Difference between revisions of "Use encapsulation"

Latest revision as of 12:44, 7 April 2009

This is a principle or a set of principles. To view all principles, please see the Principle Category page.

Last revision (mm/dd/yy): 04/7/2009

Draw strong boundaries among application elements, including modules, functions and data, to limit the impact of potential attacks.

Design
- Separate internal administrator's functions from external users' functions
- Differentiate between validated data and unvalidated data, between one user's data and another's, or between data users are allowed to see and data that they are not.
- In a web browser ensure that your mobile code cannot be abused by other mobile code.
Implementation
- Hide internal details of a class, including data and methods, using private access modifier.

@@ Line 1: / Line 1: @@
 {{Template:Principle}}
+Last revision (mm/dd/yy): '''{{REVISIONMONTH}}/{{REVISIONDAY}}/{{REVISIONYEAR}}'''
+<br>
+[[Category:OWASP ASDR Project]]
 ==Description==
+Draw strong boundaries among application elements, including modules, functions and data, to limit the impact of potential attacks.
 ==Examples ==
+* Design
+** Separate internal administrator's functions from external users' functions
+** Differentiate between validated data and unvalidated data, between one user's data and another's, or between data users are allowed to see and data that they are not.
+** In a web browser ensure that your mobile code cannot be abused by other mobile code.
+* Implementation
+** Hide internal details of a class, including data and methods, using private access modifier.
+==Related [[Vulnerabilities]]==
+* [[Vulnerability 1]]
+* [[Vulnerabiltiy 2]]
+==Related [[Controls]]==
+* [[Controls 1]]
+* [[Controls 2]]
-==Related Threats==
-==Related Attacks==
+==References==
-==Related Vulnerabilities==
+* http://www.link1.com
+* [http://www.link2.com Title for the link2]
-==Related Countermeasures==
-==Categories==
+__NOTOC__
-{{Template:Stub}}
+[[Category:Principle]]