Chapter 8. Logical Security

The initial key to protecting an information system from unauthorized access lies in the design and programming of logical security controls into the system, whether it is an operating system, a database management system (DBMS), or an application program. Before logical security controls can be designed, the project design team must first be aware of the significant risks to which the system may be exposed. The degree of risk will have an impact on the types of logical security controls that need to be designed into the system as well as the number of controls and their relative strength. High-risk systems would obviously warrant the time and resources to design a greater number of robust logical security controls than a low-risk system.

Get Auditing Information Systems, Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.