Building security into the SDLC Definitions

  • A

    access control list (ACL)

    An access control list (ACL) is a table that tells a computer operating system which access rights each user has to a particular system object, such as a file directory or individual file.

  • application firewall

    An application firewall is an enhanced firewall that limits access by applications to the operating system (OS) of a computer... (Continued)

  • application security

    Application security is the use of software, hardware, and procedural methods to protect applications from external threats. Once an afterthought in software design, security is becoming an increasingly important concern during development as applications become more frequently accessible over networks and are, as a result, vulnerable to a wide variety of threats.

  • authorization

    Authorization is the process of giving someone permission to do or have something.

  • B

    bug

    In computer technology, a bug is a coding error in a computer program.

  • C

    cross-site request forgery (XSRF or CSRF)

    Cross-site request forgery (XSRF or CSRF) is a method of attacking a Web site in which an intruder masquerades as a legitimate and trusted user... (Continued)

  • S

    SQL injection

    A SQL injection (SQLi) is a type of security exploit in which the attacker adds Structured Query Language (SQL) code to a Web form input box in order to gain access to unauthorized resources or make changes to sensitive data.

  • systems development life cycle (SDLC)

    The systems development life cycle (SDLC) is a conceptual model used in project management that describes the stages involved in an information system development project, from an initial feasibility study through maintenance of the completed application.

  • W

    WS-SecureConversation (Web Services Secure Conversation Language)

    WS-SecureConversation, also called Web Services Secure Conversation Language, is a specification that provides secure communication between Web services using session keys. WS-SecureConversation, released in 2005, is an extension of WS-Security and WS-Trust. (Continued...)

-ADS BY GOOGLE

SearchCloudComputing

SearchAppArchitecture

SearchITOperations

SearchAWS

Close