Tuesday, January 13, 2009

The World of Web Security

Web security, application security, browser security, Web application security, Ajax security, etc. We have an environment of very terribly confusing nomenclature. I’m hoping with to use this diagram as visual aide to better describe the Web Security landscape. Hopefully this will also allow us to use terminology a little bit more accurately (of which I am an offender). Talk about a lot to know, there are worlds of data within each bubble.


8 comments:

Russ McRee said...

Jeremiah,
I think this is a useful and thought provoking visualization. To borrow from Raffael Marty's "A picture is worth a thousand log entries.", I believe this visualization may lend to illuminating the "worlds of data" and "confusing nomenclature" in a fashion more easily consumed by a general audience.

Jeremiah Grossman said...

Thanks Russ, much appreciated. Sometimes things get so complicated its becomes worthwhile to spend a moment and paint a picture. Having small children to educate has helped me develop these skills.

Cyberlocksmith said...

Excellent. I like it. However, does copyright mean that we can use this diagram to champion the cause wherever we 'hang our shingle' as long as we keep the copyright reference in the diagram?

Jeremiah Grossman said...

Thanks. The copyright notice I tossed in so people could know where it originally came from. As long as the notice remains, its completely free to use... just like all my other pretty pictures. :)

Anonymous said...

Nice picture, but you've forgotten the "user" bubble...
C:

Jeremiah Grossman said...

That would fall under the Web Browser / Client bubble

Matt Presson said...

What about client apps? They also fall under the Application Security umbrella.

Jeremiah Grossman said...

I wanted to focus solely on "Web Security" area in context of the larger "Application Security." Client apps would seem to fall outside of that scope.