The fundametal security problem with web applications ----- that all user input is
not trust----gives rise to numbers of security machanisms that application uses to
defend themselve against attact. All machanisms employ the concept similary.
The defense machanisms employed by web application compromise the following
core elements
1 handling user access to the application`s data and functionality prevent user gain
unauthorsized access.
2 handling user input to the application`s to functions to prevent malformed input
from causing undesirable behaviors.
3 handling attackers to ensure that the application behaves appropriately
4 managing application itself by enabling the admintrators to monitor its activity and
configure the functionality.