Browse Definitions :

business logic

What is business logic and how does it work?

In programming, business logic is the part of a software program responsible for implementing the business rules that define how data should be created, modified, transformed, communicated and in other ways managed and controlled. An application's business logic serves as its backbone, providing the foundation necessary to drive the application's core processes, workflows and other operations.

Business logic determines how and when to carry out operations such as transactions or calculations, building off the applicable business rules. Business logic defines the tasks and procedural steps necessary to perform these operations, often incorporating if-then logic that determines task flow. The business logic also controls interactions between business objects and defines the parameters that determine how each task is executed.

Examples of business logic

Here's one use case: A business rule for an e-commerce site might specify the proper amount of sales tax that should be applied to each sale based on the customer's location and what the customer purchased. To enforce this business rule, the application's business logic defines a sequence of operations that carry out the following tasks:

  1. Gather the necessary sales information from the presentation layer or user interface.
  2. Determine if a sales tax applies to this specific location and product by querying the backend database. If no sales tax applies, skip to Step 5.
  3. Calculate the amount of tax for the particular sale.
  4. Add that sales tax to the sales total.
  5. Communicate the results to the presentation layer.

Calculating sales tax is only one of the many operations the business logic must address for an e-commerce site. For example, it might also need to apply discounts; calculate shipping charges; check inventory levels; verify payment methods, including credit card information; update contact information or carry out other tasks that ensure the validity of the information entered. At the same time, these operations must be carefully orchestrated to ensure consistency and reliability, while managing the flow of data and ensuring its security.

An application's business logic lies at the heart of any enterprise and is responsible for a range of business processes and operations that encode the applicable business rules. Business logic enforces data consistency across the organization's domain to ensure its integrity and reliability. It also controls which users and services can access and modify data, while at the same time preventing modifications that could affect the data's integrity and reliability.

Business logic plays a key role in the three-tiered architecture commonly used in application design. The tiers include a presentation layer, a business logic layer and a data access layer. The business logic layer acts as an intermediary between the presentation and data access layers, while supporting the application's core business functions. The business logic layer implements the components necessary to process and manipulate data, execute workflows and manage communications between the three layers.

Business logic vulnerabilities

Because business application logic plays such a vital role in application design, cybercriminals often target this layer, looking for flaws in either its design or implementation. In some cases, an organization might not realize that an application has been under attack until it's too late and the system and its data have already been compromised.

To mitigate the risks from cyberthreats, development teams should consider security and privacy early in the design stage, with development and security teams working closely together toward the common goal of data protection. They should also incorporate good development practices such as code reviews, security testing and ongoing monitoring.

Automated user interface testing includes maintenance, change management, debugging and business logic challenges. Learn how IT teams can navigate these obstacles.

This was last updated in December 2023

Continue Reading About business logic

  • local area network (LAN)

    A local area network (LAN) is a group of computers and peripheral devices that are connected together within a distinct ...

  • TCP/IP

    TCP/IP stands for Transmission Control Protocol/Internet Protocol and is a suite of communication protocols used to interconnect ...

  • firewall as a service (FWaaS)

    Firewall as a service (FWaaS), also known as a cloud firewall, is a service that provides cloud-based network traffic analysis ...

  • identity management (ID management)

    Identity management (ID management) is the organizational process for ensuring individuals have the appropriate access to ...

  • fraud detection

    Fraud detection is a set of activities undertaken to prevent money or property from being obtained through false pretenses.

  • single sign-on (SSO)

    Single sign-on (SSO) is a session and user authentication service that permits a user to use one set of login credentials -- for ...

  • change management

    Change management is a systematic approach to dealing with the transition or transformation of an organization's goals, processes...

  • IT project management

    IT project management is the process of planning, organizing and delineating responsibility for the completion of an ...

  • chief financial officer (CFO)

    A chief financial officer (CFO) is the corporate title for the person responsible for managing a company's financial operations ...

  • core HR (core human resources)

    Core HR (core human resources) is an umbrella term that refers to the basic tasks and functions of an HR department as it manages...

  • HR service delivery

    HR service delivery is a term used to explain how an organization's human resources department offers services to and interacts ...

  • employee retention

    Employee retention is the organizational goal of keeping productive and talented workers and reducing turnover by fostering a ...

Customer Experience
  • martech (marketing technology)

    Martech (marketing technology) refers to the integration of software tools, platforms, and applications designed to streamline ...

  • transactional marketing

    Transactional marketing is a business strategy that focuses on single, point-of-sale transactions.

  • customer profiling

    Customer profiling is the detailed and systematic process of constructing a clear portrait of a company's ideal customer by ...