Talk:Application Security Architecture Cheat Sheet

I noticed some thing are missing here - taking a page from OWASP SAMM. Any application architecture must always begin with requirements. I have found requirements to come from the following sources:

- Laws - Standards - Business Policies - Customers - Operations - Business Stakeholders - Project Stakeholders

All of these governance issues inform the rest of the architecture - in other words it is cross-cutting. Layers in the architecture cake are:

- Business View (Context) - Architect View (Concept) - Designers View (Logical) - Builders View (Physical) - Trade View (Component) - Facilities View (Operational)