Use encapsulation

Jump to: navigation, search

This is a principle or a set of principles. To view all principles, please see the Principle Category page.


Draw strong boundaries among application elements, including modules, functions and data, to limit the impact of potential attacks.


  • Design: Separate internal administrator's functions from external users' functions
  • Implementation: Hidde internal details of a class, including data and methods, using private access modifier.

Related Principles

Related Threats

Related Attacks

Related Vulnerabilities

Related Countermeasures


This article is a stub. You can help OWASP by expanding it or discussing it on its Talk page.