Wiley Professional Cocoa Application Security 978-0-470-52595-1 Benutzerhandbuch
Produktcode
978-0-470-52595-1
Secure by Design
WHAT’S IN THIS CHAPTER?
Understanding your application’s security needs
➤
➤
Discovering the threats to your users
➤
➤
Identifying potential vulnerabilities
➤
➤
As with any other class of bug, addressing a security issue becomes more expensive the lon-
ger you wait to fix it. If there’s a problem in the design of the application, trying to fix it in a
bugfix release will be very costly because you’ll need to change multiple classes. You’ll also
need to understand and account for the myriad uses and configurations your customers have
in place, and be ready to support migration of all these to the new, fixed version of the applica-
tion. Addressing the issue the first time around means not only spending less time on the issue,
but also avoiding the additional (direct and indirect) costs of a security vulnerability out in the
field and coordinating a fix release. I once worked on a project for which we spent about three
weeks addressing an issue that had been caused by a bad choice of file system path in the plan-
ning phase, some years earlier.
ger you wait to fix it. If there’s a problem in the design of the application, trying to fix it in a
bugfix release will be very costly because you’ll need to change multiple classes. You’ll also
need to understand and account for the myriad uses and configurations your customers have
in place, and be ready to support migration of all these to the new, fixed version of the applica-
tion. Addressing the issue the first time around means not only spending less time on the issue,
but also avoiding the additional (direct and indirect) costs of a security vulnerability out in the
field and coordinating a fix release. I once worked on a project for which we spent about three
weeks addressing an issue that had been caused by a bad choice of file system path in the plan-
ning phase, some years earlier.
Of course it’s not going to be possible or even desirable to identify and fix every single vulner-
ability before writing any code. That’s a recipe for spending a great deal of money and taking
a very long time to get to market, by which time your competitors will have gotten their apps
to the customers. There is a principle software engineers have borrowed from economics called
the Pareto Principle, also known as the “80/20 rule.” The principle says that 80 percent of the
observable effects in any situation are often the result of only 20 percent of the causes. It’s a
good idea to follow the 80/20 rule in software design — addressing only the most important
issues so that the product is of a high enough quality to ship. Which of course leads us to the
question, “Which are the important issues?”
ability before writing any code. That’s a recipe for spending a great deal of money and taking
a very long time to get to market, by which time your competitors will have gotten their apps
to the customers. There is a principle software engineers have borrowed from economics called
the Pareto Principle, also known as the “80/20 rule.” The principle says that 80 percent of the
observable effects in any situation are often the result of only 20 percent of the causes. It’s a
good idea to follow the 80/20 rule in software design — addressing only the most important
issues so that the product is of a high enough quality to ship. Which of course leads us to the
question, “Which are the important issues?”
1
525951c01.indd 1
4/30/10 9:46:48 AM
COPYRIGHTED MATERIAL