From the course: CSSLP Cert Prep: 4 Secure Software Implementation
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Protecting secrets
From the course: CSSLP Cert Prep: 4 Secure Software Implementation
Protecting secrets
- [Instructor] In order to minimize the confidentiality risks to your app's data, you'll want to understand how to effectively protect those secrets. Fortunately your developers have a number of options at their disposal for accomplishing this goal. A relatively simple solution for protecting secrets is through tokenization. When you tokenize sensitive data, you replace the sensitive parts with a nonsensitive alternative. Or a token. One that references the original data. For example, say your app needs my 16 digit credit card number. You might store the actual number in a highly secure database while storing a token, something like one, two, three, four, five, in another part of the app. If that token is ever compromised, so what? It's meaningless. But your developers can use tokens all throughout the app. Enabling them to add more functionality without needing to expose the secrets protected by those tokens.…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.