“Tools do not make software secure! They help scale the process and help enforce policy.” – Michael Howard
Today I spent a bit of time working on a security model for any web application that hopefully other teams besides lds.org will use. I decided to share it with all since I had a hard time finding existing resources online. I am still working on the detailed description of each task. I will make that available after I complete it. For now here is the model:
Please let me know your suggestions so I can improve it.