Abstract :
The author categorizes application security concerns into four specific issues: input streams, output production, internal data, and algorithms and computation. The first two concerns - input and output - are related to the environment in which applications execute. The last two - data and algorithms - are related to an application´s awareness of its own internal secrets. Those secrets could be the data an application stores or the algorithm it uses to perform its work. All four issues relate to awareness: secure software must always be aware of what is going on, both inside its perimeter and out to respond effectively to malicious threats.
Keywords :
computer crime; message authentication; software engineering; algorithms; application security concerns; computation; input streams; internal data; malicious threats; output production; secure software; Application software; Authentication; Computer hacking; Computer security; Data security; Privacy; Production; Reliability engineering; Software reliability; Software testing;