From the course: CSSLP Cert Prep: 1 Secure Software Concepts
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Authorization
From the course: CSSLP Cert Prep: 1 Secure Software Concepts
Authorization
- [Instructor] Strong authentication controls can go a long way toward keeping the wrong people from gaining access to sensitive data within your apps. But how can you distinguish between who should have access to certain data and who shouldn't? This is where authorization controls come into the equation. Authorization controls focus on granting users the appropriate level of access to specific resources within your app. If your users can really prove that they are who they say they are, then proper authorization controls will enable those users to do what they came to do after they log in. Broken authorization controls can prevent users from being able to use the app, which represents an availability risk. The bigger risk, though, is when someone bypasses broken authentication controls and gains access to something they shouldn't be able to access. This represents a risk to both the confidentiality and the integrity of…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.