Application and Interface Security

From Hornbill
Jump to: navigation, search

Application and Interface Security

All Hornbill code is generated inhouse and utilizes the best language for the given task (ServerSide is C++, Client side {including apps} is HTML\JS\PHP).

All applications and all programming interfaces are designed with the NIST principles in mind and tested against the OWASP top 10. These Automated and manual tests are used to detect security defects (amongst others) in code prior to production. Inputs are sanity checked and integrity routines in place against application and databases to prevent manual or systematic processing errors, corruption of data, or misuse.

Hornbills architecture, design and development processes all incorporate indepth consideration of the OWASP Top 10 Application Security Risks - 2017. Hornbill seeks to ensure its staff and processes are informed about the consequences of the most common and most important web application security weaknesses.

Hornbills data security model is Principle of least privilege and based on the idea of minimum rights for each individual to perform any given task. All access is checked\granted by the server as required from the list of rights associated with the account at the time of use and can be elevated to perform the action if the user is permitted. If multiple roles\rights are associated with the user that would permit an action then the lowest is used

The principle of least privilege means.

  • Better system stability. When code is limited in the scope of changes it can make to a system, it is easier to test its possible actions and interactions with other APIs.
  • Better system security. When code is limited in the system-wide actions it may perform, vulnerabilities in one application cannot be used to exploit the rest of the machine. For example, should their be an issue with Service Manager this cannot impact Project Manager.
  • Ease of deployment. In general, the fewer privileges an application requires the easier it is to deploy within a larger environment.
Personal tools
Namespaces

Variants
Views
Actions
Navigation
Tools