ABSTRACT
Implementing effective security in the netcentric computing environments often means finding and dealing with the weakest link in a large system of complex and dynamic links. By designing security into a netcentric solution and implementing the appropriate application, infrastructure, and procedural controls, security can be appropriately aligned with business risk. The security objectives and requirements are applied to a variety of layers that exist in the physical computing environment. The physical layer is the first line of defense. It represents basic controls like access to buildings and computer rooms. The database and application layers provide additional controls on accessing data. Networks are increasingly replacing individual computers, and access to all kinds of computing resources — such as central processing unit cycles, disk storage, and random access memory — are being mediated by the network instead of individual boxes.
