft Corporation.〕 * Knowing the threats. * Securing the network, host and application.. * Incorporating security into your software development process Note that this approach is technology / platform independent. It is focused on principles, patterns, and practices. 抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)』 ■ウィキペディアで「application security」の詳細全文を読む スポンサード リンク
|