Application Security Notes Authentication Session Management Access Control Fundamental points of an Web Application but are directly related to a attack surface.
