ELEMENTS OF SECURITY

Security has several key elements that you need to consider for making your applications secure. The primary one, of course, is the user of the application. Is the person authorized to access the application or someone posing as that person? How can this user be trusted? As you see in this chapter, ensuring the security of an application regarding the user is a two-part process. First, users need to be authenticated, and then they need to be authorized to verify that they are allowed to use the requested resources.

What about data that is stored or sent across the network? Is it possible for someone to access this data, for example, by using a network sniffer? Encryption ...