This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Use encapsulation"
From OWASP
Weilin Zhong (talk | contribs) (Added contents provided by Fortify.) |
|||
Line 6: | Line 6: | ||
==Examples == | ==Examples == | ||
− | * Design | + | * Design |
− | * Implementation | + | ** Separate internal administrator's functions from external users' functions |
+ | ** Differentiate between validated data and unvalidated data, between one user's data and another's, or between data users are allowed to see and data that they are not. | ||
+ | ** In a web browser ensure that your mobile code cannot be abused by other mobile code. | ||
+ | * Implementation | ||
+ | ** Hide internal details of a class, including data and methods, using private access modifier. |
Revision as of 15:41, 21 July 2006
This is a principle or a set of principles. To view all principles, please see the Principle Category page.
Description
Draw strong boundaries among application elements, including modules, functions and data, to limit the impact of potential attacks.
Examples
- Design
- Separate internal administrator's functions from external users' functions
- Differentiate between validated data and unvalidated data, between one user's data and another's, or between data users are allowed to see and data that they are not.
- In a web browser ensure that your mobile code cannot be abused by other mobile code.
- Implementation
- Hide internal details of a class, including data and methods, using private access modifier.