Correct processing in applications

Objective: To prevent errors, loss, unauthorised modification or misuse of information in applications.

Appropriate security controls, validation methodologies and audit trails or activity logs should be designed into application systems.

Input data validation

Data input into application systems should validated.

Control of internal processing

Data processed by application systems should be validated.

Message integrity

A message authentication system should be considered for applications that have a requirement to protect the integrity and authenticity of the message content.

Output data validation

Data input from application systems should validated.

An Introduction To Information, Network and Internet Security
Correct processing in applications Objective: To prevent errors, loss, unauthorised modification or misuse of information in applications. Appropriate security controls, validation methodologies and audit trails or activity logs should be designed into application systems. Input data validation Data input into application systems should validated. Control of internal processing Data processed by application systems should be validated. Message integrity A message authentication system should be considered for applications that have a requirement to protect the integrity and authenticity of the message content. Output data validation Data input from application systems should validated.	The Security Practitioner An Introduction to Information Security
Return To An Introduction to Information Security