Chapter 11. Application Security

This chapter presents the following:

• Various types of software controls and implementation

• Database concepts and security issues

• Data warehousing and data mining

• Software life-cycle development processes

• Change control concepts

• Object-oriented programming components

• Expert systems and artificial intelligence

Applications and computer systems are usually developed for functionality first, not security first. To get the best of both worlds, security and functionality would have to be designed and developed at the same time. Security should be interwoven into the core of a product and provide protection at different layers. This is a better approach than trying to develop a front end or wrapper that may reduce the overall functionality and leave security holes when the product has to be integrated with other applications.