Browse Definitions :

business logic

What is business logic and how does it work?

In programming, business logic is the part of a software program responsible for implementing the business rules that define how data should be created, modified, transformed, communicated and in other ways managed and controlled. An application's business logic serves as its backbone, providing the foundation necessary to drive the application's core processes, workflows and other operations.

Business logic determines how and when to carry out operations such as transactions or calculations, building off the applicable business rules. Business logic defines the tasks and procedural steps necessary to perform these operations, often incorporating if-then logic that determines task flow. The business logic also controls interactions between business objects and defines the parameters that determine how each task is executed.

Examples of business logic

Here's one use case: A business rule for an e-commerce site might specify the proper amount of sales tax that should be applied to each sale based on the customer's location and what the customer purchased. To enforce this business rule, the application's business logic defines a sequence of operations that carry out the following tasks:

  1. Gather the necessary sales information from the presentation layer or user interface.
  2. Determine if a sales tax applies to this specific location and product by querying the backend database. If no sales tax applies, skip to Step 5.
  3. Calculate the amount of tax for the particular sale.
  4. Add that sales tax to the sales total.
  5. Communicate the results to the presentation layer.

Calculating sales tax is only one of the many operations the business logic must address for an e-commerce site. For example, it might also need to apply discounts; calculate shipping charges; check inventory levels; verify payment methods, including credit card information; update contact information or carry out other tasks that ensure the validity of the information entered. At the same time, these operations must be carefully orchestrated to ensure consistency and reliability, while managing the flow of data and ensuring its security.

An application's business logic lies at the heart of any enterprise and is responsible for a range of business processes and operations that encode the applicable business rules. Business logic enforces data consistency across the organization's domain to ensure its integrity and reliability. It also controls which users and services can access and modify data, while at the same time preventing modifications that could affect the data's integrity and reliability.

Business logic plays a key role in the three-tiered architecture commonly used in application design. The tiers include a presentation layer, a business logic layer and a data access layer. The business logic layer acts as an intermediary between the presentation and data access layers, while supporting the application's core business functions. The business logic layer implements the components necessary to process and manipulate data, execute workflows and manage communications between the three layers.

Business logic vulnerabilities

Because business application logic plays such a vital role in application design, cybercriminals often target this layer, looking for flaws in either its design or implementation. In some cases, an organization might not realize that an application has been under attack until it's too late and the system and its data have already been compromised.

To mitigate the risks from cyberthreats, development teams should consider security and privacy early in the design stage, with development and security teams working closely together toward the common goal of data protection. They should also incorporate good development practices such as code reviews, security testing and ongoing monitoring.

Automated user interface testing includes maintenance, change management, debugging and business logic challenges. Learn how IT teams can navigate these obstacles.

This was last updated in December 2023

Continue Reading About business logic

  • subnet (subnetwork)

    A subnet, or subnetwork, is a segmented piece of a larger network. More specifically, subnets are a logical partition of an IP ...

  • Transmission Control Protocol (TCP)

    Transmission Control Protocol (TCP) is a standard protocol on the internet that ensures the reliable transmission of data between...

  • secure access service edge (SASE)

    Secure access service edge (SASE), pronounced sassy, is a cloud architecture model that bundles together network and cloud-native...

  • intrusion detection system (IDS)

    An intrusion detection system monitors (IDS) network traffic for suspicious activity and sends alerts when such activity is ...

  • cyber attack

    A cyber attack is any malicious attempt to gain unauthorized access to a computer, computing system or computer network with the ...

  • digital signature

    A digital signature is a mathematical technique used to validate the authenticity and integrity of a digital document, message or...

  • What is data privacy?

    Data privacy, also called information privacy, is an aspect of data protection that addresses the proper storage, access, ...

  • product development (new product development)

    Product development -- also called new product management -- is a series of steps that includes the conceptualization, design, ...

  • innovation culture

    Innovation culture is the work environment that leaders cultivate to nurture unorthodox thinking and its application.

  • organizational network analysis (ONA)

    Organizational network analysis (ONA) is a quantitative method for modeling and analyzing how communications, information, ...

  • HireVue

    HireVue is an enterprise video interviewing technology provider of a platform that lets recruiters and hiring managers screen ...

  • Human Resource Certification Institute (HRCI)

    Human Resource Certification Institute (HRCI) is a U.S.-based credentialing organization offering certifications to HR ...

Customer Experience
  • What is an outbound call?

    An outbound call is one initiated by a contact center agent to prospective customers and focuses on sales, lead generation, ...

  • What is lead-to-revenue management (L2RM)?

    Lead-to-revenue management (L2RM) is a set of sales and marketing methods focusing on generating revenue throughout the customer ...

  • What is relationship marketing?

    Relationship marketing is a facet of customer relationship management (CRM) that focuses on customer loyalty and long-term ...