An Introduction To
Objective: To prevent errors, loss, unauthorised modification or misuse of information in applications.
Appropriate security controls, validation methodologies and audit trails or activity logs should be designed into application systems.
Input data validation
Data input into application systems should validated.
Control of internal processing
Data processed by application systems should be validated.
A message authentication system should be considered for applications that have a requirement to protect the integrity and authenticity of the message content.
Output data validation
Data input from application systems should validated.
The Security Practitioner
An Introduction to Information Security