General security principles


show more General security principles provides you with in-depth training on Developer. Taught by Kevin Skoglund as part of the Creating Secure PHP Websites show less
please wait ...

General security principles

Let's quickly review the primary security principles. These principles are covered in more depth in the Fundamentals of Programming, Web Security course that I mentioned earlier. The first principle is least privilege. The principle of least privilege means giving a user account only those privileges which are essential to that user's work, nothing more. Users in human resources shouldn't be able to see accounting information, and users in accounting shouldn't be able to see human resources information. But we're not just talking about user privileges. Code has access privileges too.

Code should be limited in what it exposes and what it accesses. In object-oriented programming, this means controlling the visibility of class variables and functions. For example, if a function in a PHP class object is only used by that class object, then it does not need to be callable from outside the class. The second principle is that simple is more secure. The larger and more complex that a syste...

General security principles
Video duration: 4m 24s 4h 16m Intermediate

Viewers:

General security principles provides you with in-depth training on Developer. Taught by Kevin Skoglund as part of the Creating Secure PHP Websites

Subjects:
Developer IT
Software:
PHP
Author:
please wait ...