Mexico City is the capital city of Mexico. It is the most important economic, industrial and cultural center in the country, and the most populous city with 8,836,045 inhabitants in 2008. Greater Mexico City incorporates 59 adjacent municipalities of Mexico State and 1 municipality of the state of Hidalgo, according to the most recent definition agreed upon by the federal and state governments. In the last national census (2005) Greater Mexico City had a population of 19.2 million people, making it the largest metropolitan area in the western hemisphere and the third largest in the world by population. The estimated population for the Metropolitan Area is 19,826,918 as of 2008. Mexico City is also the Federal District. The Federal District is coextensive with Mexico City: both are governed by a single institution and are constitutionally considered to be the same entity. This has not always been the case. The Federal District, created in 1824, was integrated by several municipalities, one of which was the municipality of Mexico City. As the city began to grow, it engulfed all other municipalities into one large urban area. In 1928, all municipalities within the Federal District were abolished, an action that left a vacuum in the legal status of Mexico City vis-à-vis the Federal District, even though for most practical purposes they were traditionally considered to be the same entity. In 1993, to end the sterile discussions about whether one concept had engulfed the other, or if any of the two entities had any existence in lieu of the other, the 44th Article of the Constitution of Mexico was reformed to clearly state that Mexico City is the Federal District, seat of the Powers of the Union and capital of the United Mexican States. Mexico City is located in the Valley of Mexico, also called the Valley of Anáhuac, a large valley in the high plateaus at the center of Mexico, at an altitude of 2,240 meters (7,349 ft). It was originally built by the Aztecs in 1325 on an island of Lake Texcoco.

Secure by Design

Secure by design, in software engineering, means that the software has been designed from the ground up to be secure. Malicious practices are taken for granted and care is taken to minimize impact when a security vulnerability is discovered or on invalid user input.

Generally, designs that work well do not rely on being secret. It is not mandatory, but proper security usually means that everyone is allowed to know and understand the design because it is secure. This has the advantage that many people are looking at the code, and this improves the odds that any flaws will be found sooner. Of course, attackers can also obtain the code, which makes it easier for them to find vulnerabilities as well.

Also, it is very important that everything works with the least amount of privileges possible (principle of least privilege). For example a Web server that runs as the administrative user (root or admin) can have the privilege to remove files and users that do not belong to it. Thus, a flaw in that program could put the entire system at risk. On the other hand, a Web server that runs inside an isolated environment and only has the privileges for required network and file system functions, cannot compromise the system it runs on unless the security around it is in itself also flawed.

Often the easiest way to break the security of a client/server system is not to go head on to the security mechanisms but instead to go around them. A man in the middle attack is a simple example of this, because you can use it to collect details to impersonate a user. Which is why it is important to consider encryption, hashing, and other security mechanisms in your design to ensure that information collected from a potential attacker won't allow access.

Another key feature to client-server security design is general good-coding practices. For example, following a known software design structure such as client and broker can help in designing a well built structure with a solid foundation. Furthermore that if the software is modified in the future it is even more important that it follows a logical foundation of separation between the client and server. This is because if a programmer comes in and cannot clearly understand the dynamics of the program they may end up adding or changing something that can add a security flaw. Even with the best design this is always a possibility, but the better standardized the design the less chance there is of this occurring.