16.1. What Does Security Mean?
As a developer, you may not have had to worry too much about security. This is especially true if you have been working just on applications that are used primarily on your machine or in your department in the office. If this is the case, then you may not have to read the rest of this chapter. However, if you are creating InfoPath forms and distributing those forms around your company, you need to have more information about what you have to do to secure those forms and what it takes to work with Windows and Internet security. There are four major pieces to developing a good secure application that define security itself. They are:
Authentication: This is kind of like a secret handshake. The typical network handshake uses authentication such as the challenge response approach, where the challenge is sent by the server and the user's machine creates the response with no intervention from you. Custom-built security solutions challenge a person with the user credentials, and he/she has to log in.
Authorization: A way of giving authenticated users no, partial, or full trust over the resource being requested. For example, on a network, certain people have certain permissions to change, edit, and delete files on shared areas; others have no authorization to do anything but read files.
Data Integrity: This is very important in this day and age as hackers are finding more and more ways to break down the security barriers we strive to implement, which results ...
Get Beginning InfoPath™ 2003 now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
