Talk:Application Security Architecture Cheat Sheet

Revision as of 17:23, 2 April 2012 by Dennis Groves (Talk | contribs)

Jump to: navigation, search

I noticed some thing are missing here - taking a page from OWASP SAMM. Any application architecture must always begin with requirements. I have found requirements to come from the following sources:

- Laws
- Standards 
- Business Policies 
- Customers
- Operations 
- Business Stakeholders
- Project Stakeholders

All of these governance issues inform the rest of the architecture - in other words it is cross-cutting. Layers in the architecture cake are:

- Business View (Context)
- Architect View (Concept)
- Designers View (Logical)
- Builders View (Physical)
- Trade View (Component)
- Facilities View (Operational)