MODULE 02 // LAYER ARCHITECTURE

MODULE 03 // SECURITY LAYER

Defense in Depth.

ABIS is not a replacement for existing security—it's an additional layer. Effective security architecture means designing ABIS as a checkpoint that enhances UX rather than degrading it.

LAYERED SECURITY MODEL

Defense in depth means multiple independent security layers, where compromise of one layer doesn't compromise the entire system. ABIS operates as a behavioral analysis layer distinct from authentication (who you are), authorization (what you can do), and encryption (data protection).

The key principle: separate analysis from enforcement. ABIS should return risk scores and recommendations, but the application layer makes the final decision. This separation enables graceful degradation—if ABIS is unavailable, authentication and authorization still function.

Critical architectural patterns include: non-blocking analysis (async execution for read operations), risk-based step-up authentication (require 2FA for high-risk actions), adaptive rate limiting based on behavioral scores, and comprehensive audit logging across all security layers.

LAYER 1: NETWORK PERIMETER

Firewall, DDoS protection, WAF. Blocks malicious traffic before it reaches your application. ABIS operates after this layer.

LAYER 2: AUTHENTICATION

Verifies user identity through credentials, tokens, or certificates. ABIS requires authenticated identity to analyze behavior patterns.

LAYER 3: BEHAVIORAL ANALYSIS (ABIS)

Analyzes user behavior patterns, device fingerprints, and action sequences. Returns risk score independent of identity verification.

LAYER 4: AUTHORIZATION

Permission checks based on user roles and resource ownership. ABIS risk scores can influence authorization decisions.

LAYER 5: APPLICATION LOGIC

Business rules and workflow enforcement. Uses ABIS risk context to make informed decisions (e.g., auto-approve vs manual review).

LAYER 6: DATA ENCRYPTION

Encryption at rest and in transit. Protects data even if other layers are compromised. Independent of ABIS.

LAYER 7: AUDIT & MONITORING

Comprehensive logging of all security events including ABIS risk assessments. Enables forensic investigation and compliance.

KNOWLEDGE CHECK // Q03

Why is it important to separate ABIS analysis from enforcement decisions in security architecture?

Previous All Modules Next