Security is a crucial and complex aspect which can fill several books in itself. It must be considered from the very beginning of a project, as well as taken into account for all decisions to be made. Nevertheless, in our case, for the sake of didacticism, it has been postponed to the final chapter so that we have all the pieces in the jigsaw of which our application consists. Two application areas can be distinguished:
Client-side security: Applications run in a client machine, with all the derived risks of this practice. Basically, it exposes our code to its analysis and possible exploits.
Server-side and communication security: Our applications communicate with a backend located in the server to retrieve and store data. In this case, security must be added for the data not to be exposed to unauthorized users or operations.
Even though this is a comprehensive topic, in this chapter, we will try to cover the basics about what can affect a business application, both...