9 Handling failures securely

This chapter covers

Separating business and technical exceptions
Removing security issues by designing for failure
Why availability is an important security goal
Designing for resilience for a more secure system
Unvalidated data and security vulnerabilities

What is it that makes failures so interesting from a security perspective? Could it be that many systems reveal their internal secrets when they fail? Or is it how handling failure defines a system’s level of security? Regardless, recognizing that failures and security go hand-in-hand is incredibly important when designing secure software. This, in turn, requires understanding what the security implications are when making certain design choices. For example, ...

Get Secure by Design now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Secure by Design by Dan Bergh Johnsson, Daniel Deogun, Daniel Sawano

9 Handling failures securely

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly