Conceptual representation of a generic application
Layered diagrams come naturally to networking weenies
Attempt to identify all components in an application transaction
Act as an aid for identifying risks and placing security measures
Put security ON THE THING TO BE SECURED
Don't rely on one layer to solve another layer's problems
|
User |
Client |
Network |
Firewall |
Content Server |
Business Application |
Data |
Assets |
|