Clarifications on my Security Stack Piece

In a recent discussion a colleague mentioned that my self-coined terminology in the security stack article was somewhat confusing. While I intentionally did this to make sure that the security stack was being treated as an entity in itself, I agree that the new terminology might actually do more harm than good.

Therefore, please find a ‘map’ from my terms to the ones that are more common in the network protocol stack. The first phrase is my new term, then follows a mapping to more common terms:

  1. physical network security – Link Layer (layer 2), not to be confused with the actual physical layer 1
  2. network transport security – Layer 3 and 4 in the seven layer OSI/ISO stack
  3. platform security – Session security
  4. application transport security – Also session security, but I think it would be important to make a distinction here between the platform session and the application session
  5. application security - Same. 

I hope that this clarifies the original intent a little and makes it more readable. Thanks to Nico Williams for pointing this out.  

Leave a Reply

Your email address will not be published. Required fields are marked *