Chapter 13. Implementing Security
Security is one of the subtlest aspects of distributed application design because it must be implemented at many different levels. When programmers talk about securing an application, they might be referring to any of the following:
Using authorization and authentication to ensure that users can perform only specific, allowed tasks
Filling coding holes that could enable a crafty attacker to read files or execute SQL statements beyond the intended permissions
Using encryption to encode information sent between application components
Using code access security to prevent malicious code from executing
Implementing some sort of licensing or copy protection to prevent users from redistributing the application without permission ...