Program Controls in General
This section has explored how
to control for faults during the program development process. Some controls
apply to how a program is developed, and others establish restrictions on the
program's use. The best is a combination, the classic layered defense.
Is one control essential? Can
one control be skipped if another is used? Although these are valid questions,
the security community does not have answers. Software development is both an
art and a science. As a creative activity, it is subject not only to the
variety of human minds, but also to the fallibility of humans. We cannot
rigidly control the process and get the same results time after time, as we can
with a machine.
But creative humans can learn from their
mistakes and shape their creations to account for fundamental principles. Just
as a great painter will achieve harmony and balance in a painting, a good
software developer who truly understands security will incorporate security
into all phases of development. Thus, even if you never become a security
professional, this exposure to the needs and shortcomings of security will
influence many of your future actions. Unfortunately, many developers do not
have the opportunity to become sensitive to security issues, which probably
accounts for many of the unintentional security faults in today's programs.
Related Topics
Privacy Policy, Terms and Conditions, DMCA Policy and Compliant
Copyright © 2018-2023 BrainKart.com; All Rights Reserved. Developed by Therithal info, Chennai.