Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Secure Software Development

You're reading from   Secure Software Development Learn to analyze and mitigate risks in your software projects

Arrow left icon
Product type Paperback
Published in Mar 2024
Publisher Packt
ISBN-13 9781835462836
Length 262 pages
Edition 1st Edition
Arrow right icon
Author (1):
Arrow left icon
Aspen Olmsted Aspen Olmsted
Author Profile Icon Aspen Olmsted
Aspen Olmsted
Arrow right icon
View More author details
Toc

Table of Contents (20) Chapters Close

Preface 1. Part 1: Modeling a Secure Application FREE CHAPTER
2. Chapter 1: Security Principles 3. Chapter 2: Designing a Secure Functional Model 4. Chapter 3: Designing a Secure Object Model 5. Chapter 4: Designing a Secure Dynamic Model 6. Chapter 5: Designing a Secure System Model 7. Chapter 6: Threat Modeling 8. Part 2: Mitigating Risks in Implementation
9. Chapter 7: Authentication and Authorization 10. Chapter 8: Input Validation and Sanitization 11. Chapter 9: Standard Web Application Vulnerabilities 12. Chapter 10: Database Security 13. Part 3: Security Validation
14. Chapter 11: Unit Testing 15. Chapter 12: Regression Testing 16. Chapter 13: Integration, System, and Acceptance Testing 17. Chapter 14: Software Penetration Testing 18. Index 19. Other Books You May Enjoy

Authorization

Authorization in software refers to granting or denying access to specific resources or functionalities within a system. It is a crucial aspect of security that ensures users or entities have the appropriate permissions to perform specific actions or access particular information.

The critical components of authorization in software include the following:

  • Access control: Access control mechanisms define and enforce policies that determine what actions or resources a user is allowed to access. This involves assigning users roles, permissions, or privileges based on their identity and the context of their request.
  • Authorization policies: Authorization policies define the rules and conditions under which access is granted or denied. These policies can be based on factors such as user roles, attributes, time of access, and the sensitivity of the data or operation.
  • Roles and permissions: Users are often assigned roles representing a set of permissions. Roles...
lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at €18.99/month. Cancel anytime