The methods of attack that are available are broad-ranging and insidious, yet many of them are available to even amateur hackers through the use of tools widely available on the Internet. For this reason, securing applications today is no small challenge. The principles presented in the chapters that follow help to guide the design of applications that are resistant to attack.
This chapter discussed the various kinds of attack, including categories and examples of social engineering attacks. The next chapter presents concepts for trust, which is an important foundation for understanding Chapter 7, "Access Control Containers," in which authorization and containment are discussed at length.