Complete Mediation
Learn the importance of mediation when providing access to protected resources.
We'll cover the following
Overview
Complete mediation supports the “trust but verify” principle. Many applications use protected resources like databases, file shares, authentication servers, and so on. When software interacts with these types of resources, its design should ensure that this interaction takes place in a circumspect way
A database with a single open connection
Software shouldn’t open a connection to a database and leave that connection open for the duration of the user’s session. This is like opening the door for a guest, then leaving it open for the rest of the day. While it was opened for a specific purpose, the persisted open connection presents a potential opportunity for attackers to gain access to sensitive data and files.
Get hands-on with 1400+ tech skills courses.