Chapter 6. Application Security

In the prior chapters, we talked about external elements that can influence and drive required security controls, which form a baseline of security measures that our system needs to take into consideration. To strike a balance between the cost of security measures and the actual business value, i.e., decreasing the risk to the organization, we need to complement or change those baseline security measures with measures that address specific risks that the exposed system faces. This will allow us to bring the cost of security measures in line with the actual business benefit. Because of this, we need to investigate the inner workings of the system to comprehend its functioning.

In our role as security architects, we’re working closely with architects from other domains to comprehend, construct, expand, and customize the system. The security architecture evolves alongside the overall system architecture as it develops throughout the course of the system’s lifetime, turning into an iterative process. To begin the architectural thought process, we must first establish the system’s functional building blocks. In the first part of this chapter, we will decompose the system to understand its functional building blocks, trust boundaries, data flows, and interactions. In the second phase, we will examine the exposure of the system to threats, the inherent vulnerabilities of the current system architecture, and the risks this poses to the organization. This ...