Characteristics of a Secure Application

  1. Correctness of Processing: If an application doesn't ensure that the computations and changes that it makes are accurate, the integrity of the data becomes questionable and data may become useless or not reliable.
  2. Completeness of the Updates: When an update is only partially integrated into the application, or if the update is missing information, the application will suffer from outdated information, leading to wrong decision making.
  3. Correctness of the Updates: Just as with incorrect input, incorrect updates result in corrupted data and wrong decisions (i.e., breach of integrity). Verification of all critical updates for correctness has to be provided through the application to ensure that no critical update is wrong and that the critical updates are fully accurate in all respects.
  4. Keeping the Integrity of Data in Storage: Data stored in a database must be modifiable only through the interface of the controlling application, and never directly through the backend or through any command-line script. Accessing a database directly leads to the breach of Confidentiality, Integrity, and Availability.
  5. Keeping the Integrity of Data in Transmission: Data often needs to travel from system to system, such as with inter-continental e-commerce transactions. To protect it from Man-in-the-Middle or Man-in-the-Browser attacks, the transmitting app could use mechanisms like encryption.