Application Security Lecture Review

A set of vocabulary flashcards based on key concepts discussed in the Application Security lecture.

Availability

Ensures that programs, data, processing, and resources are accessible when needed.

Integrity

Maintains the accuracy and trustworthiness of data and systems.

Confidentiality

Protects sensitive information from unauthorized access and disclosure.

Database Management System (DBMS)

Software used to manage databases, ensuring data integrity, security, and accessibility.

Transaction Persistence

Ensures that completed transactions are stored permanently in the database.

Denial of Service (DoS)

An attack that restricts legitimate users from accessing services by overwhelming resources.

ACID Test

A set of properties (Atomicity, Consistency, Isolation, Durability) that guarantee reliable transaction processing.

Buffer Overflow

A vulnerability where excess input data overflows into adjacent memory, potentially leading to exploits.

Malware

Software designed to disrupt, damage, or gain unauthorized access to computer systems.

SQL Injection

A code injection technique that allows attackers to execute malicious SQL statements.

Change Management

A process to ensure that changes to a system are introduced in a controlled and coordinated manner.

Object Reuse

The risk that an object might contain residual sensitive data after its previous use.

Logic Bomb

Malicious code triggered under specific conditions, often secretly embedded in a system.

Spyware

Software that collects user information without their consent, often bundled with other software.

Botnets

Networks of infected computers controlled remotely to carry out malicious activities like DDoS attacks.

Isolation (in Acidity)

Ensures that transaction results are not visible until all processes are complete.

Garbage Collection

The de-allocation of storage after program execution to prevent sensitive data leakage.

Access Controls

Mechanisms that restrict access to authorized users only.