Difference between revisions of "Talk:Application Security Architecture Cheat Sheet"

From OWASP
Jump to: navigation, search
(Application Security Architecture Feedback.)
 
(edit typos to make lists...)
 
Line 1: Line 1:
Aloha Jim.
+
I noticed some thing are missing here - taking a page from OWASP SAMM. Any application architecture must always begin with requirements.
 
+
I noticed some thing are missing here - taking a page from OWASP SAMM.
+
 
+
Any application architecture must always begin with requirements.
+
 
I have found requirements to come from the following sources:
 
I have found requirements to come from the following sources:
  
- Laws
+
- Laws
- Standards
+
- Standards  
- Business Policies
+
- Business Policies  
- Customers
+
- Customers
- Operations
+
- Operations  
- Business Stakeholders
+
- Business Stakeholders
- Project Stakeholders
+
- Project Stakeholders
  
 
All of these governance issues inform the rest of the architecture - in other words it is cross-cutting.
 
All of these governance issues inform the rest of the architecture - in other words it is cross-cutting.
 
Layers in the architecture cake are:
 
Layers in the architecture cake are:
  
Business View (Context)
+
- Business View (Context)
Architect View (Concept)
+
- Architect View (Concept)
Designers View (Logical)
+
- Designers View (Logical)
Builders View (Physical)
+
- Builders View (Physical)
Trade View (Component)
+
- Trade View (Component)
Facilities View (Operational)
+
- Facilities View (Operational)

Latest revision as of 18:23, 2 April 2012

I noticed some thing are missing here - taking a page from OWASP SAMM. Any application architecture must always begin with requirements. I have found requirements to come from the following sources:

- Laws
- Standards 
- Business Policies 
- Customers
- Operations 
- Business Stakeholders
- Project Stakeholders

All of these governance issues inform the rest of the architecture - in other words it is cross-cutting. Layers in the architecture cake are:

- Business View (Context)
- Architect View (Concept)
- Designers View (Logical)
- Builders View (Physical)
- Trade View (Component)
- Facilities View (Operational)