This chapter covers
- How domain primitives create secure code
- Mitigating data leaks with read-once objects
- Improving entities with domain primitives
- Ideas from taint analysis
In chapter 4, you learned about powerful design constructs like immutability, failing fast, and validation. Those constructs do indeed address several security issues, such as invalid input, illegal state, and data integrity, but applying them individually isn’t an effective way of achieving secure code. Table 5.1 shows the problem areas we’ll address in this chapter and those constructs that will help you achieve a greater level of security.
|Domain primitives and invariants||Security issues ...|