What are principles of secure programming?

The basic principles for secure programming would be as follows

(a) authentication: Provinding of your identity eg Username & Password,

(b) authorization: Providing access certain areas of your application to varying users eg free section & premium section,

(c) data integrity: transfer of data from source to destination should be consistenteg encoding & decoding,

(d) confidentiality: secure transfer of data eg hashing algorithm

1. the polymorphism

2. the encapsulation

3. platfrom independent

An critical first step to develop a secure application is an effective training plan that allows developers to learn important secure coding principles and how they can be applied.  Compliance with this control is assessed through Application Security Testing Program (required by MSSEI6.2) , which includes testing for secure coding principles described in OWASP Secure Coding Guidelines:

1. Input Validation
2. Output Encoding
3. Authentication and Password Management (includes secure handling of credentials by external services/scripts)
4. Session Management
5. Access Control
6. Cryptographic Practices
7. Error Handling and Logging
8. Data Protection
9. Communication Security
10. System Configuration
11. Database Security
12. File Management
13. Memory Management
14. General Coding Practices

You can also have alook at this useful links:

https://www.securecoding.cert.org/confluence/display/seccode/Top+10+Secure+Coding+Practiceshttp://blogs.computerworld.com/application-security/21425/5-key-principles-successful-application-security-program