Application Security for Beginners
I would like to write today about the similarities between software security and security of a residential premise. A residential premise or complex can be compared to an organization’s application landscape.
The network boundary would correspond to the compound of the premise. No one is allowed inside this without proper identification. This check would be done by the Firewall . Firewall would allow authenticated traffic to pass through just like a security check post.
In a department store in a shopping complex, we have area where customers can easily come and look at the items or ask for help to the staff. The staff will then provide the goods the customer wants, pack it and bill it. This is similar to a Demilitarized Zone where Webservers, reverse proxies will sit. They will be accessible to outside world and will communicate with application servers, database servers behind the Firewall.
Within the complex, we have individual buildings. These buildings can have their own security staff. The security will verify the visitors and provide access if they stay there or someone staying can identify. In some apartments, residents have a digital card which is used to gain access to building lobby or lift level. This can be compared to Application Security where each user has to authenticate themselves using a key (username/password).
When the visitor leaves the premises, their entry is updated with the time they left. This is similar to Logout or Session invalidation.
There are other concepts on:
How to make the entire process sturdy (levels of security),
What should be the fallback plan (disaster recovery)
How to handle burglary or intrusion (network attack)
How to protect against attempts of theft or forceful break-ins (Secure coding and design)
I will bring you the second part of this series soon.