Big4Guy

Confessions, Thoughts, Observations and Musings of a Big4Guy

Big4Guy

Welcome to Big4Guy.com. Big4Guy is an online resource where I will share with you the latest news, insights, knowledge and some experiences as a Big 4 consultant. We will discuss some of the important issues which organisations are facing today in the areas of information security, security and controls in SAP R/3, Oracle Applications, J.D.Edwards, Peoplesoft and various other ERP's. You will also find information on latest complaince regulations like Sarbanes Oxley, Basel II and so on. Big4guy will also attempt to provide valuable resources for individuals interested in examinations the CISA, CISM, CISSP, PMP and various other security certifications considered essential for entry in any Big 4 accounting, auditing and consulting firms. You are invited to post your comments and viewpoints to posts here. I sincerely hope this online journal will be useful to everyone from a budding student to a professional in the accounting, auditing, management and consultancy professions.

Post details: Concept of ISO OSI Layers - Application Layer 7 Vulnerabilities and Controls

01/11/06

Permalink 09:26:58 pm, Categories: Information Security, 176 words   English (US)

Concept of ISO OSI Layers - Application Layer 7 Vulnerabilities and Controls

Continuing my series on the ISO OSI layers, I am discussing Layer 7 Application Layer today. The Application Layer 7 supports application and end-user processes. Some of the most crucial functions performed by this layer are

- identification of communication partners
- identification of quality of service
- user authentication in the application
- data syntax

One thing to note is that everything in this layer is application specific.This layer provides application services for file transfers, e-mail, and other network software services. Telnet and FTP are applications that exist entirely in the application level. Tiered application architectures are part of this layer. The application layer has its share of vulnerabilities such as wrong programming logic in application, backdoors in application, design issues, weak user authentication etc. To look on the positive side, controls such as strong authentication, intrusion detection systems to monitor traffic, firewalls, strong access controls, testing of application code etc help in overcoming the vulnerabilities present in the application layer.

More on Information Security >>

7 Steps to Better Security
Anatomy of a Strong Security Program
Evaluating an ERP
Internet Security

Permalink Leave a comment

Comments:

No Comments for this post yet...

Official Websites

Categories


Archives

  • SAP GRC Virsa Rule Sets Updates
  • SAP MM Requirements for Setting up Plant
  • Lessons Learned Log for ASAP Implementation
  • SAP Solution Configuration Realization Phase
  • SAP MDM Master Data Import Manager Loading Data into SAP MDM
  • Compliance Calibrator SOD Conflicts Remediation Strategy
  • SAP Workload Analysis Monitor Tools ST03N
  • SAP BW Data Staging Basics Tutorial
  • How to Implement BW Infoobject Level Security
  • SAP BW Admnistrator Authorizations S_RS_ADMWB
  • BIW Reporting Auth Objects S_RS_COMP
  • SAP BW Security Authorization Objects for SAP BW
  • more...

    • Search

    Google

    Web Big4Guy.com

    September 2008
    Mon Tue Wed Thu Fri Sat Sun
    <<  <   >  >>
    1 2 3 4 5 6 7
    8 9 10 11 12 13 14
    15 16 17 18 19 20 21
    22 23 24 25 26 27 28
    29 30          

    Misc

    Syndicate this blog XML

    What is RSS?