What are the most critical aspects of security in an Object-Oriented Software system?

Some of the critical aspects of ensuring security in software developed with OOP principles are-

  • Least scope design – keep classes and data members “private” by default
  • Minimize attack surface – redesign to eliminate the need for global variables and have minimal, if any, public classes
  • Use inheritance with care – when elevating a class from “private” to “protected” be absolutely sure that the design demands it
  • Do not inherit from deprecated packages and classes
  • Ensure that the objects are thread-safe
  • Use system-level APIs which require elevated permissions only if critical to the functionality of the design
  • Prevent an object from accessing another object by “never giving the first object a reference to the second”
  • Do not pass variables and objects by reference
  • Restrict the usage of an object by “wrapping it in a narrower interface”
  • Prevent misuse – Design interfaces to make it “difficult or impossible to use incorrectly”
  • Grant only “temporary access to an object by wrapping it in a revocable forwarder”