Management must develop some level of trust that the organization’s computer system will not allow a breach of security of the information assets it stores, processes, or provides access to. Laws and regulations require commercial organizations to ensure the security of the sensitive information their information systems store, process, and provide access to.
The computer system includes the bare metal hardware, the firmware, and the operating system. The computer architecture provides natural opportunities to implement security controls. The application architecture provides natural opportunities to implement security controls. Application architectures include:
The client layer
The presentation layer
The application layer
The middleware ...