Difference between revisions of "Don’t trust services"

Jump to: navigation, search
m (Reverted edits by BastrOcmon (Talk) to last version by KirstenS)
Line 1: Line 1:
[http://s1.shard.jp/olharder/automation-control.html automation control inc product] [http://s1.shard.jp/olharder/automatic-watch.html heating pad automatic ] [http://s1.shard.jp/losaul/this-day-in-australian.html latest cricket score between south africa and australia ] [http://s1.shard.jp/olharder/email-promotions.html autogas lpg conversion ] [http://s1.shard.jp/galeach/new170.html asianeuro ] [http://s1.shard.jp/olharder/automatic-pig.html runescape hacks and autominers ] [http://s1.shard.jp/olharder/xp-logs-off-automatically.html reiter automotive north america ] [http://s1.shard.jp/losaul/little-tykes-toys.html little tykes toys western australia] [http://s1.shard.jp/frhorton/hwct2dcpc.html tourist attraction in africa ] [http://s1.shard.jp/bireba/notron-antivirus.html antivirus softwares downloads ] [http://s1.shard.jp/frhorton/7bbhgy4dh.html jabutiafrica ] [http://s1.shard.jp/bireba/error-1920service.html trend antivirus scan ] [http://s1.shard.jp/olharder/route-66-auto.html route 66 auto detailing mesa arizona] [http://s1.shard.jp/frhorton/lpujl5mms.html top ten african inventor ] [http://s1.shard.jp/frhorton/rkgv2463v.html eco africa usa inc ] [http://s1.shard.jp/bireba/windows-xp-antivirus.html windows xp antivirus download] [http://s1.shard.jp/bireba/www-avg-antivirus.html antivirus software for download ] [http://s1.shard.jp/frhorton/17h5odjs2.html african american marine corps generals ] [http://s1.shard.jp/frhorton/lth7qsfbq.html africa center flight south ] [http://s1.shard.jp/olharder/nada-used-auto.html nada used auto guide] [http://s1.shard.jp/galeach/new150.html anastasiaweb com ] [http://s1.shard.jp/bireba/alerta-antiviruses.html update norton antivirus ] [http://s1.shard.jp/galeach/new80.html asian tapestries] [http://s1.shard.jp/galeach/new99.html anastasia everything burns ] [http://s1.shard.jp/olharder/autoroll-654.html url] [http://s1.shard.jp/losaul/2006-australia.html liquor licensing act south australia ] [http://s1.shard.jp/galeach/map.html erythroplasia of queyrat ] [http://s1.shard.jp/bireba/avg-vs-avast.html avg vs avast antivirus] [http://s1.shard.jp/olharder/autoroll-654.html domain] [http://s1.shard.jp/losaul/australian-laws.html australian map outback ] [http://s1.shard.jp/olharder/auto-part-for.html aa auto parts ] [http://s1.shard.jp/olharder/auto-emissions-test.html grand theft auto 3 pc download ] [http://s1.shard.jp/frhorton/1oj3zcvfn.html african american baptist history ] [http://s1.shard.jp/bireba/antivirus-download.html avg6 antivirus ] [http://s1.shard.jp/olharder/autoroll-654.html top] [http://s1.shard.jp/olharder/automatic-dc-queue.html auto reservation select train travel ] [http://s1.shard.jp/frhorton/2u1ol1yan.html 26 africa aids coca cola in ] [http://s1.shard.jp/galeach/new5.html asian g girl string ] [http://s1.shard.jp/olharder/stltodaycom.html automotive previous customer events ] [http://s1.shard.jp/frhorton/4dyaal72j.html african american design hair ] [http://s1.shard.jp/losaul/buffy-convention.html australian food council ] [http://s1.shard.jp/galeach/new64.html asian tsunami video footage ] [http://s1.shard.jp/frhorton/gcc5hqqy1.html south africa travel agency ] [http://s1.shard.jp/frhorton/whhjm2ac8.html migration patterns in africa ] [http://s1.shard.jp/olharder/autoroll-654.html url] [http://s1.shard.jp/olharder/autoroll-654.html page] [http://s1.shard.jp/losaul/breeds-of-beef-cattle.html australia convention ] [http://s1.shard.jp/frhorton/qfadevngy.html african american organ donation ] [http://s1.shard.jp/olharder/download-autoroute.html auto california loan title ] 

Latest revision as of 10:45, 26 May 2009

This is a principle or a set of principles. To view all principles, please see the Principle Category page.

This article is a stub. You can help OWASP by expanding it or discussing it on its Talk page.

Last revision (mm/dd/yy): 05/26/2009


Services can refer to any external system.

Many organizations utilize the processing capabilities of third party partners, who likely have differing security policies and postures than they do. It is unlikely that you can influence or control any external third party, whether they are home users or major suppliers or partners.

Therefore, implicit trust of externally run systems is not warranted. All external systems should be treated in a similar fashion.

For example, a loyalty program provider provides data that is used by Internet Banking, providing the number of reward points and a small list of potential redemption items. However, the data should be checked to ensure that it is safe to display to end users, and that the reward points are a positive number, and not improbably large.


Short example name

A short example description, small picture, or sample code with links

Short example name

A short example description, small picture, or sample code with links

Related Vulnerabilities

Related Controls