This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Use encapsulation"
From OWASP
| Line 1: | Line 1: | ||
{{Template:Principle}} | {{Template:Principle}} | ||
| + | |||
| + | Last revision (mm/dd/yy): '''{{REVISIONMONTH}}/{{REVISIONDAY}}/{{REVISIONYEAR}}''' | ||
<br> | <br> | ||
| Line 17: | Line 19: | ||
* Implementation | * Implementation | ||
** Hide internal details of a class, including data and methods, using private access modifier. | ** Hide internal details of a class, including data and methods, using private access modifier. | ||
| + | |||
| + | ==Related [[Vulnerabilities]]== | ||
| + | |||
| + | * [[Vulnerability 1]] | ||
| + | * [[Vulnerabiltiy 2]] | ||
| + | |||
| + | |||
| + | ==Related [[Controls]]== | ||
| + | |||
| + | * [[Controls 1]] | ||
| + | * [[Controls 2]] | ||
| + | |||
| + | |||
| + | ==References== | ||
| + | |||
| + | * http://www.link1.com | ||
| + | * [http://www.link2.com Title for the link2] | ||
| + | |||
| + | |||
| + | __NOTOC__ | ||
| + | |||
| + | [[Category:Principle]] | ||
Revision as of 13:15, 7 September 2008
This is a principle or a set of principles. To view all principles, please see the Principle Category page.
Last revision (mm/dd/yy): 09/7/2008
ASDR Table of Contents
Description
Draw strong boundaries among application elements, including modules, functions and data, to limit the impact of potential attacks.
Examples
- Design
- Separate internal administrator's functions from external users' functions
- Differentiate between validated data and unvalidated data, between one user's data and another's, or between data users are allowed to see and data that they are not.
- In a web browser ensure that your mobile code cannot be abused by other mobile code.
- Implementation
- Hide internal details of a class, including data and methods, using private access modifier.
Related Vulnerabilities
Related Controls
