quartz/content/notes/19-security.md

title	aliases	tags	sr-due	sr-interval	sr-ease
19-security		cosc202 lecture	2022-07-03	30	250

• why cybersecurity is a growing concern
  • more software ∴ more dependecies ∴ more complex ∴ more "surface area" of risk of vulnerability
• sketch confidentiality, integrity, and avalability security
  • confidentiality - protecting data from being stolen
  • integrity - attacks on data with the aim to decieve users
  • avalability - e.g., DDoS
• appreciate that dependencies cause security risks
  • vulnerabilities in dependencies extend to your code

• explain risks from non-validation of user input

• outline how injection attack works
  • malicious input to manupulate underlying database

security