News Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Codewalkers.com:
The PAVISE of Security
July 31, 2006 @ 06:10:17

Codewalkers.com has posted a new tutorial today from Martin Psinas titled "The PAVISE of Security".

Join notepad as he tours safe coding practices. He presents an easy to remember mnemonic which explains each component to help keep secure coding practices at the forefront in your development.

In the tutorial he talks about the bad reputation that PHP seems to be gathering and how it's less about the langauge and more about the applications written in it. His response is shown the the acronym in the title: PAVISE- Privacy, Administration, Validation, Integrity, Sociology and Environment.

  • Privacy deals with keeping server-related info away from the client (what it shouldn't see)
  • Administration suggests knowing how things are configured, even if you don't have the access to change them
  • Validation (a huge factor) keeps the user data entered from doing bad things to you and your application
  • Integrity is the overall strength of your application
  • Sociology talks about methods to protect yourself from the social engineering that can happen to anyone
  • Environment requires knowing if you're working on a secure platform or not, which could undermine all other efforts

Under each of the headings items are listed out and detailed to help give you a more concrete example. Code examples are also included where appropriate.

2 comments voice your opinion now!
tutorial pavise security provacy admin validate integrity sociology environment tutorial pavise security provacy admin validate integrity sociology environment


blog comments powered by Disqus

Similar Posts

Ed Finkler's Blog: New Inspekt Build Available

DevShed: Building Sample Programs for an IP-to-country Mapping Application

Mike Willbanks's Blog: Building and Maintaining a PEAR Server with Pirum

SitePoint PHP Blog: How to Implement User Log-in with PayPal

Community News: WordPress 2.1.1 Dangerous, Upgrade


Community Events

Don't see your event here?
Let us know!


language voicesoftheelephpant interview introduction podcast version community laravel5 list unittest laravel library extension release opinion framework wordpress api php7 series

All content copyright, 2015 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework