December 2011
Intermediate to advanced
336 pages
10h 10m
English
Application security involves many different elements:
User authentication. Validating the user’s identity using a user name and password, a certificate, or other credentials
User authorization. Determining whether a user is authorized to access a resource
Application process identity. The user account the application uses to access resources
Application privileges. The resources the application is allowed to access
Cryptography. Encrypting, validating, and signing data
This objective covers how to implement these security elements.
This objective discusses auditing only briefly. For detailed information, refer to Objective 5.3: Design a Diagnostics and Monitoring Strategy in Chapter 5 ...