Strong Parameters were introduced in Rails 4:
It provides an interface for protecting attributes from end-user assignment. This makes Action Controller parameters forbidden to be used in Active Model mass assignment until they have been whitelisted.
Basically, it means only certain param values will be sent through your controller to the model (thus allowing you more control over which data is handled by Rails)
DRY
If you're wanting to use strong params for multiple controllers, or just want to DRY up the process, we use this:
#app/controllers/application_controller.rb
private
#Strong Params
def permitted_params
@resource = self.resource_class
@model = "#{@resource}".downcase.to_sym
attributes = @resource.attribute_names + %w(custom items here)
params.permit(@model => attributes)
end