• Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint

18.4. Accounting

Designing and implementing moderately complex software that works reliably while satisfying its design goals can be difficult. Designing and building secure software is significantly more difficult. An error or omission in the design or implementation of software may provide avenues that can be exploited by cheaters and attackers. Unfortunately, designing, building, and testing for security will not necessarily make an application completely secure. Just as there are functional bugs in software, there are usually security flaws. Unlike most software bugs, which may be reported with great passion by your customers, cheaters and attackers are unlikely to tell you about the security flaws they discover in your software.

Accounting provides an electronic "paper trail" to detect and diagnose security flaws. An essential component of a secure application is that it automatically provides a complete accounting of every significant thing it was asked to do and every action it took in response. In particular, the application software, in conjunction with the server it is running on, should provide detailed information about:


PREVIEW

                                                                          

Not a subscriber?

Start A Free Trial


  
  • Creative Edge
  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint