Web application security - the fast guide 1.1 | Page 14

Chapter 1 - information Security overview
Application
P a g e | 14
proxy
Requests
Figure 4: isolate the application using proxy
Even though the presented approaches are categorized in different classes but a
hybrid use can be applied sometimes depending of the nature of application.
1.3 Layered Security
Attacker
Network Layer
Platform Layer
Application Layer
Data Layer
Attacker
Response
Layer
Figure 5: layers based security
One of the most efficient ways to deal with security issues in general and
informatio n security in specific is to apply a layered based model in order to be
able to understand threats and apply necessary countermeasures for it.
What makes this model suitable for security is the architecture of network and
information systems nowadays where most of the interactions are between
users and information systems through the network as a set of requests sent
from the beneficiary to the server that will handle the request, process any sent
information, retrieve or manipulate data.in that context the data become the core
of model as it is the main important asset that need to be protected.
Many models were created to embody the layered security approach from
different perspectives.
Some models took in consideration the security policy and user dimension and
other focus more on the main layers: