Labels:text | screenshot OCR: User User Name Application Filtered returned dala SQL Reqifest Security Logic If user id not in Database Engine [ Burleson', Archangel, Thayer') Unfiltered returned data If InternalAuthority = no credit" move spaces to CreditHistory else Move spaces to AllSecureFields FIGURE 2 Application-level security requires programmers to control access to the data manually. The security exposure occurs when the data is accessed outside the application.