Please enable JavaScript.
Coggle requires JavaScript to display documents.
4 - Application Security Controls - Coggle Diagram
4 - Application Security Controls
Input Validation
Web Application Firewall (WAF)
Database security
Parameterized queries / stored procedures
Stored procedures
Obfuscation and Camouflage
Data minimization
Don't collect sensitive information you don't need
Tokenization
Replace personal identifiers that might directly reveal an individual's identity with a unique identifier using a lookup table
Ex: Replace a student ID with a randomly generated ID
A lookup table is necessary
Hashing
Hash passwords with salting
Code security
Code signing
Code reuse
Via SDKs
Software diversity
Avoid places that are dependent on a single piece of source code
Code repositories
Integrity measurement
Hash functions to ensure integrity of deployed binaries
Application resilience
Scalability
Applications should be designed so that computing resources they require may be incrementally added to support increasing demand
Vertical scaling = add more resource to an existing computing instance
Horizontal scaling = Add additional instances to a pool
Elasticity
Applications should be able to automatically provision resources to scale when necessary and then automatically deprovision those resources to reduce capacity when no longer needed