From the course: ISC2 Certified Secure Software Lifecycle Professional (CSSLP) (2023) Cert Prep
Join today to access over 24,100 courses taught by industry experts.
Data-flow security
From the course: ISC2 Certified Secure Software Lifecycle Professional (CSSLP) (2023) Cert Prep
Data-flow security
- [Instructor] By understanding how data flows through your application, you can build those flows in a way that reduces the likelihood of compromise. Your conversations around data flow security should start with an in-depth discussion around potential concurrency risks. Your developers will be creating applications designed to handle multiple users at the same time. When those users start vying for access to the same resources, you may run into concurrency issues. Concurrency is the idea that your application can enable multiple users to access the same thing simultaneously, ideally without breaking anything and without violating any integrity controls. Fortunately, the database your development team chooses will likely have some native concurrency controls built into the technology. These controls often revolve around locking data, although there's more than one way to go about this. Pessimistic locking refers to locking an object the entire time it's being used, before anything…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.