Home >Backend Development >PHP Tutorial >PHP Security - Defense in Depth

PHP Security - Defense in Depth

黄舟
黄舟Original
2017-02-23 09:21:271418browse


Deep Defense

The principle of defense in depth is a well-known principle among security professionals. It illustrates the value of redundant security measures, which has been proven by history.

The principle of defense in depth can be extended to other fields, not just limited to programming. Skydivers who have used backup parachutes can attest to the value of redundant safety measures, although one never wants the main parachute to fail. A redundant security measure can play a significant role in the potential failure of primary security measures.

Returning to the field of programming, adhering to the principle of defense in depth requires that you always have a backup plan. If one security measure fails, another must provide some protection. For example, it is a good practice to reauthenticate users before performing important operations, even if there are no known flaws in your user authentication logic. If an unauthenticated user pretends to be another user in some way, prompting for a password can potentially prevent the unauthenticated (unverified) user from performing some critical operations.

Although defense in depth is a reasonable principle, excessively adding security measures can only increase costs and reduce value.

The above is the content of PHP security-in-depth prevention. For more related content, please pay attention to the PHP Chinese website (www.php.cn)!


Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn